urlscan.io logo urlscan.io
SecurityTrails logo

www.docspal.com Open in urlscan Pro
144.76.109.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.docspal.com/viewer?id=-
Effective URL: https://www.docspal.com/viewer?id=-
Submission: On September 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 14 domains to perform 82 HTTP transactions. The main IP is 144.76.109.82, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.docspal.com.
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.
This is the only time www.docspal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    144.76.109.82 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.82.109.76.144.clients.your-server.de
www.docspal.com
2    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
ajax.googleapis.com
16    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pagead2.googlesyndication.com
ade.googlesyndication.com
2    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
www.google-analytics.com
1    157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com
www.facebook.com
1    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
9    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads.g.doubleclick.net
2    74.125.206.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
stats.g.doubleclick.net
bid.g.doubleclick.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
adservice.google.com
cm.g.doubleclick.net
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googletagservices.com
6    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
imasdk.googleapis.com
5    142.250.81.195 (United States)

ASN15169 (GOOGLE, US)
PTR: iad30s43-in-f3.1e100.net
csi.gstatic.com
1    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
gcdn.2mdn.net
7    173.194.182.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s33-in-f10.1e100.net
r5---sn-4g5e6nss.c.2mdn.net
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
3    104.105.231.167 (Atlanta, United States)

ASN6453 (AS6453, US)
PTR: a104-105-231-167.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
Domain Requested by
17 www.docspal.com 1 redirects www.docspal.com
12 pagead2.googlesyndication.com www.docspal.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
9 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 r5---sn-4g5e6nss.c.2mdn.net imasdk.googleapis.com
6 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 csi.gstatic.com imasdk.googleapis.com
4 ade.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
3 dsum-sec.casalemedia.com 2 redirects
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 www.google-analytics.com www.docspal.com
www.google-analytics.com
2 maxcdn.bootstrapcdn.com www.docspal.com
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com www.docspal.com
googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 cm.g.doubleclick.net 1 redirects
1 googleads4.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 syndication.twitter.com platform.twitter.com
1 platform.twitter.com www.docspal.com
1 www.facebook.com www.docspal.com
1 ajax.googleapis.com www.docspal.com
82 26

This site contains links to these domains. Also see Links.

Domain
play.google.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
www.docspal.com
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-03 -
2021-10-01		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-09-14 -
2021-11-23		 2 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.docspal.com/viewer?id=-
Frame ID: ABA9C4B9F54CBF9EE7C1D1A5F5ACB885
Requests: 33 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.docspal.com&locale=en_US&layout=button_count&show_faces=false&share=true&action=like&height=21&width=150
Frame ID: 145087DBC7E349463F121C838C2D45BF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.html?_=1284635400577&count=horizontal&lang=en&text=Online%20File%20Viewer%20-%20DocsPal&url=http://www.docspal.com&via=docspal_com
Frame ID: A1AA1699DB944BC0A1F1682C0A29ECC8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/zrt_lookup.html
Frame ID: 0340C69DF7642BC7FF4BE49A3B0061A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
Frame ID: 7CE0C87854854980E5E5BDA8A8669EF5
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=2922153032&adk=3945733995&adf=911721441&pi=t.ma~as.2922153032&w=1140&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459490&bpp=1&bdt=236&idt=136&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=600x280&correlator=4403220150140&frm=20&pv=1&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Suh600GO5l&p=https%3A//www.docspal.com&dtd=138
Frame ID: EBC0D6C126461AC881A65A4F42BB4D8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&adk=1812271804&adf=3025194257&lmt=1632342459&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459502&bpp=1&bdt=248&idt=128&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=600x280%2C1140x280&nras=1&correlator=4403220150140&frm=20&pv=1&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=132
Frame ID: 0306A423E5BE40494EF6E1F0D47ED847
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0F9AE953B163EBFA3E3C821E24DCAF90
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1F7E17EBEC07A9A216FA2EE9EA7935E2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE472DEC0D1145E3365CA30FC0719ED1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online File Viewer - DocsPal

Page URL History Show full URLs

  1. http://www.docspal.com/viewer?id=- HTTP 301
    https://www.docspal.com/viewer?id=- Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

