m.sendspace.com Open in urlscan Pro
2606:4700:e2::ac40:8d24 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.sendspace.com/file/jxgvfb
Submission Tags: falconsandbox
Submission: On March 30 via api (March 30th 2023, 9:34:01 pm UTC) from US — Scanned from DE

Summary HTTP 154 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 43 domains to perform 154 HTTP transactions. The main IP is 2606:4700:e2::ac40:8d24, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.sendspace.com.
TLS certificate: Issued by GTS CA 1P5 on March 7th 2023. Valid for: 3 months.

This is the only time m.sendspace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:e2:... 2606:4700:e2::ac40:8d24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::ac40:99f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	23.216.240.90 23.216.240.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.6.125.14 52.6.125.14	14618 (AMAZON-AES) (AMAZON-AES)
2	13.32.10.16 13.32.10.16	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2 8	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.97.8 18.66.97.8	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:1a00:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	18.66.112.121 18.66.112.121	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	52.57.32.9 52.57.32.9	16509 (AMAZON-02) (AMAZON-02)
9	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	52.18.27.55 52.18.27.55	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
2 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.122.67 18.66.122.67	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:1260:9dcc:1d0e:53e1	16509 (AMAZON-02) (AMAZON-02)
1 1	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
2	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
154	55

16 2606:4700:e2::ac40:8d24 (United States)

ASN13335 (CLOUDFLARENET, US)

m.sendspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.sendspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

adncdnend.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:99f6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.216.240.90 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-240-90.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.125.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-125-14.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.10.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-10-16.vie50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-8.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:1a00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.112.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-121.fra56.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.32.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-32-9.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.27.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-27-55.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-67.fra60.r.cloudfront.net

img.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:1260:9dcc:1d0e:53e1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.196.197.130 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.21 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	103 KB
16	3lift.com ib.3lift.com — Cisco Umbrella Rank: 1466 tlx.3lift.com — Cisco Umbrella Rank: 541 eb2.3lift.com — Cisco Umbrella Rank: 387 img.3lift.com — Cisco Umbrella Rank: 2581	71 KB
16	sendspace.com m.sendspace.com api.sendspace.com — Cisco Umbrella Rank: 274679	201 KB
15	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	231 KB
10	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 581	41 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381	9 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	21 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 75	5 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 309 aax.amazon-adsystem.com — Cisco Umbrella Rank: 412	61 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1045 id5-sync.com — Cisco Umbrella Rank: 437	35 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2947 google-bidout-d.openx.net — Cisco Umbrella Rank: 2875	680 B
3	33across.com ssc.33across.com — Cisco Umbrella Rank: 2759 ssc-cms.33across.com — Cisco Umbrella Rank: 1102	529 B
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 3838 a.ad.gt — Cisco Umbrella Rank: 3181	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	168 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 584	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 820 s.tribalfusion.com — Cisco Umbrella Rank: 2028	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4362	335 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	98 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1289 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1006	12 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1051	509 B
2	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4055	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7832	696 B
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 739	458 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1453	105 KB
2	azureedge.net adncdnend.azureedge.net — Cisco Umbrella Rank: 45239	158 KB
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 13859	523 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11294	292 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	717 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 804	714 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3163	104 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 670	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3194	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3449	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 4136	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	902 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1115	402 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2725	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1216	17 KB
0	mdn2015x4.com Failed t.mdn2015x4.com Failed
0	udmserve.net Failed udmserve.net Failed
154	43

	Domain	Requested by
15	m.sendspace.com	m.sendspace.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com m.sendspace.com tpc.googlesyndication.com
9	eb2.3lift.com	2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com ib.3lift.com
8	ib.adnxs.com	2 redirects adncdnend.azureedge.net acdn.adnxs.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com m.sendspace.com www.googletagservices.com tpc.googlesyndication.com
7	securepubads.g.doubleclick.net	adncdnend.azureedge.net securepubads.g.doubleclick.net m.sendspace.com
6	cm.g.doubleclick.net	2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
5	www.bing.com	2 redirects 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
4	fonts.googleapis.com	ib.3lift.com 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com m.sendspace.com
4	ib.3lift.com	2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com ib.3lift.com
4	www.google-analytics.com	m.sendspace.com www.google-analytics.com
3	www.gstatic.com	m.sendspace.com 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
3	www.google.com	1 redirects m.sendspace.com tpc.googlesyndication.com
3	mug.criteo.com
3	2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	adncdnend.azureedge.net c.amazon-adsystem.com
3	www.googletagmanager.com	m.sendspace.com adncdnend.azureedge.net www.googletagmanager.com
2	acdn.adnxs.com	adncdnend.azureedge.net
2	c1.adform.net	2 redirects
2	googleads.g.doubleclick.net	2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects
2	tlx.3lift.com	2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
2	www.googletagservices.com	2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com m.sendspace.com
2	id5-sync.com	cdn.id5-sync.com
2	prebid.a-mo.net	adncdnend.azureedge.net
2	hb-api.omnitagjs.com	adncdnend.azureedge.net
2	ssc.33across.com	adncdnend.azureedge.net
2	id.hadron.ad.gt	cdn.hadronid.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	cdn.id5-sync.com	m.sendspace.com securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.confiant-integrations.net	adncdnend.azureedge.net cdn.confiant-integrations.net
2	adncdnend.azureedge.net	m.sendspace.com adncdnend.azureedge.net
1	ssc-cms.33across.com	adncdnend.azureedge.net
1	im.bluevoox.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	img.3lift.com	2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	a.ad.gt	cdn.hadronid.net
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cdn.hadronid.net	m.sendspace.com
1	secure.cdn.fastclick.net	m.sendspace.com
1	api.sendspace.com	m.sendspace.com
0	t.mdn2015x4.com Failed	m.sendspace.com
0	udmserve.net Failed	adncdnend.azureedge.net
154	63

This site contains links to these domains. Also see Links.

Domain
www.sendspace.com

Subject Issuer	Validity	Valid
*.sendspace.com GTS CA 1P5	`2023-03-07` - `2023-06-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.confiant-integrations.net GTS CA 1P5	`2023-03-27` - `2023-06-25`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.hadronid.net GTS CA 1P5	`2023-02-11` - `2023-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
ssc.33across.com GTS CA 1D4	`2023-03-08` - `2023-06-06`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.a-mo.net R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-02-23` - `2023-06-11`	4 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://m.sendspace.com/file/jxgvfb
Frame ID: 2C6CD68BA0ABAB785EF86410AF5A47CE
Requests: 73 HTTP requests in this frame

Frame: https://m.sendspace.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680206400
Frame ID: E2C0429D9724BDA3616CD360F64829FF
Requests: 3 HTTP requests in this frame

Frame: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DCC92923DDF510449CD35985EF2E6DC7
Requests: 1 HTTP requests in this frame

Frame: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 524E18FC4391C06AB5BB304CEFACA3A3
Requests: 31 HTTP requests in this frame

Frame: https://m.sendspace.com/ints
Frame ID: 9604A1300CE6A51FB49497429F9BD54F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=m.sendspace.com
Frame ID: 42DEEC9644888E4B7AF14045B8E83AB1
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 72A5D0BF500E89C37F5EC93ABA83D1E7
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=56599
Frame ID: 08FE05C35E772CDE35B098F512C847CA
Requests: 1 HTTP requests in this frame

Frame: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90B717C88CA2CC5BE04DCF065A27F37B
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 135D234D9E55E5081963B44D48F400D0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FEA5F83AC18AD88C34C894B66319E4A3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51D2F41BF3F7897AF490E77CFD84F40D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js
Frame ID: 8D8798A79DD2FACAAEE6E5E269A5982A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BF887B519F782C21578A3130E019F7C1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD7258F44BF8A85A8520D487E017DA1F
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bBFK5uF5Wr7yoerkHcnlKl&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 08CDDD90F37641C2DCA1D3C37D9AB68E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 88C23C888C3E282C91E26FED10A0E47D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6A5C4D91C6EDCCB4AFBDB29C56ABDFC8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sendspace Mobile - File

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

154
Requests

90 %
HTTPS

51 %
IPv6

43
Domains

63
Subdomains

55
IPs

7
Countries

1430 kB
Transfer

4067 kB
Size

26
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sendspace.com/?desktop_version=true
Title: Desktop version

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://oajs.openx.net/esp?url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&rid=esp&cc=1

Request Chain 84

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=3ae649de-8976-43e1-a38f-57ac9c1a7958&oAdUnit=11730374&publisherId=250152235&rId=3d9cb306-93a0-4a0a-8fbf-99ae155a2e0b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D46ef3ad7b01f450e9a6fd46f8fa16f17%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=395540&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=erfreir&aid=42113603109083570523630&wp=0.039 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=46ef3ad7b01f450e9a6fd46f8fa16f17&SNR=1&GV=2&med=10

Request Chain 109

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sendspace.com&sn=ChromeSyncframe&so=0&topUrl=m.sendspace.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=X8bxTXxvWEdpdUFPWDhYVFRHYVZNZjhrNXJsT2R1eXdJVTJVQm9ZSC9RbW9QcWhSeDhJMWk0a1Z6VisyNTZaUVo0aUwwMy91V0FlZlRVbXYraW51V0R3ckNVSldZM21uTzRTd0RjQnRYSnVIWS9paUh0U2IvaGhISkZleXNmNURTcEpOU3hzenBPUGVsdlQ5eUM4MkxKNDZKd3RCbUVya1RnTERBbFcvTllBQzBGbW9TZ0JhQXJJL24vK3JseUpKYlpPT0dXQ2x4dXRhZnBTbkJxdXlKazZIa2dlSmpkdFJlY1lNYUtORUlTVEVGTDBnU0tZN0hReE9JOTdtazBuY3U4SVhuUUkyY0daNmpiNUNaU0JRSVRHamI1aVJmbXhvVzJEYW9HRlZueW5DRE1kOD18&cppv=2

Request Chain 126

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGC9tqvJB9zOGea7kVpxSls&google_cver=1&google_push=Aer7DvKhzDhpZNy595PO6zf6_jLE86RXENASf6P0T3qwXyKRvBbD3Kshj_Ux1PUmWjdYPSoVcWlyuSgHT4uAz5tGcz-ib2p1LEVbsd99&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKhzDhpZNy595PO6zf6_jLE86RXENASf6P0T3qwXyKRvBbD3Kshj_Ux1PUmWjdYPSoVcWlyuSgHT4uAz5tGcz-ib2p1LEVbsd99%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGC9tqvJB9zOGea7kVpxSls&google_cver=1&google_push=Aer7DvKhzDhpZNy595PO6zf6_jLE86RXENASf6P0T3qwXyKRvBbD3Kshj_Ux1PUmWjdYPSoVcWlyuSgHT4uAz5tGcz-ib2p1LEVbsd99&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKhzDhpZNy595PO6zf6_jLE86RXENASf6P0T3qwXyKRvBbD3Kshj_Ux1PUmWjdYPSoVcWlyuSgHT4uAz5tGcz-ib2p1LEVbsd99%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 127

https://um.simpli.fi/gp_match?google_gid=CAESEKIkVGMZsJTEb7tfv-PUVIE&google_cver=1&google_push=Aer7DvJNfbEo1pziKabURASIZ-YIXw6eBal0T4ghsdfGs4YMBOGzalSHZw7Bh08oyKa2sJRbPPmcv2a_mJBQPWO2ce8J-QbdUGJsTYT1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B9832542AC4CA8B1A89167E41F8F0E&google_push=Aer7DvJNfbEo1pziKabURASIZ-YIXw6eBal0T4ghsdfGs4YMBOGzalSHZw7Bh08oyKa2sJRbPPmcv2a_mJBQPWO2ce8J-QbdUGJsTYT1

Request Chain 128

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELJXZmEFY8D0bVGRZzZaIhQ&google_cver=1&google_push=Aer7DvI6eq8CxtGRXJSjk2SC7UmJW9XO6ocHtMo0vOVlb9bmTwbJejKQIBUucAjq035Z6hydD9_fCFJ2IBaZJXVVR-jhZci83phWOFlE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI6eq8CxtGRXJSjk2SC7UmJW9XO6ocHtMo0vOVlb9bmTwbJejKQIBUucAjq035Z6hydD9_fCFJ2IBaZJXVVR-jhZci83phWOFlE&google_hm=eS14TnBObEFWRTJwRzU4MFlvdmdwdzJjYzNWM1J2ZjRRTn5B