82
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

26
Subdomains

23
IPs

4
Countries

2995 kB
Transfer

3866 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.docspal.com/viewer?id=- HTTP 301
    https://www.docspal.com/viewer?id=- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://gcdn.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/BBF3CAFB7729112080BC18E89664D9F5FCDE399E.A83257EF5D9EC97A95CF0825B2447EE720E703CA/key/ck2/file/file.webm HTTP 302
  • https://r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84F477FE642996FC72608C6738EB562B9422A684.043EA0640AA8119665856AD2AA606372ADEEF545/key/cms1/cms_redirect/yes/mh/TL/mip/216.131.114.115/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1632341328/mv/m/mvi/5/pl/24/file/file.webm
Request Chain 62
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPcmAIQiZnizAIYhryRtAEgATAB&v=APEucNUGBDroGdShVO5hsIpsxVbHwXWag4ur9kF1qUUFXRmGmojia42xIAAwc191oC_LVUgnB9cj_anB6giWPQ7jiCERO3RW2w HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUuRveF3CTIlzSa3WTbKXAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set viewer
www.docspal.com/
Redirect Chain
  • http://www.docspal.com/viewer?id=-
  • https://www.docspal.com/viewer?id=-
59 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
b77cec4c2fad9815a183f71a57c725a745bf1065e4773e0b6941996e0e65d971

Request headers

Host
www.docspal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Server
Apache
Set-Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Server
Apache
Location
https://www.docspal.com/viewer?id=-
Content-Length
243
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
jquery-ui-1.10.2.custom.css
www.docspal.com/js/themeroller/css/ui-docspal/ 		31 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/themeroller/css/ui-docspal/jquery-ui-1.10.2.custom.css?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
3819d0f413bafa599b42d39cb7aeb3f8eadd40c96f606e1b97ebf46d63e20e0a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Fri, 17 May 2013 02:32:22 GMT
Server
Apache
ETag
"7cc9-4dce0caea9980"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
31945
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
b9ab2d75248033446778c77da217ca3adf84dae7f08c3e5052c9df814ae8f2db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 20:27:39 GMT
server
ESF
date
Wed, 22 Sep 2021 20:27:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 20:27:39 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 617, 617
age
842880
cdn-cachedat
2021-06-08 19:04:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5be60cad80d1eecc9ac7a67f88ee3f89
cf-ray
692e46729f8f1f4d-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
layout.css
www.docspal.com/css/ 		44 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/css/layout.css?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
aa461af97f5d18a6985883f19b84893bc978d480bb937dfdf24bb9510a48a552

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Mon, 08 Jul 2019 16:14:41 GMT
Server
Apache
ETag
"b1fe-58d2dbdd82d4a"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
45566
forms.css
www.docspal.com/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/css/forms.css?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
035bf4204feef95575a2bb2f1dece253a6d43841fe3fe83db3df45be4858264b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Wed, 21 Mar 2018 13:39:08 GMT
Server
Apache
ETag
"145d-567ec50bc1700"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5213
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Thu, 22 Sep 2022 20:05:06 GMT
common.js
www.docspal.com/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/common.js?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
6e8a0725ff32b36f48465864ada4d77813d5ff814e7746120bacf18cde1004ed

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Tue, 20 Mar 2018 08:35:18 GMT
Server
Apache
ETag
"2ad7-567d3f44cfd80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10967
jquery-ui-1.10.2.custom.min.js
www.docspal.com/js/themeroller/js/ 		223 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/themeroller/js/jquery-ui-1.10.2.custom.min.js
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
052ad869a53a63a4dcc5cc365055adfd5f212ddf3c7953d8dd456b35047d3a53