Request Chain 129

https://s.uuidksinc.net/match/47/?remote_uid=CAESELB9VT-9wGWVOLBIL3vZew4&c_param1=Aer7DvIcMQVxaTAN7ScWgobrRki207KQC_G7P_0F2MLXRSg3uCAtO3D28qqfJM4RNFrQW8HjrTyp9PBJbzLU_EW8mwM1pvk7KwtfFliV&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvIcMQVxaTAN7ScWgobrRki207KQC_G7P_0F2MLXRSg3uCAtO3D28qqfJM4RNFrQW8HjrTyp9PBJbzLU_EW8mwM1pvk7KwtfFliV

Request Chain 130

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELaeW6Jt1lI5lEX4SOCMAIs&google_cver=1&google_push=Aer7DvKmeq-AJPuD8_kDoMoUxUPeoSVJKUehJKLAApioabGS6ByLayzd-Z7igEajGHdtbclYK_bFgvvVB-EkSrAfIELvkUXjnfuKRwY HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELaeW6Jt1lI5lEX4SOCMAIs&google_cver=1&google_push=Aer7DvKmeq-AJPuD8_kDoMoUxUPeoSVJKUehJKLAApioabGS6ByLayzd-Z7igEajGHdtbclYK_bFgvvVB-EkSrAfIELvkUXjnfuKRwY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgwODUzMjU3ODE5NDY5NzI5OQ&google_push=Aer7DvKmeq-AJPuD8_kDoMoUxUPeoSVJKUehJKLAApioabGS6ByLayzd-Z7igEajGHdtbclYK_bFgvvVB-EkSrAfIELvkUXjnfuKRwY

Request Chain 131

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECsh0Pl9bBVo_-JrQFh2e-c&google_cver=1&google_push=Aer7DvLK1HDyRlZmbowKICAdZLaOOCd_rSz13r5fo8VTzz328vwV1GorG03FL4tYv9fk8gw72YuHieG2YXuBJR0nqlNdgTpbec-80BWEIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvLK1HDyRlZmbowKICAdZLaOOCd_rSz13r5fo8VTzz328vwV1GorG03FL4tYv9fk8gw72YuHieG2YXuBJR0nqlNdgTpbec-80BWEIw&google_hm=QlMuNDM3Yi1mMzM2LTRkMjktOWM5ZA==

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 136

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=3ae649de-8976-43e1-a38f-57ac9c1a7958&oAdUnit=11730374&publisherId=250152235&rId=3d9cb306-93a0-4a0a-8fbf-99ae155a2e0b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D46ef3ad7b01f450e9a6fd46f8fa16f17%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=395540&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=erfreir&aid=42113603109083570523630&wp=ZCYAQwAIT7wIu8aIAA6lW6jMMZ3qKAhPxua64A HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=46ef3ad7b01f450e9a6fd46f8fa16f17&tids=15000&med=10

Request Chain 144

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fm.sendspace.com%2F&domain=m.sendspace.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=ITR3G3xnVUJLTGVtZmhlZDJzOThOTVNXOHcvdTFWK3gxaGV4N1BaNXc5VTFubnprak84M0RhbTFEc09rT3NMVzBGUkppVTBiVS92SkdFdVAvTVBWVVJBRk9pVTM5dGFubzV6WmtxeXJnN0Y4Wit0am5mT1hodURYV3NoRUxZNVVkZFdtR3RjajIxVUw3Qk9qWWdlU2JidnY2MEk5NklCN3QzOStpcGV2VU5yeERSZXQ1WVhUU1p2NCs2RXJSbEFhbUs1MGwzQ1VIa3oyNXk3eTAwZHlCY1dFNVY2ODFnZUNRZWFaNGJmcUxOODRnWU5sL0pvS1lvMTZKdVNhQlRyYnQrcG1EbHVmT3FteWQzQmdEOEIwWnVySWo1WW5tVTN4ODJ2dTUwQjYyb1hBU2puRT18&cppv=2

Request Chain 149

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 150

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

154 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request jxgvfb Show response
m.sendspace.com/file/ 58 KB
14 KB 499ms
445ms Document
text/html 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb17bc0ca2c7e4903985b4f71c74b22fda9055f7a01383b4a23da6a80fdd02f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b03793e1d549280-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 30 Mar 2023 21:33:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVdJ82tbSCGCDGQbJqjHQ7SqMOFVKcNcQfU7bWQROu8KF6LHrB9j9GBgeNGTqU9MouebzkO7YVkByNWcljkFa2D0i0n%2BQ4CK%2FNbliEUIaFh1m9S7LEKuoEI2SAFCFcrjK8QSUCQt34fYARbg6R4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 font-awesome.min.css
m.sendspace.com/css/font-awesome-4.2.0/css/ 21 KB
5 KB 27ms
25ms Stylesheet
text/css 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/css/font-awesome-4.2.0/css/font-awesome.min.css?v=2.8
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/file/jxgvfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Dec 2018 14:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2788
etag: W/"5c26324e-55e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9CqXbA9RYjUv73ae05NvqEMN%2Bly%2B8SDdHtXvL2YlVrJ%2BVFUIOSL23NeE%2Fjt%2BDZwbPn%2FGgGgQsiEmSpcp4JWbPSOD%2BzAe8q2SedHRecckCgy95pd8TUvdpXtteSSeg9GSpJBIHP8y%2BJJKO0%2B7vE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b037940e95c9280-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 the.css
m.sendspace.com/css/ 20 KB
6 KB 28ms
27ms Stylesheet
text/css 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/css/the.css?v=2.8
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a3f461b1ba3e5a59c01d73346eecc72c1928961e0925567576e13b7f293b1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/file/jxgvfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2788
cf-polished: origSize=24289
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Dec 2018 14:25:18 GMT
server: cloudflare
etag: W/"5c26324e-5ee1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWbdBtVgpyQ%2Bv9yJ3K%2F50ufKiDuCw4UIBB94W2VkGdNwmA2L%2BdmSd7%2BXQPlGT5dX6dHCYHF1HwZ918hLH4yWjD6%2F503eefwbOzgl%2FewEYgQcPzhcFChGQmup%2Fj1Vqh9DpEvqxn7lq21t5GDDoOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b037940e95d9280-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 92ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M59HEE6XTT

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae15044f19a38c83bbb91a1ed720743259c504e633ff0bb946ab48e2138e0324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81815
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 30 Mar 2023 21:33:54 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
m.sendspace.com/js/ 94 KB
34 KB 30ms
29ms Script
application/x-javascript 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/js/jquery-1.11.1.min.js
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/file/jxgvfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Dec 2018 14:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2788
etag: W/"5c26324e-1762a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GoPKKHns8L9zF%2FJ37MnkgGAITx%2FAeob7pPpq3inUpjAkHbpOkegMYEJT9SXe9g29rrj53P4OheIqrUpyQReZupD4uylizppB%2BWBB24NC766ko7nFKjdqFL7voNL6tA7t5fGgUWvhJ4QJyNvw08%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 7b037940f95e9280-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo.png
m.sendspace.com/img/ 4 KB
4 KB 56ms
51ms Image
image/png 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.sendspace.com/img/logo.png
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c837d90608e82ec170f17069094229592019eb31e3e233cff8f11070e29804d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/file/jxgvfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Dec 2018 14:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4024
etag: "5c26324e-e4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlJfwes9vb%2Fit95gWF4cPi7agSi2pylGv1y9vlIjVFrVE3cFpMJ%2BvaBNXSMTi9dU6b%2FG1Jgre5w8S71K8%2Bq9zjxkpWxzraXmqTLG6KCcc263ThoUERBXclvGovhopvapfWCd%2BM4m8YrO%2FQqqvqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b0379414e28373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3661

GET
H2 200 jquery.cookie.js Show response
m.sendspace.com/js/ 2 KB
1 KB 25ms
25ms Script
application/x-javascript 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/js/jquery.cookie.js?v=2.8
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1595af6ee22da3ba266e7d0cc06e6e185c8325aebe766ac93de9559e737a046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/file/jxgvfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1153
cf-polished: origSize=3128
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Dec 2018 14:25:18 GMT
server: cloudflare
etag: W/"5c26324e-c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDdhJ%2Bj1IxuTqzJM4jX%2BVbJ75oJvzoq4GDeeAr7XaDrdfSNJmmJRnmDL1uU5bzcBPKG%2BeWJrQpsLsIs%2FYzWPZ9BgTCvQllR2LQTpxgCTaAfDRBVB8ReGOhiPDX8HEQsp2th1ejKzBzbI5wv7YOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 7b0379411a109280-FRA

GET
H2 200 clipboard.min.js Show response
m.sendspace.com/js/ 10 KB
4 KB 28ms
28ms Script
application/x-javascript 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/js/clipboard.min.js?v=2.8
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/file/jxgvfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Dec 2018 14:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 779
etag: W/"5c26324e-2780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3g35ZQ7vjDWQ0JcwpUI6Yoo6RaDI2pNpXzCtsO8C6lZM1Jeiy8B0abY5aLWuWIeki6QPRNW8gSRUsunWM5q6Ua1XfqK7ZSjWcKXW7KCCe3Mnccx7bvbAzFfPA1gYXj1NFsjVzc3N21zWkDLEVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 7b0379413a249280-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 the.js Show response
m.sendspace.com/js/ 99 KB
25 KB 33ms
32ms Script
application/x-javascript 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/js/the.js?v=2.8
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 379cbaf900ff4ea2a20025201f3fc892f368b5655d34e17fe0810572007176ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/file/jxgvfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5734
cf-polished: origSize=128392
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Dec 2018 14:25:18 GMT
server: cloudflare
etag: W/"5c26324e-1f588"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jug5UBvpU8Q0OJg6WYb7JNPdmINyj%2F2fAu6Lkse5lEhDcmwGAOEax4lF2KDU8xuS%2F%2BsZ%2FAn7jDtSxixsIdobVyobTHKW7T2xi8STTBlOJV1ppEDrftODCbMiA0MnOFroLs6tSRRCsMcpQg0R1L0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 7b0379414e1f373a-FRA

GET
H2 200 sendspace.adn.js Show response
adncdnend.azureedge.net/adtags/ 24 KB
5 KB 98ms
18ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adncdnend.azureedge.net/adtags/sendspace.adn.js
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CDF) /
Resource Hash: 8c9e62f5b31610337f723af8acb26c8222fda793fc09fad9a59db68560e90c7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: gzip
content-md5: M29m/MMNAYUKU4DlNbBBWg==
age: 43971
x-cache: HIT
content-length: 4863
x-ms-lease-status: unlocked
last-modified: Mon, 13 Mar 2023 09:03:09 GMT
server: ECAcc (frc/4CDF)
etag: 0x8DB23A1C47D4EB5
vary: Accept-Encoding
content-type: text/javascript
x-ms-request-id: 15750e00-101e-004d-65e8-62c7b1000000
cache-control: max-age=86400
x-ms-version: 2009-09-19
expires: Fri, 31 Mar 2023 21:33:54 GMT

GET
H3 200 buildings.png
m.sendspace.com/img/ 5 KB
5 KB 26ms
25ms Image
image/png 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.sendspace.com/img/buildings.png
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/css/the.css?v=2.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b17b43134d02ba194004ebb6dc63c940a749730f01f7e34677e513dfe8e2ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/css/the.css?v=2.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Dec 2018 14:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4024
etag: "5c26324e-1267"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dWI3kkoT%2Br7hPQtDUvT8MArPCNidx3zqVHk5SyPt9WGocncNICpzcM%2FDRkvEvEWKgvT8mhBhZbaelWXKV4VLuQ3DmmwTeXFZAgF7wGTPcAy5A0mYxZk1SH1zc0HXPNQQ39Eix%2Bu7Gi9zJ2uX0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b0379418e6b373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4711

GET
H3 200 fontawesome-webfont.woff
m.sendspace.com/css/font-awesome-4.2.0/fonts/ 64 KB
64 KB 29ms
28ms Font
application/octet-stream 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/css/font-awesome-4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/css/font-awesome-4.2.0/css/font-awesome.min.css?v=2.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://m.sendspace.com/css/font-awesome-4.2.0/css/font-awesome.min.css?v=2.8
Origin: https://m.sendspace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Dec 2018 14:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5711
etag: "5c26324e-ffac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rB5KJXEIFxZcxzTUuEHOjIsRPk5qZ9Nu5pKsl69pjPt5AKVXGGmLj%2BQ8m6rTe0r7WAukuToZxEamMZNRH233zJ0AslgGhtqMlGzojVolWcGJIUesnjEZ5ZFzAMdrMLcjdiqqzp5i8BtAo1etBMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b0379418e6c373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65452