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Fri, 17 May 2013 02:32:22 GMT
Server
Apache
ETag
"37ade-4dce0caea9980"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
228062
forms.js
www.docspal.com/js/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/forms.js?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
01520616156712ea999b19c7d0627acb4852e46824996cbaf918840edd9db9f3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Fri, 17 May 2013 02:32:22 GMT
Server
Apache
ETag
"6e75-4dce0caea9980"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
28277
forms-specific.js
www.docspal.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/forms-specific.js?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
ae6432a9076b57e826d1f5e28f76b5fbc266596d3a72f5273c7c7faf734f65c1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Fri, 17 May 2013 02:32:22 GMT
Server
Apache
ETag
"770-4dce0caea9980"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1904
jquery.iframe-transport.js
www.docspal.com/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/jquery.iframe-transport.js?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
0ddd3dc005842bd02b0bba0fa65951f4b64714504c887af0dfcbd97f390325c4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Fri, 17 May 2013 02:32:22 GMT
Server
Apache
ETag
"22c6-4dce0caea9980"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
8902
fakeselect.js
www.docspal.com/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/fakeselect.js?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
ccb897af71295a7de9bb04c4cd48d51246b422478a8b018a4905a2df84d5cf4e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Thu, 06 Apr 2017 11:21:22 GMT
Server
Apache
ETag
"c69-54c7db56d1080"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3177
scrollbar.js
www.docspal.com/js/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/scrollbar.js?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
7f1551f90ab3ca65e29db51c05ec8bcb16750deb40ace91e62573dadb9eac7eb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Thu, 06 Apr 2017 11:21:22 GMT
Server
Apache
ETag
"7dab-54c7db56d1080"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
32171
modal.js
www.docspal.com/js/bootstrap/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/bootstrap/modal.js?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
56f000a686b26e0539d95f395600fa5f80b33005f6f916d9311115d1aa39a946

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Tue, 20 Mar 2018 08:35:18 GMT
Server
Apache
ETag
"1763-567d3f44cfd80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5987
viewDoc.js
www.docspal.com/js/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/viewDoc.js?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
59ea86b053315ede37d19a6d7a9513ca811a58e3c575ed2ba56db0e04c12df27

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Tue, 18 Apr 2017 19:20:50 GMT
Server
Apache
ETag
"6956-54d75ce3a6880"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26966
viewer.js
www.docspal.com/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.docspal.com/js/viewer.js?v=25
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
c1583efa5fa6a65efc68a7e708f23ed1256e946869c83470f03dffb53d10b2ee

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Mon, 24 Jun 2019 16:29:35 GMT
Server
Apache
ETag
"4702-58c14515ecea2"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
18178
logo_bigger.png
www.docspal.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.docspal.com/images/logo_bigger.png
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
b43a0d3b5d5c67aae170079548f9e1ba854cf36ce2c9504bf9c26dbd36e3f30b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Fri, 14 Apr 2017 18:50:06 GMT
Server
Apache
ETag
"bf1-54d24e8f3b380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3057
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		140 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9b23fc7b74a8dace47d13aa1bd952aabd7caae7481f6f922144d837fa7f2b5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49166
x-xss-protection
0
server
cafe
etag
17989404999495141064
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Sep 2021 20:27:39 GMT
google-play.png
www.docspal.com/images/badges/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.docspal.com/images/badges/google-play.png
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.109.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.82.109.76.144.clients.your-server.de
Software
Apache /
Resource Hash
5c844391859be030b8cd4c8b279324c07ed6d91c5b51f4370bf8b0f344716215

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.docspal.com/viewer?id=-
Cookie
PHPSESSID=pl3vocom74hoeipgal857dogi0
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/viewer?id=-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:39 GMT
Last-Modified
Mon, 11 Feb 2019 14:49:12 GMT
Server
Apache
ETag
"ee4-5819f697a9fba"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3812
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5739
date
Wed, 22 Sep 2021 18:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 22 Sep 2021 20:52:00 GMT
like.php
www.facebook.com/plugins/ Frame 1450 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.docspal.com&locale=en_US&layout=button_count&show_faces=false&share=true&action=like&height=21&width=150
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=http%3A%2F%2Fwww.docspal.com&locale=en_US&layout=button_count&show_faces=false&share=true&action=like&height=21&width=150
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.docspal.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
zO7WKj3tOd59W4QJkO9NXlFXIFDSpEugOgXvfN0eK4pTpKOF5Sh7j4VAa8GdkwBqZ9oP/3AppIClNxSkhp+qEQ==
content-length
0
date
Wed, 22 Sep 2021 20:27:39 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
tweet_button.html
platform.twitter.com/widgets/ Frame A1AA 		58 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.html?_=1284635400577&count=horizontal&lang=en&text=Online%20File%20Viewer%20-%20DocsPal&url=http://www.docspal.com&via=docspal_com
Requested by
Host: www.docspal.com
URL: https://www.docspal.com/viewer?id=-
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
860bc56b818d4bd8e3117b9eff3425620598132f9e30c86f0e1b55d96177cd19