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
18ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 20:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5323
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 30 Mar 2023 22:05:11 GMT

GET
H2 200 / Show response
api.sendspace.com/rest/ 301 B
828 B 1365ms
1273ms XHR
text/xml 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sendspace.com/rest/?method=anonymous.fileInfo&file_id=jxgvfb
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/js/jquery-1.11.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8093bc864b547fad1afbdedfdcc501d79e5e989e24b37c5fe7e5701be4019b3

Request headers

Accept: */*
Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Mar 2023 21:33:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szxJ2DoVR9t01V89CWGgM2twfPNNuClVm4ATLctSEoeDyJJZ8Qv13G%2BPjaQn4O9LesHx%2B70Wa3FsgetNlF0BPmUr0lcTSNnyoKDPoPXMUv7xeMtZleNkV9L1dREGAmBU%2FlZ8wDvd8VvEPQ5aoiNSsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/xml;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache,no-store,max-age=0,s-maxage=0,must-revalidate
cf-ray: 7b0379426b8b918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 invisible.js Show response
m.sendspace.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame E2C0 27 KB
12 KB 30ms
29ms Script
application/javascript 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680206400
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c60ab5aac1bfa933bbc662985aaf45926424b1c50591d756ad97452686d99216

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSoT2CNhOO5AdAcGJMTgb4pyqISyU37vYqWBP%2Fzc63N6VvsiIeJBJgmdeD3b5oPq3vUQwNteZFSgu20Vz0HtzNrp7pEelqK36wEa8YH1MsK4Ar5wssy1yXKR9V8bU9W0EMuAjOUQjU2hKE4Lj%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b037941decf373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 prebidLibTest.js Show response
adncdnend.azureedge.net/adtags/ 491 KB
153 KB 31ms
29ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/sendspace.adn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D04) /
Resource Hash: fc067ccfac437c3de8779c2482a6e041398623a58e4307faf9c8f10d2e7a54af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: gzip
content-md5: v0X8xjc2vJfIntQ5jjAiMA==
age: 46623
x-cache: HIT
content-length: 156650
x-ms-lease-status: unlocked
last-modified: Thu, 02 Mar 2023 08:35:38 GMT
server: ECAcc (frc/4D04)
etag: 0x8DB1AF91988D285
vary: Accept-Encoding
content-type: text/javascript
x-ms-request-id: effa3c9a-b01e-007b-53e2-624ac1000000
cache-control: max-age=86400
x-ms-version: 2009-09-19
expires: Fri, 31 Mar 2023 21:33:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 89ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/sendspace.adn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ec67255454c1dc79e82a676cd9fe3896d52f6af54a73778a97af6b22c794643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27308
x-xss-protection: 0
server: sffe
etag: "1527 / 145 of 1000 / last-modified: 1680174703"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Mar 2023 21:33:54 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 224 KB
55 KB 96ms
21ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/sendspace.adn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:24:00 GMT
content-encoding: gzip
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 19:29:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 595
x-amz-server-side-encryption: AES256
etag: W/"9bc5c23889e7664ec16504ac1d3adeb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: qklROScgjaTSsPZaiuzjnabX3V04MQx5HyeioKz-p4fQOYWuQeeFfA==

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/d2ehZtyVAa1kXxOtMxFp7XciXcU/gpt_and_prebid/ 151 KB
34 KB 103ms
29ms Script
text/javascript 2606:4700:4400::ac40:99f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/d2ehZtyVAa1kXxOtMxFp7XciXcU/gpt_and_prebid/config.js
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/sendspace.adn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c06b530aa6007baddab45e19ea7239b7295009dc7b59004bbf89e0e030d0db4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 18:43:41 GMT
server: cloudflare
x-amz-request-id: JVK8MVY4YR4DBKV4
age: 702
etag: W/"b6b162559cab63ec20b318f766fe0146"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7b0379426f3b3801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /3t1YXRg3tqevWCkSWhlB2fJenYVvX8ovWJMolUhpP5CJ7xPwTf4VHf85pIQu8893f8cA13hA0Y=

GET
H3 200 pica.js
m.sendspace.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame E2C0 7 KB
4 KB 38ms
36ms Other
application/javascript 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dba6161b974d3d24ea65896aa4708a2ac534e8fda585495353bdfd9800a276a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:54 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VX4xvPzQK59ELg8Ja6npTEY5hx5maTrtzc%2FURcM1d1cxbvLXwlKqD68YllLOEB3twqd98SQOG5EZH%2F2WoTXSAVWiEbYv4%2BiLejpo5dS0WEJZat%2FUzvikdJDvI5PSjxHXp6c528wS6cwAGI2EWiQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b0379422f29373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 82ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M59HEE6XTT&gtm=45je33r0&_p=1544816142&cid=902921447.1680212035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680212034&sct=1&seg=0&dl=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&dt=Sendspace%20Mobile%20-%20File&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M59HEE6XTT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
145 B 26ms
25ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1544816142&t=pageview&_s=1&dl=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&ul=en-us&de=UTF-8&dt=Sendspace%20Mobile%20-%20File&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=747102729&gjid=1839590505&cid=902921447.1680212035&tid=UA-2221170-3&_gid=2013482263.1680212035&_r=1&_slc=1&z=1048372544

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 18ms
18ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1544816142&t=pageview&_s=2&dl=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&dp=%2Ffile%2Fjxgvfb&ul=en-us&de=UTF-8&dt=Sendspace%20Mobile%20-%20File&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=902921447.1680212035&tid=UA-2221170-3&_gid=2013482263.1680212035&z=659423183

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12524
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2023032801.js Show response
securepubads.g.doubleclick.net/gpt/ 397 KB
134 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95cebae126b596b85b7633805c98d6be3b0ccc8558b8a0c0cdcd3a0fef0c6917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136767
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 08:36:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Mar 2024 14:40:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 793 B
386 B 97ms
53ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.sendspace.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

517ed4cec5d25135b0cbd7e404d3c2e42fedb12473d7a9067c5d6075c51dec7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 361
x-xss-protection: 0
expires: Thu, 30 Mar 2023 21:33:55 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 60ms
19ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: JWp1qp7MFzulJHtnMcdn8BBX506LKUt8
content-encoding: gzip
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date: Thu, 30 Mar 2023 02:17:48 GMT
x-amz-cf-pop: FRA56-P6
age: 69368
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 28 Mar 2023 02:10:35 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: jbm9GLYmHsDblReL6_oW03Hlg8rdmitBgnx6G87nT-rjfeM-rKtE4g==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 20ms
20ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fm.sendspace.com&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 8d39d8c07c66cc67e307318a80da7b3c45f7073a2e1d7e01bfb05c9256a5240d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:00:45 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 9189
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://m.sendspace.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1577
x-amz-cf-id: rABeHKDZ43_L9oQu4fDA42pOM_tl8nd1j7ZsnvqjR0uhcQ8WUCYoxA==

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202302281347/ 231 KB
71 KB 34ms
31ms Script
application/javascript 2606:4700:4400::ac40:99f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202302281347/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/d2ehZtyVAa1kXxOtMxFp7XciXcU/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9ac13bac7ab829224e6232b3ce729cdee42f28576b7482780e954ba99bd9092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Feb 2023 18:48:58 GMT
server: cloudflare
x-amz-request-id: K9104ZJCETNZS4N0
age: 1960464
etag: W/"c7c5fc8c5f2964e83a60d38bc1d58640"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7b037943486d3801-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: nFE+PsAySszELpppx1WYIt6R/SCsadHOZPpcpr0L7HOs8OPy5LegUybQCK2Id4UEhNJn+t4KItk=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 35ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-249368521-23

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/sendspace.adn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82186d07a0195f052038974d6c440b7939559c59db3fd3b48e27f64b2515be1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44821
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 21:10:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Mar 2023 21:33:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-249368521-23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M59HEE6XTT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbbb2a1221add0b610c5b8a7ebfbab5e245010d6101db4e5aa09e0ed424ec800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44816
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 21:10:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Mar 2023 21:33:55 GMT

POST
H3 200 7b03793e1d549280 Show response
m.sendspace.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame E2C0 2 B
662 B 39ms
39ms XHR
text/plain 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/cdn-cgi/challenge-platform/h/b/cv/result/7b03793e1d549280
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680206400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGC9rjbX%2F7nXN3MN3%2B8jnNw3R%2BquApbkiMEKGi2GjxXpfN44qkmEqJQwHd7b6VU0zoh2APW5l%2BvbEDB%2B5z1i8%2BQyvABH1lbnh40y0d6bftSixxWsiYOO8A40AoxXHAu3K3A2nxfq9pyxL9btRow%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7b037944da38373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 113ms
28ms Script
application/javascript 23.216.240.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.240.90 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-216-240-90.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 30 Mar 2023 21:48:55 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 123ms
43ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&ref=&_it=amazon&partner_id=479
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
server: cloudflare
x-amz-request-id: HCP18NGB747326Q9
age: 6424
etag: W/"2280e2148e4ee3c06f679f8fac039778"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b03794569ed383d-FRA
x-amz-id-2: KbZ9NgFa2bn0C9xZwnKlp+RVzQg9EzsqAoZhIJmzk7In/Z4ogbyP1rORTM78n9zoUbgos2ctSt8=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 100ms
39ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e7427b8419cc7f191acc60e33a1afa153c59423f183182cb731f8a9f0c612d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 13:19:47 GMT
server: cloudflare
x-amz-request-id: 52TCH6ZDTKBFXHS2
age: 2821
etag: W/"8aee2c14f819a80ea38a4ce5f70b364a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7b03794548009bef-FRA
x-amz-id-2: 0srXVfD+9o96g+tSFsw5mAnaQO++Mc2ex88c4A7R/jjsS5lWgrbYRc+x5KGroBNcBUJDYqlvHUY=

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
458 B 111ms
110ms XHR
text/plain 52.6.125.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.125.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-125-14.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 30 Mar 2023 21:33:55 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 347ms
109ms Preflight 52.6.125.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.125.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-125-14.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://m.sendspace.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 30 Mar 2023 21:33:55 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 182ms
77ms XHR
text/javascript 13.32.10.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&pid=wzM3DrGvM0yiM&cb=0&ws=1600x1200&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F339474670%2C22859693164%2FSendSpace%2FSticky_Footer_0%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F339474670%2C22859693164%2FSendSpace%2FSticky_Footer%22%7D%5D&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.10.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-10-16.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-C2
x-amz-rid: 4B7CAJRZTS5A1QZ3J46G
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://m.sendspace.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: m_f88taN8sl274XloBiR-gwJz338MACnloWJmaDaNXX8wdWwcuZS2g==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 185ms
85ms XHR
text/javascript 13.32.10.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&pid=wzM3DrGvM0yiM&cb=1&ws=1600x1200&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F339474670%2C22859693164%2FSendSpace%2FSendSpace_Interstitial_0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F339474670%2C22859693164%2FSendSpace%2FSendSpace_Interstitial%22%7D%5D&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.10.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-10-16.vie50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-C2
x-amz-rid: 57BXAB0GNKH5TVF278WW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://m.sendspace.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: vo9BvrXLiapEunTGypWqjQuVJIvYF15uN83gSSAP-sf1fYuEc0zSqw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 125ms
29ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.sendspace.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 86ms
29ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.sendspace.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 26ms
25ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1544816142&t=pageview&_s=1&dl=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&ul=en-us&de=UTF-8&dt=Sendspace%20Mobile%20-%20File&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=677332571&gjid=944455499&cid=902921447.1680212035&tid=UA-249368521-23&_gid=2013482263.1680212035&_r=1&gtm=457e33r0&jsscut=1&z=1090045654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 356ms
356ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3322605976018196&correlator=656214137063065&eid=31073462%2C31073490%2C31068366&output=ldjh&gdfp_req=1&vrg=2023032801&ptt=17&impl=fif&iu_parts=339474670%3A22859693164%2CSendSpace%2CSticky_Footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&adks=307293925&didk=2738659629&sfv=1-0-40&prev_scp=amznbid%3D1%26amznp%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1680212035492&lmt=1680212035&dlt=1680212034696&idt=674&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=902921447.1680212035&ga_sid=1680212035&ga_hid=1544816142&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cfd2edf65a6be6e2d38dbdc951f4c3e7505bdd452c9e97fffd3578a7d5fe194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 481215
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12007
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 826933
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DCC9 6 KB
3 KB 100ms
26ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.sendspace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 21:33:55 GMT
expires: Fri, 29 Mar 2024 21:33:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
402 B 69ms
20ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

b82156a924667c27e8e9ddb51cdc88678f9a7adca51d09a6b8c6962852571c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://m.sendspace.com
date: Thu, 30 Mar 2023 21:33:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 47 B
183 B 147ms
130ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=479&sync=0&domain=m.sendspace.com&url=https://m.sendspace.com/file/jxgvfb
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&ref=&_it=amazon&partner_id=479
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fe6ba404e732f03aad5d04a13232066a09edf31c70804c9f7b4f17f9b8c0efa

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://m.sendspace.com
cache-control: public,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
cf-ray: 7b0379474d75373b-FRA
content-length: 47

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 177ms
113ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=479&sync=0&domain=m.sendspace.com&url=https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://m.sendspace.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7b0379467c7f373b-FRA
content-length: 0
content-type: application/json
date: Thu, 30 Mar 2023 21:33:55 GMT
debug: OPTIONS block
expires: Fri, 29 Mar 2024 21:33:55 GMT
server: cloudflare

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
350 B 326ms
114ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bBFK5uF5Wr7yoerkHcnlKl
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: e33818ec56bd78b240e57478b0b81c9c8c22f96e32fc9614122f4a504f3cbec0

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://m.sendspace.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST img.fetch
udmserve.net/udm/ 0
0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 711 B
1 KB 136ms
47ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&PageUrl=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&PageReferrer=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

147bcdecee9aa09ceeb32409769c2c10015ba5f359255d712c6f31519bcc04e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:55 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 711
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
184 B 124ms
61ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://m.sendspace.com
date: Thu, 30 Mar 2023 21:33:54 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 37
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
829 B 99ms
24ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 21:33:55 GMT
AN-X-Request-Uuid: 412555c8-d366-4033-b373-e7a09c18d0d0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://m.sendspace.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
950 B 142ms
75ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1926f7ddf5421a6be1a8a54671bf7527d8b924aa0a6c7575276a11abddf37be4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 21:33:55 GMT
AN-X-Request-Uuid: 0d450d48-fdf2-4137-bdcd-45db2b8c5362
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://m.sendspace.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
325 B 79ms
27ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://m.sendspace.com
date: Thu, 30 Mar 2023 21:33:54 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 310ms
116ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bBFK5uF5Wr7yoerkHcnlKl
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 24011bdce04002f4dfddeb07f582d00600aa5a407b2b4b20ff5623407511ea20

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://m.sendspace.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST img.fetch
udmserve.net/udm/ 0
0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 714 B
766 B 193ms
126ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

84a7ef0eb5bc06e9a89adfc01947c0d11b7181798723dde655439c42e5a624b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:55 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 95
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 714
expires: 0

POST
H/1.1 200 1262.json Show response
id5-sync.com/g/v2/ 216 B
625 B 85ms
28ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1262.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

30e9254ced53254a591890aef6cfa52bd0abdbebad35b349e33c6bf4eb957a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://m.sendspace.com
date: Thu, 30 Mar 2023 21:33:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 158ms
68ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023032801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

398d92810681f544ac0f9f02fa035aadf870ed92721757305142b9b0fa9074eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11189
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 2017ms
1954ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 21:33:57 GMT

GET
H2 200 479 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 102ms
28ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/479?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&ref=&_it=amazon&partner_id=479
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a82a26a74556f094b346f81021fc3dd05909811b43f05d747e22cb9fcbb80e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 21:31:59 GMT
server: cloudflare
age: 116
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 7b037948996c3636-FRA

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
902 B 89ms
19ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 30 Mar 2023 21:33:55 GMT
x-content-type-options: nosniff
content-encoding: br
age: 30844
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-hhn-etou8220030-HHN
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 27ms
26ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 13:19:47 GMT
server: cloudflare
x-amz-request-id: K7G0NZ1YNTTBP3NV
age: 1969
etag: W/"c248fe2e1769ec0b3fd66c9a48efe1d4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7b0379484bf19bef-FRA
x-amz-id-2: TZ6mYZxPPj1RIz1F8rOp2MLkN25ttVaWFiLLKiZEzV51eTDYrXafg6P6O5gEqvYLNKN4hcgbMbY=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 99ms
25ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:40:27 GMT
via: 1.1 google
age: 3208
x-guploader-uploadid: ADPycdtRbjj0M9CFg_rvUTVAaDY-2CU1HJW_E0I1KX2XOMzF1JYQ1St1A9pUyGbsajpvtA3hXnKrG2PHqzEonaiUDQ3Qig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Thu, 30 Mar 2023 21:40:27 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 37 KB
12 KB 79ms
20ms Script
text/javascript 18.66.97.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:55:10 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 22:36:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 45526
x-amz-server-side-encryption: AES256
etag: W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: pbXhgn1Sb10Fw3KYHUhZ9UJo-fmYn8H8_Ka_NBs7JhyS5614UdgJig==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 95ms
22ms Script
text/javascript 2600:9000:2250:1a00:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1a00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 04:34:34 GMT
Via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 61161
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: litRCrjFo9P6Q7yvCFnBkpvRGJnE0JlffNpIPiv_A-wD_we_RtciFw==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 79ms
21ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 05:10:35 GMT
content-encoding: gzip
age: 1268600
x-guploader-uploadid: ADPycdsRdNetRtDsJgQiW3jYUzNf--RNUpFn-nwKEqicmnAPK9Kxkrw33U8-Nf4bE3OVkYOkM3hRKPoN1ickSNTXQUfbEEpP_Dou
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 15 Mar 2024 05:10:35 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 411ms
40ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 31 Mar 2023 21:33:56 GMT

GET
H2 200 container.html Show response
2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 524E 6 KB
3 KB 21ms
18ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.sendspace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 21:33:55 GMT
expires: Fri, 29 Mar 2024 21:33:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 67ms
22ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://m.sendspace.com
date: Thu, 30 Mar 2023 21:33:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 524E 0
0 69ms
65ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_gJVQwAmZLyfIYiN7_UP28q68AHukrWTXL-ihcfkBcCNtwEQASAAYJUCggEXY2EtcHViLTg1NzMzMjU5NDAxNTI2OTTIAQngAgCoAwGqBPcBT9DUAJizbz63E09fOf_08Cz6078JbQElAEltMSQNrQvCntRqVnTW0q2Sq4ejSphAaxw_9crYIr4mdCmPmOpzbucFghClK-rsygkk8IpWEK6oU533FNerOB_sgZOOs6-eSt1oUuOACp3D1NpdA8gLo3Imyqsdb0s7i79J3jBoSsDiKc5E0S22yEmPpgcchQ8EpYuPrhwSbGq8nYzXsidm4UeO6FlOH7Ea90g8FK-XgAU5z41d8s_CkQR5Wa0W4CrhceQjzRf2FaMr9Xn5h-Dv6MJuegNg8t0wti8rBhz2q3BpEfMWoeKhnBsuJy6jpgdUjG4XB88JrOAEAYAG7IX6moSm9cVUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NTczMzI1OTQwMTUyNjk0GK6LIg&sigh=OnWWXungIE8&uach_m=[UACH]&cid=CAQSSwDUE5ym-uzm3WEmye94ggfRG7YzJsfKo2b3qWpL8SMRdH6_pjzrebW8WPoamRXT2FQTKaIxqZPUZ7LVnqkbdV1A09xepJHRdxfJwBgB
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 524E 15 KB
5 KB 84ms
19ms Script
application/javascript 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=Adnimation_RON_HDX_OB&tid=209297
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: /
Resource Hash: 4dca83fa98ef86edc7e8ab6d58ceb3a32bcbee7cbf580159de92e03549a6f0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:30:46 GMT
content-encoding: gzip
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 190
etag: "a4bbaea693cbead138e054c2c73076e3b3a2045f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
content-length: 4853
x-amz-cf-id: L7fPZP8XoMBopvxLzC2Aex7hGulI0u23H4RfTfo6_1fJaZBphAOzqg==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 524E 3 KB
1 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 524E 20 KB
8 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 524E 24 KB
7 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 09:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Mar 2024 09:36:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 524E 158 KB
49 KB 82ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 21:33:56 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 524E 37 B
221 B 97ms
20ms Image
image/gif 52.57.32.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=ZCYAQwAIT7wIu8aIAA6lW6jMMZ3qKAhPxua64A&ts=1680212035&aid=42113603109083570523630&ec=5563_66529_OADD2.7353032167662_1LELJ0EWS3K4U3QBA6&n=GqkCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD0zZDljYjMwNi05M2EwLTRhMGEtOGZiZi05OWFlMTU1YTJlMGImb0FkVW5pdD0xMTczMDM3NCZwdWJsaXNoZXJJZD0yNTAxNTIyMzUmcklkPTNkOWNiMzA2LTkzYTAtNGEwYS04ZmJmLTk5YWUxNTVhMmUwYiZydHlwZT1udXJsJnRhZ0lkPTM5NTU0MCZ0cmFmZmljR3JvdXA9Z2V2Y3lyeXZzZ19wY3omdHJhZmZpY1N1Ykdyb3VwPWVyZnJlaXImYWlkPTQyMTEzNjAzMTA5MDgzNTcwNTIzNjMwJndwPTAuMDM58gLeAQgAEhc0MjExMzYwMzEwOTA4MzU3MDUyMzYzMBgAIAEouysw4YcEQAFIAFABYBJoCnA7kAEAmAEAqAH%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BuAEUwAEdyAEn8AGR4wz4ASeAAh2RAgAAAAAAAPA%2FmQIAAAAAAADQP6gCALACAMgCAtgCAPECZmZmZmZm5j%2F4AqU7kAMAmAMAoAMAuAP5kb4ByAMA0gMmT0FERDIuNzM1MzAzMjE2NzY2Ml8xTEVMSjBFV1MzSzRVM1FCQTbgA7zOpT7pAwAAAAAAAAAA8AMn%2BQMAAAAAAAAAAPgCBYgDAZIDBDk4OTWYAwCgA5SSGKgDAA%3D%3D
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.32.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-32-9.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 30 Mar 2023 21:33:56 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 524E 37 B
140 B 79ms
20ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=18&peid=0&aid=42113603109083570523630
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 139ms
44ms XHR
application/json 52.18.27.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.27.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-27-55.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5b00c7fcc7bd867c25b1e2444f5fdbe290aa238a32fc5e72d4b34b99435783e7

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:56 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache
x-server: 10.45.6.188
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&rid=esp&cc=1

85 B
202 B

146ms
145ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 0a6c2996c061d31ecf01e0e40586527e21337673711c268a70ff7c321091b88e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-Gpt8rGiuKCQMMbI1RtV0jxk9zK0"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://m.sendspace.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 30 Mar 2023 21:33:56 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://m.sendspace.com
location: /esp?url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 241 B
335 B 42ms
41ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2345f606a54cf0b128ebe3c9d282c9a8b5cc2986b94f7b80a6b4ed7589fdf280

Request headers

Referer: https://m.sendspace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: c67478aa8a38a209e56aa8577a2feb80
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 97ms
37ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://m.sendspace.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://m.sendspace.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 30 Mar 2023 21:33:56 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 1eb113d909dbdf9ae482d352dd108081

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/3ba058417c4164bfe62221be5bfb6293488cc226/dist/ Frame 524E 177 KB
57 KB 26ms
26ms Script
text/javascript 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/3ba058417c4164bfe62221be5bfb6293488cc226/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=Adnimation_RON_HDX_OB&tid=209297
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0be341224434803749c52a49deb6e0492cef6548b8557f6590eb95d5486a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:33:05 GMT
content-encoding: gzip
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 22:32:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 601252
etag: "508e99dc3d3549f42d9c04400060a573"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 57812
x-amz-cf-id: NhjZBmLpN9EQs3t74Kw1Hf-L4Z7TCgcT7aoaVgzm0PxwwIrKOU0OHg==

GET
DATA 200
OK truncated
/ Frame 524E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f45cd14f25d50c12de4778b7d8ca1b3adfe84d92ed64469923be57dbbe61746