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.docspal.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
92
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Sep 2021 20:27:39 GMT
Etag
"6f3d35a164a3ebaf021ec4308b57f8b4+gzip"
Last-Modified
Mon, 02 Aug 2021 20:35:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669E)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
19265
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v25/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v25/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:57 GMT
x-content-type-options
nosniff
age
14142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:57 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v25/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:34:46 GMT
x-content-type-options
nosniff
age
13973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:34:46 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://www.docspal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
9286518
cdn-cachedat
2021-06-07 10:44:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66624
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
95a9ea83257c06f0c3dca93a6b074985
accept-ranges
bytes
cf-ray
692e467379715c44-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
truncated
/ Frame A1AA 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
jot
syndication.twitter.com/i/ Frame A1AA 		43 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22language%22%3A%22en%22%2C%22message%22%3A%22m%3A%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.docspal.com%2F%22%2C%22widget_frame%22%3A%7B%22ancestorOrigins%22%3A%7B%220%22%3A%22https%3A%2F%2Fwww.docspal.com%22%7D%2C%22href%22%3A%22https%3A%2F%2Fplatform.twitter.com%2Fwidgets%2Ftweet_button.html%3F_%3D1284635400577%26count%3Dhorizontal%26lang%3Den%26text%3DOnline%2520File%2520Viewer%2520-%2520DocsPal%26url%3Dhttp%3A%2F%2Fwww.docspal.com%26via%3Ddocspal_com%22%2C%22origin%22%3A%22https%3A%2F%2Fplatform.twitter.com%22%2C%22protocol%22%3A%22https%3A%22%2C%22host%22%3A%22platform.twitter.com%22%2C%22hostname%22%3A%22platform.twitter.com%22%2C%22port%22%3A%22%22%2C%22pathname%22%3A%22%2Fwidgets%2Ftweet_button.html%22%2C%22search%22%3A%22%3F_%3D1284635400577%26count%3Dhorizontal%26lang%3Den%26text%3DOnline%2520File%2520Viewer%2520-%2520DocsPal%26url%3Dhttp%3A%2F%2Fwww.docspal.com%26via%3Ddocspal_com%22%2C%22hash%22%3A%22%22%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1632342459463%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/tweet_button.html?_=1284635400577&count=horizontal&lang=en&text=Online%20File%20Viewer%20-%20DocsPal&url=http://www.docspal.com&via=docspal_com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 22 Sep 2021 20:27:39 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
165c48ee58c8551a0cc453319503c22a27a4ca1b739e0b093403645185b77cc1
x-transaction
eaf4d4b75ba2e87d
expires
Tue, 31 Mar 1981 05:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
64d2575d82b06557bac4a30aa5e21371b6b3a0a2537c7512811c44737690a378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95704
x-xss-protection
0
server
cafe
etag
6751367592089609831
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Sep 2021 20:27:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/ Frame 0340 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210921/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.docspal.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 22 Sep 2021 20:10:15 GMT
expires
Wed, 06 Oct 2021 20:10:15 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
1044
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=660013125&t=pageview&_s=1&dl=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&ul=en-us&de=UTF-8&dt=Online%20File%20Viewer%20-%20DocsPal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1596520256&gjid=337523673&cid=1373469401.1632342460&tid=UA-11724781-1&_gid=1415384109.1632342460&_r=1&_slc=1&z=127395114
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.docspal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.docspal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-11724781-1&cid=1373469401.1632342460&jid=1596520256&gjid=337523673&_gid=1415384109.1632342460&_u=IEBAAEAAAAAAAC~&z=1424525119
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.docspal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 22 Sep 2021 20:27:39 GMT
content-type
text/plain
access-control-allow-origin
https://www.docspal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		201 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.docspal.com&callback=_gfp_s_&client=ca-pub-4935391381679681
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ba84976b6d62b2086724bda5b09247d7566b524a5da5f8f82152e17bf175bae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.docspal.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 22 Sep 2021 20:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7CE0 		61 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
4844ef54264e1ca5bda4454e54f1a9ad0669087b157a8551c32b6b6f6a2451b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.docspal.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 22 Sep 2021 20:27:40 GMT
server
cafe
content-length
17836
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 22-Sep-2021 20:42:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 22 Sep 2021 20:27:40 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1632137829538267"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 22 Sep 2021 20:27:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EBC0 		430 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=2922153032&adk=3945733995&adf=911721441&pi=t.ma~as.2922153032&w=1140&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459490&bpp=1&bdt=236&idt=136&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=600x280&correlator=4403220150140&frm=20&pv=1&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Suh600GO5l&p=https%3A//www.docspal.com&dtd=138
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3c1d42c26f8daa9f66333428765f17f2828f1ad52825046afae232a09a43a913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=2922153032&adk=3945733995&adf=911721441&pi=t.ma~as.2922153032&w=1140&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459490&bpp=1&bdt=236&idt=136&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=600x280&correlator=4403220150140&frm=20&pv=1&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=230&ady=850&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Suh600GO5l&p=https%3A//www.docspal.com&dtd=138
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.docspal.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 22 Sep 2021 20:27:40 GMT
server
cafe
content-length
207