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 524E 37 B
220 B 22ms
20ms Image
image/gif 52.57.32.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=ZCYAQwAIT7wIu8aIAA6lW6jMMZ3qKAhPxua64A&ts=1680212035&aid=42113603109083570523630&ec=5563_66529_OADD2.7353032167662_1LELJ0EWS3K4U3QBA6&n=GqkCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD0zZDljYjMwNi05M2EwLTRhMGEtOGZiZi05OWFlMTU1YTJlMGImb0FkVW5pdD0xMTczMDM3NCZwdWJsaXNoZXJJZD0yNTAxNTIyMzUmcklkPTNkOWNiMzA2LTkzYTAtNGEwYS04ZmJmLTk5YWUxNTVhMmUwYiZydHlwZT1udXJsJnRhZ0lkPTM5NTU0MCZ0cmFmZmljR3JvdXA9Z2V2Y3lyeXZzZ19wY3omdHJhZmZpY1N1Ykdyb3VwPWVyZnJlaXImYWlkPTQyMTEzNjAzMTA5MDgzNTcwNTIzNjMwJndwPTAuMDM58gLeAQgAEhc0MjExMzYwMzEwOTA4MzU3MDUyMzYzMBgAIAEouysw4YcEQAFIAFABYBJoCnA7kAEAmAEAqAH%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F8BuAEUwAEdyAEn8AGR4wz4ASeAAh2RAgAAAAAAAPA%2FmQIAAAAAAADQP6gCALACAMgCAtgCAPECZmZmZmZm5j%2F4AqU7kAMAmAMAoAMAuAP5kb4ByAMA0gMmT0FERDIuNzM1MzAzMjE2NzY2Ml8xTEVMSjBFV1MzSzRVM1FCQTbgA7zOpT7pAwAAAAAAAAAA8AMn%2BQMAAAAAAAAAAPgCBYgDAZIDBDk4OTWYAwCgA5SSGKgDAA%3D%3D&b=1
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.32.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-32-9.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 30 Mar 2023 21:33:56 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ Frame 524E 37 B
139 B 23ms
22ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=Adnimation_RON_HDX_OB&aid=42113603109083570523630&rev=3ba0584&pr=can%27t%2520access%2520top%2520document&bc=0.039&bmid=5563&biid=7589&sid=66529&brid=59&adid=&crid=130639676&ts=1680212035&bcud=39&ss=5&caid=0&unid=0&domain=2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com&ref=https%253A%252F%252Fm.sendspace.com%252F&rr=creative&fid=18&rb=10&g=0&tmplid=209297&cb=17550
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/ Frame 524E
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=3ae649de-8976-43e1-a38f-57ac9c1a7958&oAdUnit=11730374&publisherId=250152235&rId=3d9cb306-93a0-4a0a-8fbf-99ae155a2e0b&rlink=https%...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=46ef3ad7b01f450e9a6fd46f8fa16f17&SNR=1&GV=2&med=10

0
243 B

46ms
46ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=46ef3ad7b01f450e9a6fd46f8fa16f17&SNR=1&GV=2&med=10
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 48A623DD8C54418F9622CF251F671094 Ref B: FRA31EDGE0122 Ref C: 2023-03-30T21:33:56Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 30 Mar 2023 21:33:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8367059E9270416592530F8749A3EC95 Ref B: FRA31EDGE0122 Ref C: 2023-03-30T21:33:56Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=46ef3ad7b01f450e9a6fd46f8fa16f17&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 524E 3 KB
3 KB 90ms
22ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7353032167662_1LELJ0EWS3K4U3QBA6&pid=21.2&c=17&roil=0.1667&roit=0&roir=0.8333&roib=1&w=100&h=100&dynsize=1
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6681b09b65ce020ff3347214c1b18bcc22bef28d456246d9aedbcabcecc39d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:55 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 67BB74471D7240D4BF781BB8CBFE3CDA Ref B: FRA31EDGE0122 Ref C: 2023-03-30T21:33:56Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache: TCP_HIT
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 2980

GET
DATA 200
OK truncated
/ Frame 524E 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 blank
img.3lift.com/ Frame 524E 285 B
592 B 86ms
19ms Image
image/png 18.66.122.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/blank?width=100&height=100
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-67.fra60.r.cloudfront.net
Software: /
Resource Hash: f9690de909a98fc7907986b82315f554167943448572f4a29473a84ee004bfd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 12:30:34 GMT
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Thu, 30 Mar 2023 12:30:34 GMT
x-amz-cf-pop: FRA60-P2
age: 32602
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 285
x-amz-cf-id: emO_st0hVSfdiTzg7a6v27_eK9apDDKRDIJ5u5ocT9ArmyxLKATVRA==

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 524E 3 KB
3 KB 21ms
19ms Image
image/png 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 06:34:47 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 572350
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: X2mieB2l0Y1YhUrxzHy4pY8tw-YawuFoMYX7yTeTa1S5MjkAtLYi3Q==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 524E 3 KB
4 KB 22ms
21ms Image
image/png 18.66.112.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-121.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 08:25:44 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 392893
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: _WV1SBKZe2fOxtecA-3GKr_BU7Glpk13ycWmwxvGnRdI3YNopDsG_A==

GET
H2 200 ctar
eb2.3lift.com/ Frame 524E 37 B
139 B 24ms
23ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=Adnimation_RON_HDX_OB&aid=42113603109083570523630&rev=3ba0584&cta_render_method=2&cta_render_text=Learn%20more&cb=21098
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 PDF.png
m.sendspace.com/img/file_icons/ 21 KB
22 KB 394ms
394ms Image
image/png 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.sendspace.com/img/file_icons/PDF.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9819257202253aa7b13741dc171e0c1e51fef7933e18ce12ef32053e5eb604a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/file/jxgvfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Dec 2018 14:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c26324e-549b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeVeSSzzPCMPyicCKfcCE97PwHr70D13HDY8Ic7b1B63wF1eLKZZfEXrbXjHroL4at1CIXYFxg3vA0cLa7kCvfLc%2FOo9s9mDGrYJ5p3jq8ZO4g%2BjygJ6QJOoVvF0O3FN7nbiKi5EAFPktjgDbso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b03794a6991373a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21659

GET
H3 200 ints Show response
m.sendspace.com/ Frame 9604 303 B
619 B 142ms
141ms Document
text/html 2606:4700:e2::ac40:8d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.sendspace.com/ints
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/js/jquery-1.11.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983a9c58c70bfe5b468eac64d886af4a25b216f492798df7627481c40ab5551b

Request headers

Referer: https://m.sendspace.com/file/jxgvfb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b03794a89ba373a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 30 Mar 2023 21:33:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgzYFH%2FiBVbWQZSefB%2FEx1%2Bqanu6CW5jnUKK%2FNhM3lLKvqkgNn%2FErgEMsgQozj0ClIOof2uLqOKz2xHLTx5qFXTymDGgTIMJJd2GLYsJqiEuA9EBqnH5qTpk9x1RraYfgYS01bQgAlOXuRnPGpo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ Frame 524E 2 KB
962 B 79ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/3ba058417c4164bfe62221be5bfb6293488cc226/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eeafa1744f02c6d3e311a4c2d0372b711b79b9b66fc66aa027b496b8d1a235c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:31:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 21:33:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 524E 3 KB
716 B 104ms
52ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/3ba058417c4164bfe62221be5bfb6293488cc226/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:14:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 21:33:56 GMT

GET
H2 200 sce
eb2.3lift.com/ Frame 524E 37 B
139 B 25ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?block=Custom%20Template%20Code&ref=https%3A%2F%2F2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&lvl=3&inv_code=Adnimation_RON_HDX_OB&e=Not%20in%20friendly%20iframe
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 aop
eb2.3lift.com/ Frame 524E 37 B
139 B 24ms
23ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=Adnimation_RON_HDX_OB&aid=42113603109083570523630&rev=3ba0584&pr=can%27t%2520access%2520top%2520document&bc=0.039&bmid=5563&biid=7589&sid=66529&brid=59&adid=&crid=130639676&ts=1680212035&bcud=39&ss=5&caid=0&unid=0&domain=2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com&ref=https%253A%252F%252Fm.sendspace.com%252F&rr=creative&fid=18&rb=10&g=0&tmplid=209297&cb=86028
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dr
eb2.3lift.com/ Frame 524E 37 B
139 B 22ms
21ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dr?inv_code=Adnimation_RON_HDX_OB&aid=42113603109083570523630&rev=3ba0584&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=70796
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 ev1
eb2.3lift.com/ Frame 524E 37 B
139 B 21ms
21ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev1?inv_code=Adnimation_RON_HDX_OB&aid=42113603109083570523630&rev=3ba0584&pr=ZCYAQwAIT7wIu8aIAA6lW6jMMZ3qKAhPxua64A&bc=0.039&bmid=5563&biid=7589&sid=66529&brid=59&adid=&crid=130639676&ts=1680212035&bcud=39&ss=5&caid=0&unid=0&cepos=0&ceid=-1&cb=70206
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 42DE 15 KB
6 KB 131ms
37ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=m.sendspace.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://m.sendspace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 21:33:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 673171
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 37ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.sendspace.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 32ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.sendspace.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 151 KB
44 KB 435ms
434ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3322605976018196&correlator=1634686938672263&eid=31073462%2C31073490%2C31068366&output=ldjh&gdfp_req=1&vrg=2023032801&ptt=17&impl=fif&iu_parts=339474670%3A22859693164%2CSendSpace%2CSendSpace_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=3221100519&didk=1029441114&sfv=1-0-40&ists=1&fas=8&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D1001b14160f9e2f6%3AT%3D1680212035%3AS%3DALNI_MYoIHQdNS5mjCeUOYaYeROyOzY29g&gpic=UID%3D00000bcee498114d%3AT%3D1680212035%3ART%3D1680212035%3AS%3DALNI_MZXqp0C2ES-P99juhAKUUYG_cG96A&abxe=1&dt=1680212036355&lmt=1680212036&dlt=1680212034696&idt=674&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=902921447.1680212035&ga_sid=1680212035&ga_hid=1544816142&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYn5LEo_MwSABSAghkEhkKCnB1YmNpZC5vcmcYs5PEo_MwSABSAghqEtYBCghydGJob3VzZRLAAVV2eWVtbXdtSklOV3A5RmdBWWhxRkpRc0VoWlZ0SkROVDhCQTQ4R2ZXRUkva1gxL05nYm44TXpwczRXNHZKV3pIY3Zvek5DbXNNNVRNTVpvbkZJSVNQOU9XYWxrRlROc1ErelhyM2ZiRnh1Y2FYMnJlcFhrRTZTL2lWQUxZZFUrNEdUbDJSSmdmVWpoeHhhRlBDVDRiQm1uV2lZMmNucHdwYW5yVkdvcWZnd3BlL29jUzRDZTdTU01Gak9EcGt6axjQlMSj8zBIABIdCg5lc3AuY3JpdGVvLmNvbRigksSj8zBIAFICCGQSGQoKdWlkYXBpLmNvbRigksSj8zBIAFICCGQSFAoFb3BlbngYoJLEo_MwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi3k8Sj8zBIAFICCGo.&cbidsp=CqECCAEyC3Y3LjM5LjAtcHJlEhkKCGFwcG5leHVzUghhcHBuZXh1cxCRASACEg4KA2FteFIDYW14EFIgAhIZCggzM2Fjcm9zc1IIMzNhY3Jvc3MQvgIgAhIjCg11bmRlcmRvZ21lZGlhUg11bmRlcmRvZ21lZGlhEN4FIAISGwoJYWR5b3VsaWtlUglhZHlvdWxpa2UQygEgAhIbCglhZHlvdWxpa2VSCWFkeW91bGlrZRDKASACEhsKCWFkeW91bGlrZVIJYWR5b3VsaWtlEMoBIAISGwoJYWR5b3VsaWtlUglhZHlvdWxpa2UQygEgAhgBIiQzN2VhYzNjMC0zNWMzLTRhM2MtYTg4My0xMmM3NWU3YjMyMmEqBAgDIABKAECUCg..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b3899f1618a87ea8d58b208d8e1176777e585f5f2d28fb5fd65dda7c6f6f6e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45180
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2023032801.js Show response
securepubads.g.doubleclick.net/gpt/ 33 KB
12 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023032801.js?cb=31073490

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f0bc0508dc66e79a112d2c1e561589c8dab4bf3fbc2052fa0e668a7a483d8f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12378
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 08:36:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Mar 2024 14:40:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 524E 15 KB
16 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:37:42 GMT
x-content-type-options: nosniff
age: 46574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:37:42 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 72A5 0
176 B 89ms
28ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.sendspace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 30 Mar 2023 21:33:56 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET /
t.mdn2015x4.com/build/bbf99f7e/v1/ Frame 9604 0
0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 524E 16 KB
16 KB 56ms
25ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 46576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:37:40 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 08FE 37 B
139 B 21ms
21ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=56599
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/3ba058417c4164bfe62221be5bfb6293488cc226/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 30 Mar 2023 21:33:56 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 42DE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sendspace.com&sn=ChromeSyncframe&so=0&topUrl=m.sendspace.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=X8bxTXxvWEdpdUFPWDhYVFRHYVZNZjhrNXJsT2R1eXdJVTJVQm9ZSC9RbW9QcWhSeDhJMWk0a1Z6VisyNTZaUVo0aUwwMy91V0FlZlRVbXYraW51V0R3ckNVSldZM21uTzRTd0RjQnRYSnVIWS9paUh0U2IvaGhISkZleX...

433 B
652 B

255ms
32ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=X8bxTXxvWEdpdUFPWDhYVFRHYVZNZjhrNXJsT2R1eXdJVTJVQm9ZSC9RbW9QcWhSeDhJMWk0a1Z6VisyNTZaUVo0aUwwMy91V0FlZlRVbXYraW51V0R3ckNVSldZM21uTzRTd0RjQnRYSnVIWS9paUh0U2IvaGhISkZleXNmNURTcEpOU3hzenBPUGVsdlQ5eUM4MkxKNDZKd3RCbUVya1RnTERBbFcvTllBQzBGbW9TZ0JhQXJJL24vK3JseUpKYlpPT0dXQ2x4dXRhZnBTbkJxdXlKazZIa2dlSmpkdFJlY1lNYUtORUlTVEVGTDBnU0tZN0hReE9JOTdtazBuY3U4SVhuUUkyY0daNmpiNUNaU0JRSVRHamI1aVJmbXhvVzJEYW9HRlZueW5DRE1kOD18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

39d3553db08c4222b4f4c37f89c9509f3c8886a8b39fa47d0ecf7497740c719d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3078157
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=X8bxTXxvWEdpdUFPWDhYVFRHYVZNZjhrNXJsT2R1eXdJVTJVQm9ZSC9RbW9QcWhSeDhJMWk0a1Z6VisyNTZaUVo0aUwwMy91V0FlZlRVbXYraW51V0R3ckNVSldZM21uTzRTd0RjQnRYSnVIWS9paUh0U2IvaGhISkZleXNmNURTcEpOU3hzenBPUGVsdlQ5eUM4MkxKNDZKd3RCbUVya1RnTERBbFcvTllBQzBGbW9TZ0JhQXJJL24vK3JseUpKYlpPT0dXQ2x4dXRhZnBTbkJxdXlKazZIa2dlSmpkdFJlY1lNYUtORUlTVEVGTDBnU0tZN0hReE9JOTdtazBuY3U4SVhuUUkyY0daNmpiNUNaU0JRSVRHamI1aVJmbXhvVzJEYW9HRlZueW5DRE1kOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 371071
content-length: 0
expires: 0

GET
H3 200 container.html Show response
2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 90B7 6 KB
3 KB 19ms
18ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js?cb=31073490

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.sendspace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 21:33:55 GMT
expires: Fri, 29 Mar 2024 21:33:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 90B7 4 KB
709 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 21:22:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 21:33:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 135D 8 KB
968 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 20:11:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 21:33:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 135D 2 KB
823 B 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame 135D 22 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 135D 3 KB
1 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 135D 20 KB
8 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:31:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 135D 0
0 84ms
27ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLWc3X3Zleib7YhjlNP6G_DSGYXrdk-PQY1tdcLPewPOygKUAa7_gqnAtCgkm0NztDGHgLe4caztCdCQ_FGZxkcOzKDw
Requested by: Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 135D 158 KB
49 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Mar 2023 21:33:56 GMT

GET
H2 200 572670f91facfac87fddb213925da9fc.js Show response
www.gstatic.com/mysidia/ Frame 135D 34 KB
15 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/572670f91facfac87fddb213925da9fc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af8cd1cb4e1060d144a844f6d0b12b0887c5ebb2e521c9f2aaa7fefc7254d8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14438
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 20:56:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 20:50:46 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/ Frame 90B7 19 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:39:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:39:38 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 90B7 205 B
519 B 70ms
26ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 02:01:33 GMT
x-content-type-options: nosniff
age: 70343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 29 Mar 2024 02:01:33 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 90B7 604 B
696 B 71ms
27ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 15:38:44 GMT
x-content-type-options: nosniff
age: 21312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 29 Mar 2024 15:38:44 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEA5 143 B
383 B 71ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 21:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 51D2 1 KB
643 B 63ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 09:37:27 GMT
etag: 48472445140208031
expires: Fri, 31 Mar 2023 09:37:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 51D2 0
104 B 211ms
81ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF00MPzJ9k_5lM0Z2XllXM4&google_cver=1&google_push=Aer7DvLbJ9ZBmgMOZPVbURZtN_YPc7sEMCvUCV__8G0_Yb7kO4rg16ziTAZFFuUzAALsFmsLNvxfm0gsp2cVQa4a3mAb8ptsPtXKC6RH
Requested by: Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:57 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 51D2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGC9tqvJB9zOGea7kVpxSls&google_cver=1&google_push=Aer7DvKhzDhpZNy595PO6zf6_jLE86RXENASf6P0T3qwXyKRvBbD3Kshj_Ux1PUmWjdYPSoVcWlyuSgHT4uAz5tGcz-ib2p1LEVbs...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGC9tqvJB9zOGea7kVpxSls&google_cver=1&google_push=Aer7DvKhzDhpZNy595PO6zf6_jLE86RXENASf6P0T3qwXyKRvBbD3Kshj_Ux1PUmWjdYPSoVcWlyuSgHT4uAz5tGcz-ib2p1LEV...

43 B
417 B

206ms
196ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGC9tqvJB9zOGea7kVpxSls&google_cver=1&google_push=Aer7DvKhzDhpZNy595PO6zf6_jLE86RXENASf6P0T3qwXyKRvBbD3Kshj_Ux1PUmWjdYPSoVcWlyuSgHT4uAz5tGcz-ib2p1LEVbsd99&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKhzDhpZNy595PO6zf6_jLE86RXENASf6P0T3qwXyKRvBbD3Kshj_Ux1PUmWjdYPSoVcWlyuSgHT4uAz5tGcz-ib2p1LEVbsd99%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:57 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b037950fd0a9104-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:57 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 36
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGC9tqvJB9zOGea7kVpxSls&google_cver=1&google_push=Aer7DvKhzDhpZNy595PO6zf6_jLE86RXENASf6P0T3qwXyKRvBbD3Kshj_Ux1PUmWjdYPSoVcWlyuSgHT4uAz5tGcz-ib2p1LEVbsd99&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKhzDhpZNy595PO6zf6_jLE86RXENASf6P0T3qwXyKRvBbD3Kshj_Ux1PUmWjdYPSoVcWlyuSgHT4uAz5tGcz-ib2p1LEVbsd99%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b03794f9ba89104-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 51D2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKIkVGMZsJTEb7tfv-PUVIE&google_cver=1&google_push=Aer7DvJNfbEo1pziKabURASIZ-YIXw6eBal0T4ghsdfGs4YMBOGzalSHZw7Bh08oyKa2sJRbPPmcv2a_mJBQPWO2ce8J-QbdUGJsTYT1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B9832542AC4CA8B1A89167E41F8F0E&google_push=Aer7DvJNfbEo1pziKabURASIZ-YIXw6eBal0T4ghsdfGs4YMBOGzalSHZw7Bh08oyKa2sJRbPPmcv2a_mJBQPWO...

170 B
329 B

29ms
28ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B9832542AC4CA8B1A89167E41F8F0E&google_push=Aer7DvJNfbEo1pziKabURASIZ-YIXw6eBal0T4ghsdfGs4YMBOGzalSHZw7Bh08oyKa2sJRbPPmcv2a_mJBQPWO2ce8J-QbdUGJsTYT1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 30 Mar 2023 21:33:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2B9832542AC4CA8B1A89167E41F8F0E&google_push=Aer7DvJNfbEo1pziKabURASIZ-YIXw6eBal0T4ghsdfGs4YMBOGzalSHZw7Bh08oyKa2sJRbPPmcv2a_mJBQPWO2ce8J-QbdUGJsTYT1
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 29 Mar 2023 21:33:57 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51D2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELJXZmEFY8D0bVGRZzZaIhQ&google_cver=1&google_push=Aer7DvI6eq8CxtGRXJSjk2SC7UmJW9XO6ocHtMo0vOVlb9bmTwbJejKQIBUucAjq035Z6hydD9_fCFJ2IBaZJXVVR-jhZci...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI6eq8CxtGRXJSjk2SC7UmJW9XO6ocHtMo0vOVlb9bmTwbJejKQIBUucAjq035Z6hydD9_fCFJ2IBaZJXVVR-jhZci83phWOFlE&google_hm=eS14TnBObEFWRTJwRz...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI6eq8CxtGRXJSjk2SC7UmJW9XO6ocHtMo0vOVlb9bmTwbJejKQIBUucAjq035Z6hydD9_fCFJ2IBaZJXVVR-jhZci83phWOFlE&google_hm=eS14TnBObEFWRTJwRzU4MFlvdmdwdzJjYzNWM1J2ZjRRTn5B

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 30 Mar 2023 21:33:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvI6eq8CxtGRXJSjk2SC7UmJW9XO6ocHtMo0vOVlb9bmTwbJejKQIBUucAjq035Z6hydD9_fCFJ2IBaZJXVVR-jhZci83phWOFlE&google_hm=eS14TnBObEFWRTJwRzU4MFlvdmdwdzJjYzNWM1J2ZjRRTn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 51D2
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESELB9VT-9wGWVOLBIL3vZew4&c_param1=Aer7DvIcMQVxaTAN7ScWgobrRki207KQC_G7P_0F2MLXRSg3uCAtO3D28qqfJM4RNFrQW8HjrTyp9PBJbzLU_EW8mwM1pvk7KwtfFliV&gdpr=%%GDP...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvIcMQVxaTAN7ScWgobrRki207KQC_G7P_0F2MLXRSg3uCAtO3D28qqfJM4RNFrQW8HjrTyp9PBJbzLU_EW8mwM1pvk7KwtfFliV

170 B
232 B

29ms
29ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvIcMQVxaTAN7ScWgobrRki207KQC_G7P_0F2MLXRSg3uCAtO3D28qqfJM4RNFrQW8HjrTyp9PBJbzLU_EW8mwM1pvk7KwtfFliV

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvIcMQVxaTAN7ScWgobrRki207KQC_G7P_0F2MLXRSg3uCAtO3D28qqfJM4RNFrQW8HjrTyp9PBJbzLU_EW8mwM1pvk7KwtfFliV
date: Thu, 30 Mar 2023 21:33:57 GMT
server: nginx/1.19.0
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51D2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELaeW6Jt1lI5lEX4SOCMAIs&google_cver=1&google_push=Aer7DvKmeq-AJPuD8_kDoMoUxUPeoSVJKUehJKLAApioabGS6ByLayzd-Z7igEajGHdtbclYK_bFgvvV...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELaeW6Jt1lI5lEX4SOCMAIs&google_cver=1&google_push=Aer7DvKmeq-AJPuD8_kDoMoUxUPeoSVJKUehJKLAApioabGS6ByLayzd-Z7igEajGHdtbclYK_b...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgwODUzMjU3ODE5NDY5NzI5OQ&google_push=Aer7DvKmeq-AJPuD8_kDoMoUxUPeoSVJKUehJKLAApioabGS6ByLayzd-Z7igEajGHdtbclYK_bFgv...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgwODUzMjU3ODE5NDY5NzI5OQ&google_push=Aer7DvKmeq-AJPuD8_kDoMoUxUPeoSVJKUehJKLAApioabGS6ByLayzd-Z7igEajGHdtbclYK_bFgvvVB-EkSrAfIELvkUXjnfuKRwY