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 22-Sep-2021 20:42:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 22 Sep 2021 20:27:40 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0306 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&adk=1812271804&adf=3025194257&lmt=1632342459&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459502&bpp=1&bdt=248&idt=128&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=600x280%2C1140x280&nras=1&correlator=4403220150140&frm=20&pv=1&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=132
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4935391381679681&output=html&adk=1812271804&adf=3025194257&lmt=1632342459&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459502&bpp=1&bdt=248&idt=128&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=600x280%2C1140x280&nras=1&correlator=4403220150140&frm=20&pv=1&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=132
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.docspal.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 22 Sep 2021 20:27:39 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 22-Sep-2021 20:42:39 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 22 Sep 2021 20:27:39 GMT
cache-control
private
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/ Frame 7CE0 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Oct 2021 19:44:00 GMT
css
fonts.googleapis.com/ Frame 7CE0 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 19:27:18 GMT
server
ESF
date
Wed, 22 Sep 2021 20:27:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 20:27:40 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/ Frame 7CE0 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 11:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 22:21:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 11:30:46 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/ Frame 7CE0 		357 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
0aebcd38397f33a5e7c8d39dd1dcb0eb19618cd23cd430a535c9e8666542c815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 11:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126725
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 22:21:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 11:30:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 7CE0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Oct 2021 19:43:39 GMT
csi
csi.gstatic.com/ Frame 7CE0 		0
339 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ktvyjz6q&c=4684295886124&slotId=2342147943062&qqid=CP2R18O1k_MCFbwHBgAd8HAC0w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iad30s43-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 7CE0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
14160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 7CE0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
14157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CE0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CXB1eu5FLYb3IKLyPmLAP8OGJmA3XgsyEZbW1srKqDr6sqIKVKRABIPDumANgyQagAbywyrMByAEFqAMByAObBKoE1gFP0FCiqlssi_oh83X_Xc4vdoAxOuQdmDuJr3iR-njp3Eezr9hu4fAGtJgS4u9T41lMR64aBX6zqwjkmBQ3Z9AP13nti4BHh8Xit8Ml8oo-wh2e9hj-DvgLsZSfGDmheCN_-zGmUrm_5IGozyIlDtyfz-nOznlF0zZ4AQ8gjnqikQCL99daDn7XDEhvYDXJ16CbUCkEqfC7rqPUyLh0jGv3hXvZUze9ONPjGC0hMNuAjzPPfHPv1JOChnq9zPvnZBmFcQIFg7rvZVWZ97MXmxJpJPxytVj3wATFnoW80gPgBAOQBgGgBnaAB6zPtcwCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoByAsB4AsBgAwBsBOIgM0MyBP3_4neA9ATANgTCogU5gPYFAHQFQGAFwE&eventType=clickstring&clientTime=1632342460137&ai=CXB1eu5FLYb3IKLyPmLAP8OGJmA3