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzgwODUzMjU3ODE5NDY5NzI5OQ&google_push=Aer7DvKmeq-AJPuD8_kDoMoUxUPeoSVJKUehJKLAApioabGS6ByLayzd-Z7igEajGHdtbclYK_bFgvvVB-EkSrAfIELvkUXjnfuKRwY
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51D2
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECsh0Pl9bBVo_-JrQFh2e-c&google_cver=1&google_push=Aer7DvLK1HDyRlZmbowKICAdZLaOOCd_rSz13r5fo8VTzz328vwV1GorG...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvLK1HDyRlZmbowKICAdZLaOOCd_rSz13r5fo8VTzz328vwV1GorG03FL4tYv9fk8gw72YuHieG2YXuBJR0nqlNdgTpbec-80BWEIw&google_hm=QlMuNDM3Yi1m...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvLK1HDyRlZmbowKICAdZLaOOCd_rSz13r5fo8VTzz328vwV1GorG03FL4tYv9fk8gw72YuHieG2YXuBJR0nqlNdgTpbec-80BWEIw&google_hm=QlMuNDM3Yi1mMzM2LTRkMjktOWM5ZA==

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvLK1HDyRlZmbowKICAdZLaOOCd_rSz13r5fo8VTzz328vwV1GorG03FL4tYv9fk8gw72YuHieG2YXuBJR0nqlNdgTpbec-80BWEIw&google_hm=QlMuNDM3Yi1mMzM2LTRkMjktOWM5ZA==
Date: Thu, 30 Mar 2023 21:33:57 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 51D2 0
130 B 92ms
27ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUn8J-P8E0VfXV3twMEq8lMlru8wfcPBCzoXV9wymqw1teE3GzWOd47kE-fBoNvpBO8XEDeA

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEA5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
307 B

31ms
30ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
URL: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 21:33:57 GMT
expires: Thu, 30 Mar 2023 21:33:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 21:33:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D87 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js

Requested by

Host: m.sendspace.com
URL: https://m.sendspace.com/file/jxgvfb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 17:50:13 GMT

GET
H2 200 ev
eb2.3lift.com/ Frame 524E 37 B
139 B 27ms
26ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev?inv_code=Adnimation_RON_HDX_OB&aid=42113603109083570523630&rev=3ba0584&pr=ZCYAQwAIT7wIu8aIAA6lW6jMMZ3qKAhPxua64A&bc=0.039&bmid=5563&biid=7589&sid=66529&brid=59&adid=&crid=130639676&ts=1680212035&bcud=39&ss=5&caid=0&unid=0&cepos=0&ceid=-1&cb=30259
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/ Frame 524E
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=3ae649de-8976-43e1-a38f-57ac9c1a7958&oAdUnit=11730374&publisherId=250152235&rId=3d9cb306-93a0-4a0a-8fbf-99ae155a2e0b&rlink=https%...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=46ef3ad7b01f450e9a6fd46f8fa16f17&tids=15000&med=10

0
186 B

45ms
44ms

Image
text/plain

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=46ef3ad7b01f450e9a6fd46f8fa16f17&tids=15000&med=10
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A05996CB6A044FD49E9C8C541E05F9FC Ref B: FRA31EDGE0122 Ref C: 2023-03-30T21:33:57Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 30 Mar 2023 21:33:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6263BB42FF814D19AA19CCB3CDFBC1B0 Ref B: FRA31EDGE0122 Ref C: 2023-03-30T21:33:57Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=46ef3ad7b01f450e9a6fd46f8fa16f17&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 146
expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 524E 42 B
174 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvREDv5zeLgLb90lZeInGyoYHMHJOYUPAwOXQUAGyjm4LtClcvCxnnq0qEe4T_tavCXZAJ6LKQij0os53C8nEpoqcOM&sig=Cg0ArKJSzOmt8MJtrReZEAE&id=lidar2&mcvt=1000&p=1110,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=307293925&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680212035888&rpt=580&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF88 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.sendspace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 19:16:36 GMT
expires: Fri, 29 Mar 2024 19:16:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DD72 783 B
536 B 32ms
31ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

163083fccf9df8ed6f6d4662b11dace033c05eb5b346f7639c21999cefa1f220

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oBX0h0wpIbzR3qGv1Ov8xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.sendspace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-oBX0h0wpIbzR3qGv1Ov8xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 21:33:57 GMT
expires: Thu, 30 Mar 2023 21:33:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js Show response
pagead2.googlesyndication.com/bg/ Frame BF88 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 17:50:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 17:50:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DD72 0
0 54ms
53ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023032801&jk=3322605976018196&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BF88 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-PtSgg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 21:33:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023032801&jk=3322605976018196&bg=!u7iluOzNAAbEgrg45II7ADkAdvg8WqKJM9w15MXgVqlkYoPbSHQDO-BbJUTnDrHE_RbiJ2B8cT25JF74-CXiKjg8VXIWm4Xh-OQCAAAATFIAAAADaAEHmQK5fCXij8f134AqiEmgEN7BXyGSTbkNsLXx07IHVgP-U74KOK6vZCvnsffKD1QHcm1MkWhfrEiuJAzc1htncQu0X7XOr4EGWbLqFidO3583RYSb5A8bT3EcQ789J2m7KSQQY8YHgScJhNuhVSrsapHnfMfYghShCjHE7nO_uYKYQ6tdhXmrgDKUI-Q3z1Da7egwREaP-KraxeGEX82Q-ltw2z2uRcKuoeKVSJvJYWN6Ha-_-gtc7xF-kBCNKJt_vHf1lu5GDriHQuAyW8bDZJa9Xf-Fhfpocuqhla-QPj-yDMAk4qTLGelc2_bj4ExqEzqrJc3nzgKQtKN2V7jlOjSV6CgS6E9USN3DnPsY9fMabn74KegF8F-0VNje3P8Xb_MfqrcFXrZnogr-6Fg8W1s_KlTUYEIKpm9l_z4szDxKLHtgHqnVnG4VNAMtK5duRb5S84uU5m2gLYJ2EdFR6oLtoNwAtP-GmL4AZT0IyLbyh4ULAm1HzeCheK1YL6h3ZCLZ46q_wJDlXnANRwGa3aR_5XAw73VDUTHzjW6SeNkq_-kRKICiili5X-N3wZWz_ci22utEoXjmELme6u_pWPwdp18Sli3mDXX-oZgy5daa_j4DvAZGn2ior7c5F6vsTqqpJrBePikV0djedMoKoEWSlGT2sz-yWHEB4bnjnMx7SoCeDx1UevCjpxVUqBDccwy9e6qbHJiiEcP5_CR0jocXwzzHbaS1xQtDF2mpu1nNzhe3kxPDZcxn01Rm4b5YbuplSnEW7AFFm4Tgq2Ud6ow5sadc-m1YrbZl0r7yH1lvYcECEidYfgCMSbdAd-Fnk8VR911LwJqGTpz9u_5NiKsun85N6-T5AAcxYWTpncIgp3AnmPtZOS_BaR8EcJvGsD-TiaVaBsMYjxlrwzqINIuO6WArdtjU2M4Xdg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fm.sendspace.com%2F&domain=m.sendspace.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=ITR3G3xnVUJLTGVtZmhlZDJzOThOTVNXOHcvdTFWK3gxaGV4N1BaNXc5VTFubnprak84M0RhbTFEc09rT3NMVzBGUkppVTBiVS92SkdFdVAvTVBWVVJBRk9pVTM5dGFubzV6WmtxeXJnN0Y4Wit0am5mT1hodURYV3NoRU...

426 B
693 B

31ms
30ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ITR3G3xnVUJLTGVtZmhlZDJzOThOTVNXOHcvdTFWK3gxaGV4N1BaNXc5VTFubnprak84M0RhbTFEc09rT3NMVzBGUkppVTBiVS92SkdFdVAvTVBWVVJBRk9pVTM5dGFubzV6WmtxeXJnN0Y4Wit0am5mT1hodURYV3NoRUxZNVVkZFdtR3RjajIxVUw3Qk9qWWdlU2JidnY2MEk5NklCN3QzOStpcGV2VU5yeERSZXQ1WVhUU1p2NCs2RXJSbEFhbUs1MGwzQ1VIa3oyNXk3eTAwZHlCY1dFNVY2ODFnZUNRZWFaNGJmcUxOODRnWU5sL0pvS1lvMTZKdVNhQlRyYnQrcG1EbHVmT3FteWQzQmdEOEIwWnVySWo1WW5tVTN4ODJ2dTUwQjYyb1hBU2puRT18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bf150ea0003cf546a091f1422f008a0fd7fff0eac49cbdac1e317ab79fab462e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1752024
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=ITR3G3xnVUJLTGVtZmhlZDJzOThOTVNXOHcvdTFWK3gxaGV4N1BaNXc5VTFubnprak84M0RhbTFEc09rT3NMVzBGUkppVTBiVS92SkdFdVAvTVBWVVJBRk9pVTM5dGFubzV6WmtxeXJnN0Y4Wit0am5mT1hodURYV3NoRUxZNVVkZFdtR3RjajIxVUw3Qk9qWWdlU2JidnY2MEk5NklCN3QzOStpcGV2VU5yeERSZXQ1WVhUU1p2NCs2RXJSbEFhbUs1MGwzQ1VIa3oyNXk3eTAwZHlCY1dFNVY2ODFnZUNRZWFaNGJmcUxOODRnWU5sL0pvS1lvMTZKdVNhQlRyYnQrcG1EbHVmT3FteWQzQmdEOEIwWnVySWo1WW5tVTN4ODJ2dTUwQjYyb1hBU2puRT18&cppv=2
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 353784
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 99ms
33ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fm.sendspace.com%2F&domain=m.sendspace.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://m.sendspace.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 30 Mar 2023 21:33:58 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 299290
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 08CD 0
0 412ms
120ms Document
text/plain 67.202.105.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bBFK5uF5Wr7yoerkHcnlKl&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-105.static.steadfastdns.net
Software: 33XP008 /
Resource Hash

Request headers

Referer: https://m.sendspace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Thu, 30 Mar 2023 21:33:59 GMT
server: 33XP008
x-33x-status: 2000208

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 88C2 52 KB
17 KB 93ms
20ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://m.sendspace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 30 Mar 2023 21:33:59 GMT
ETag: "623de86a-cf34"
Expires: Fri, 31 Mar 2023 21:34:01 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6A5C 52 KB
17 KB 92ms
21ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://m.sendspace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 30 Mar 2023 21:33:59 GMT
ETag: "623de86a-cf34"
Expires: Fri, 31 Mar 2023 21:34:01 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 88C2
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
935 B

30ms
29ms

Script
text/html

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 21:33:59 GMT
AN-X-Request-Uuid: 038c0ae3-be5f-460d-a847-0c3767863cfc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 21:33:59 GMT
AN-X-Request-Uuid: c29ef21f-e5c4-4abf-bb85-23c29160b9ea
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 6A5C
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
935 B

24ms
24ms

Script
text/html

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 21:33:59 GMT
AN-X-Request-Uuid: 6fbe789f-25ff-47a1-b61c-52a089e571a1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 21:33:59 GMT
AN-X-Request-Uuid: 16abc196-ac71-4bf4-ba9a-5597b0a80a47
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 96ms
32ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 30 Mar 2023 21:33:59 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 297214
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 27ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M59HEE6XTT&gtm=45je33r0&_p=1544816142&cid=902921447.1680212035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1680212034&sct=1&seg=0&dl=https%3A%2F%2Fm.sendspace.com%2Ffile%2Fjxgvfb&dt=Sendspace%20Mobile%20-%20File&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M59HEE6XTT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.sendspace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 21:33:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.sendspace.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 88C2 0
863 B 20ms
20ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 21:34:00 GMT
AN-X-Request-Uuid: 6533b285-e349-4cdd-a822-b32aaa913724
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6A5C 0
863 B 25ms
25ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 21:34:00 GMT
AN-X-Request-Uuid: acfa0290-566b-4f36-8d19-e266c04cdd74
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: udmserve.net
URL: https://udmserve.net/udm/img.fetch

Domain: udmserve.net
URL: https://udmserve.net/udm/img.fetch

Domain: t.mdn2015x4.com
URL: https://t.mdn2015x4.com/build/bbf99f7e/v1/

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sendspace.com/	1970-01-20 20:19:32	Name: _ga_M59HEE6XTT Value: GS1.1.1680212034.1.0.1680212034.0.0.0
.sendspace.com/	1970-01-20 20:19:32	Name: _ga Value: GA1.2.902921447.1680212035
.sendspace.com/	1970-01-20 10:44:58	Name: _gid Value: GA1.2.2013482263.1680212035
.sendspace.com/	1970-01-20 10:43:32	Name: _gat Value: 1
m.sendspace.com/	1970-01-20 11:26:44	Name: _pbjs_userid_consent_data Value: 3524755945110770
.sendspace.com/	1970-01-20 10:43:33	Name: __cf_bm Value: JSmQuXBRswYt86ShtRDBFYHSfSxnMl4QZw8gFWNI7yM-1680212035-0-AWH+f0HfVP/w2393VtNjdjeOxM0iPZi/3rZxelOo+UnyOKHysJixVVkSa8J03NWqfm56CZqvki717h+XZaGZP6TFUVgDnLOgCs7Ry0N1wrVbeVTFnVHFvyzXmQGx7EL9dA==
.sendspace.com/	1970-01-20 10:43:32	Name: _gat_gtag_UA_249368521_23 Value: 1
.prebid.a-mo.net/	1970-01-20 19:29:08	Name: __amc Value: 1_1680212035_1680212035
.sendspace.com/	1970-01-20 20:05:08	Name: __gads Value: ID=1001b14160f9e2f6:T=1680212035:S=ALNI_MYoIHQdNS5mjCeUOYaYeROyOzY29g
.sendspace.com/	1970-01-20 20:05:08	Name: __gpi Value: UID=00000bcee498114d:T=1680212035:RT=1680212035:S=ALNI_MZXqp0C2ES-P99juhAKUUYG_cG96A
.doubleclick.net/	1970-01-20 20:05:08	Name: IDE Value: AHWqTUnEJb326UU7Waudq4XzJ2dE9ZyixypPLKCQIY1208Ut7JLtbnRm0chdFD3u21o
.openx.net/	1970-01-20 19:29:08	Name: i Value: c335faa1-bc98-4ae1-aee1-8b6a81f4a4f6\|1680212036
.bing.com/	1970-01-20 20:05:08	Name: MUID Value: 2CC5EECC9E3062781030FC289F9C6350
.udmserve.net/	1970-01-20 19:29:08	Name: udmts Value: 1680212036.0
.udmserve.net/	1970-01-20 19:29:08	Name: dt Value: FBDBCD57-0C72-388A-991B-D2656A98F9D4
.criteo.com/	1970-01-20 20:05:08	Name: uid Value: f95d428d-3176-4ab7-8990-14326baa9ee4
.doubleclick.net/	1970-01-20 10:43:35	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-20 19:30:34	Name: suid Value: D2B9832542AC4CA8B1A89167E41F8F0E
.uuidksinc.net/	1970-01-20 19:29:08	Name: jcsuuid Value: sVwR6Tok1t23L52lWU9G
.adform.net/	1970-01-20 11:28:10	Name: C Value: 1
.adform.net/	1970-01-20 12:09:56	Name: uid Value: 3808532578194697299
.yahoo.com/	1970-01-20 19:29:29	Name: A3 Value: d=AQABBEUAJmQCEKZv1znsRKyTGR-DWw2WP6YFEgEBAQFRJ2QvZAAAAAAA_eMAAA&S=AQAAAsjilTezhfSpQEtjEDr8_P0
.tribalfusion.com/	1970-01-20 12:53:08	Name: ANON_ID Value: aEnseFRZdySbAIUMnYFxobYZds3lrk7gJPyr4TjrTpVeoKbZbydrEDtoxofYSD3IRVrhTF53ZdU2WOTYYKBgiH5A
.adnxs.com/	1970-01-20 12:53:08	Name: uuid2 Value: 5134428135949561289
.sendspace.com/	1970-01-20 20:05:08	Name: cto_bundle Value: 2zb_EV9oTSUyRmliNE1VcFdRYlpybG0zY0FNRmZRJTJCYlBsMCUyQnYxaEhYZHV1UW5GSnlKQmNDWUNCb2dhSnFZSWxiblklMkJQZGU3NTVpSmVNSXFMWXB5azhueTVCclZlcEpBbTZIVGQ2dkpyYU1SRzJzWWdtcWdPNHVacGxzcXZ1d3Zka1ZsWkk2YmNSQyUyQmdBUTR2dmREcWF5eXkwZTB3JTNEJTNE
.sendspace.com/	1970-01-20 20:05:08	Name: cto_bidid Value: 4NkWt184NE1vSWFSNm9HJTJCRkxmdkNlcVkyWVM3akpXNFJZeWwlMkJ2ejZXOThtRUJheFM5cFZPUnVlbUdEUG5SUVpibk5Cc0ZoTUEzQXBoNVUyRFZJMUFYOVFzb1hYYjNISSUyRkxmNVNOMUFMTkh2a1RuQSUzRA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://m.sendspace.com/file/jxgvfb Message: Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch' from origin 'https://m.sendspace.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://udmserve.net/udm/img.fetch Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://m.sendspace.com/file/jxgvfb Message: Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch' from origin 'https://m.sendspace.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://udmserve.net/udm/img.fetch Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://t.mdn2015x4.com/build/bbf99f7e/v1/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2660da188164600ccff5dfa46e5bdeb4.safeframe.googlesyndication.com
a.ad.gt
a.tribalfusion.com
aax.amazon-adsystem.com
acdn.adnxs.com
adncdnend.azureedge.net
adservice.google.com
adservice.google.de
api.sendspace.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
c1.adform.net
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
dclk-match.dotomi.com
eb2.3lift.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
ib.3lift.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
im.bluevoox.com
img.3lift.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
m.sendspace.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.google-analytics.com
s.tribalfusion.com
s.uuidksinc.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
static.criteo.net
t.mdn2015x4.com
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
udmserve.net
um.simpli.fi
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
t.mdn2015x4.com
udmserve.net
108.138.1.25
13.32.10.16
142.250.185.130
147.75.85.234
162.19.138.116
162.19.138.120
178.250.0.157
18.66.112.121
18.66.122.67
18.66.97.8
185.196.197.130
185.255.84.150
2001:4860:4802:32::36
23.216.240.90
23.35.236.188
2600:9000:2250:1a00:a:e047:752:b361
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:266a
2606:4700:4400::ac40:99f6
2606:4700::6812:18ad
2606:4700:e2::ac40:8d24
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:16::1400
2a04:4e42:600::485
2a05:d018:d29:3605:1260:9dcc:1d0e:53e1
34.102.146.192
34.120.107.143
34.149.20.76
34.96.70.87
35.190.39.111
35.204.74.118
35.244.159.8
37.157.2.234
37.252.171.149
52.18.27.55
52.45.175.185
52.57.32.9
52.6.125.14
67.202.105.21
76.223.111.18
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0
0a6c2996c061d31ecf01e0e40586527e21337673711c268a70ff7c321091b88e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cfd2edf65a6be6e2d38dbdc951f4c3e7505bdd452c9e97fffd3578a7d5fe194
0f45cd14f25d50c12de4778b7d8ca1b3adfe84d92ed64469923be57dbbe61746
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
147bcdecee9aa09ceeb32409769c2c10015ba5f359255d712c6f31519bcc04e9
163083fccf9df8ed6f6d4662b11dace033c05eb5b346f7639c21999cefa1f220
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1926f7ddf5421a6be1a8a54671bf7527d8b924aa0a6c7575276a11abddf37be4
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f0bc0508dc66e79a112d2c1e561589c8dab4bf3fbc2052fa0e668a7a483d8f4
2345f606a54cf0b128ebe3c9d282c9a8b5cc2986b94f7b80a6b4ed7589fdf280
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
24011bdce04002f4dfddeb07f582d00600aa5a407b2b4b20ff5623407511ea20
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b17b43134d02ba194004ebb6dc63c940a749730f01f7e34677e513dfe8e2ff7
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
30e9254ced53254a591890aef6cfa52bd0abdbebad35b349e33c6bf4eb957a79
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
379cbaf900ff4ea2a20025201f3fc892f368b5655d34e17fe0810572007176ff
398d92810681f544ac0f9f02fa035aadf870ed92721757305142b9b0fa9074eb
39d3553db08c4222b4f4c37f89c9509f3c8886a8b39fa47d0ecf7497740c719d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
41a3f461b1ba3e5a59c01d73346eecc72c1928961e0925567576e13b7f293b1e
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dba6161b974d3d24ea65896aa4708a2ac534e8fda585495353bdfd9800a276a
4dca83fa98ef86edc7e8ab6d58ceb3a32bcbee7cbf580159de92e03549a6f0c7
517ed4cec5d25135b0cbd7e404d3c2e42fedb12473d7a9067c5d6075c51dec7a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b00c7fcc7bd867c25b1e2444f5fdbe290aa238a32fc5e72d4b34b99435783e7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6681b09b65ce020ff3347214c1b18bcc22bef28d456246d9aedbcabcecc39d2e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e7427b8419cc7f191acc60e33a1afa153c59423f183182cb731f8a9f0c612d4
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7b3899f1618a87ea8d58b208d8e1176777e585f5f2d28fb5fd65dda7c6f6f6e0
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7fe6ba404e732f03aad5d04a13232066a09edf31c70804c9f7b4f17f9b8c0efa
82186d07a0195f052038974d6c440b7939559c59db3fd3b48e27f64b2515be1d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a7ef0eb5bc06e9a89adfc01947c0d11b7181798723dde655439c42e5a624b3
84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c9e62f5b31610337f723af8acb26c8222fda793fc09fad9a59db68560e90c7d
8d39d8c07c66cc67e307318a80da7b3c45f7073a2e1d7e01bfb05c9256a5240d
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
95cebae126b596b85b7633805c98d6be3b0ccc8558b8a0c0cdcd3a0fef0c6917
9819257202253aa7b13741dc171e0c1e51fef7933e18ce12ef32053e5eb604a2
983a9c58c70bfe5b468eac64d886af4a25b216f492798df7627481c40ab5551b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ec67255454c1dc79e82a676cd9fe3896d52f6af54a73778a97af6b22c794643
a1595af6ee22da3ba266e7d0cc06e6e185c8325aebe766ac93de9559e737a046
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a82a26a74556f094b346f81021fc3dd05909811b43f05d747e22cb9fcbb80e24
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ae15044f19a38c83bbb91a1ed720743259c504e633ff0bb946ab48e2138e0324
af8cd1cb4e1060d144a844f6d0b12b0887c5ebb2e521c9f2aaa7fefc7254d8b4
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b82156a924667c27e8e9ddb51cdc88678f9a7adca51d09a6b8c6962852571c4c
bb17bc0ca2c7e4903985b4f71c74b22fda9055f7a01383b4a23da6a80fdd02f2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbbb2a1221add0b610c5b8a7ebfbab5e245010d6101db4e5aa09e0ed424ec800
bf150ea0003cf546a091f1422f008a0fd7fff0eac49cbdac1e317ab79fab462e
c06b530aa6007baddab45e19ea7239b7295009dc7b59004bbf89e0e030d0db4b
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c60ab5aac1bfa933bbc662985aaf45926424b1c50591d756ad97452686d99216
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c837d90608e82ec170f17069094229592019eb31e3e233cff8f11070e29804d0
c9ac13bac7ab829224e6232b3ce729cdee42f28576b7482780e954ba99bd9092
cd0be341224434803749c52a49deb6e0492cef6548b8557f6590eb95d5486a23
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
d8093bc864b547fad1afbdedfdcc501d79e5e989e24b37c5fe7e5701be4019b3
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e33818ec56bd78b240e57478b0b81c9c8c22f96e32fc9614122f4a504f3cbec0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
eeafa1744f02c6d3e311a4c2d0372b711b79b9b66fc66aa027b496b8d1a235c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f9690de909a98fc7907986b82315f554167943448572f4a29473a84ee004bfd2
fc067ccfac437c3de8779c2482a6e041398623a58e4307faf9c8f10d2e7a54af

m.sendspace.com Open in urlscan Pro 2606:4700:e2::ac40:8d24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

154 Requests

90 %HTTPS

51 %IPv6

43 Domains

63 Subdomains

55 IPs

7 Countries

1430 kBTransfer

4067 kBSize

26 Cookies

1 Outgoing links

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.sendspace.com Open in urlscan Pro
2606:4700:e2::ac40:8d24 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

90 %
HTTPS

51 %
IPv6

43
Domains

63
Subdomains

55
IPs

7
Countries

1430 kB
Transfer

4067 kB
Size

26
Cookies

154 HTTP transactions
2 data transactions