XgsyEZbW1srKqDr6sqIKVKRABIPDumANgyQagAbywyrMByAEFqAMByAObBKoE1gFP0FCiqlssi_oh83X_Xc4vdoAxOuQdmDuJr3iR-njp3Eezr9hu4fAGtJgS4u9T41lMR64aBX6zqwjkmBQ3Z9AP13nti4BHh8Xit8Ml8oo-wh2e9hj-DvgLsZSfGDmheCN_-zGmUrm_5IGozyIlDtyfz-nOznlF0zZ4AQ8gjnqikQCL99daDn7XDEhvYDXJ16CbUCkEqfC7rqPUyLh0jGv3hXvZUze9ONPjGC0hMNuAjzPPfHPv1JOChnq9zPvnZBmFcQIFg7rvZVWZ97MXmxJpJPxytVj3wATFnoW80gPgBAOQBgGgBnaAB6zPtcwCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoByAsB4AsBgAwBsBOIgM0MyBP3_4neA9ATANgTCogU5gPYFAHQFQGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 7CE0 		27 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BTKAfBQXxjY3SkUuwoprVr7VHQ2yzo4d8V0-x4K-vIYj6prq0mvtpsPulCqP7Ay7sgXJ5OnE5wPNVPxy5xoYmpd4xSxw&cry=1&dbm_d=AKAmf-BfeZ7Dzbp2ELa0jd3XW08_WDPBPi-uk8P_FfiWsFweHfxVXbi_lkuBlqRTW0gLRCwBiWiIX1uhsmSki2b6coydp61TNn05gYb7_AMGjq1mnwx7UQgVL88Ogfyyyl1ruTRCjLOMbO4Jbw6x1016MSQYEeT_1xOiwVzvVx-yJE06pLbt2CEp_DjtmLLoeRK2JY7_RJ_AQjoexWHzAURLEVq_VuEJXKy5xbNYRy7K3jIG93RdK3sqLQCL2jcU225bvEFFBdafQy4Y5hg-vY4FlRIA3LNTUEMj7mMfiWXLPJBqN_DflSBi3PRnoxsVs6wZ8QvD1Is69JFz6DQdekgCvFPoRRuRwf_AW2iJsU-ADL_bX8g4bU0vSfQvL6eTQTlvfE9fePNMrK-iG8-qpkqEutlQKCuZrDRydK4rZ28lQi84J3c7AgnKiLh3cb1b8avJ8-JGy1d9RopOvxE11eTSh02eGnWmg_0CWsja1fSzNU_B6J0jpNf6NtJSTy6FYjOlOopzlMtPH4DWDsoi9WADZmpmQfk5sgih9R64MEJ-WEZ_f8aUmZ7ix0JwyOgklrrhpQMeYpO6MRhiJhWUNw338lZEklBx84oLrJ0W5IQLks1xYoT6t39ZZxCILaqy8XrB7zZSnndWkw9lEo4tlX_pBGv_u1XY42oFkJtcofrlvyNGegU5VrzHjhATP2a662UFWRzcGqdVjBepx7UxKvfuqVzBkVOmg4ayVAiboy1k39GlKX2edezeAo04k_ZpDmRgBW1XrYgn6uQBYSDwyk53Y5Glz7J5M9rLy6nF3l-jva73UpSH35w4NWSeAUNIO_SLxG1TUUYIN1-fGLYgVwXc4eE39Qn_6XglsTvN6-SeWlguf_4J3BiPUeOvGDsS4D1w4Nq2zLiPC2RagyXHqURUJNFiSTMkatauWOcu5VfGjMKwAkJSucf1RiyvQ0WeA-ayD3QaNBFpg3tdVQJYqh_sK8OAm8rbDHGC5gpOWHrLpHRUc_QKDclcpSANBKn8JDvKloyCwCxOlwt-aNupsQ8Oobtif2sBO5hHayHibBrXuO-_zTsv0xWqKTdU46k27KESqPgCEwEt7XgENvLe71jgqMtgwlHHWmmCB2y90I5vquljB6BtCOhvlwxAepJGqHgB2jeel9CFNcZs904kN4lPGHcXDB0Y1HCDnmNxRc4GZHE7Kv2vTmmGGpyPDmE808hk2fzwxE2esmmvzdyxgNOmFmtD0mOR-ugcg0348KndV-y_my4amrrh0KXAsGiY0_QS1aCNKJVshfv_EQgy9HtB1qfc5d6yViyMX_VDYbiDs_13njmrpSWBXKjVgpkE5UiP0Rx8gG7uNmF5gi-O6873rTdDpd9uDZ6kBMxlzxV88fOfx9TyRiK74KrrUAPyFocsYW5Izo2jO1uwSjI4F3sl_ZnXDmHRgEhcNu4rQEMFOUGsl0OfgCnWjvgyXxEuwKO8Mh2CoCRmnT4fiO1NLmtuUVUtqwP8RKDhG_BpIizWxbC7dRYBuJFCCoLWlkK6cRKqJf7ugeuUSP3pwppAMdV-fNZe0W4xLv45TNoWfubDvKqAW6zWKoqPpV4NjsToRfNO11rKzvXAnaS6Ms6HmPzdopmknlsDkqwRu4er3y1xf72mnSzaCfHuxJ4URcktZ2LoxG2D4TkL53yLqN38q_JZVsICLlX3a_7bAyM8HAHKmn_Sf0r0Civakesf-L0v9OA06FUxE2OGFzsNVljhujZNpHCqxKg3lczY3ePDdpTB6L6C055xEw6bcEBeiK5zyi6pUsM3vg--VowtnF6-ZbDoRUzvAwJ6kTJea9J24YDVS07w655OOkjWuvJlxMJCC3VWss_nHguagH5JlrhBXyvC79tYTssqfHrspB4lA32nx9JgszaQ8w3QwiuV2fLfr-jJ3MtQsOf7olD9gKtDaDAH4eBmQNqQqucoybBgAcNGPBpxQqhkipzxxRAJBRK95GvbHRMlEL9MtPDZrI-ie3ZIqfsxyX1TIKSVY0W7nxvFM_cWeczWEc4wKEJGmYs9X7RJURWEigiG5VOREpUGB-fR7xfbFrczPvTcONyEwl1EG_4v2XzH2Y1E631tM9vUkIwhCANUO-kEtjjDDCF8pWB16tTl9GYqVuCNXJqw3Apz189rLXx3r4iLGOCgcMo2TNPshUBOt51Li0nYZZvyniIvM9nePOWXPs1Yy47HwGhxtHhN10wyFyzhmmpzLy6YeJabfHMgOqbhcN7Jit3fm18dGvay94p54w6WhMN9YoYXQXay3Lr_JSkR2niT-FMkihukb2CDkJtHHd55jFEqzqQTroWMLeINNRuj-ngn3N7RwaFNfCrXVr9sjSv7gvVHGwZXquJhWpwNmDDfzQuIq1ZpIKC0QsOIxux0U5pthjI2ZVLXpfzeYh2Rt1cgW1aO2pm3ToNoYPo2UdNOjI0ctmTnQ9PB-GOiFzR7jZaXmSHxBA4rVF-N9gzqKjZG2e6e8OtfAqaiatSEd2saga4x2fU5sxXgxXio64rZ0vewx8hpuwMPvKa7VZ0i-uIglPIY88s-zyy96o7c4BziQE-Csb5bhjufO0Z4-s7TRmD_0fQZkBc8lfVmSYTGsz-dKkH2LtN6RXQ8N6kYhxG9xzxnY57OwLincqg5Mb2EeSj1U7c6-JgCOxBaB05NTDq4kO8oCyvUHa4Lkbiia3e0A8Wuhh_yEkZ2ZxATfRsw1zM7am_PA3YPUsdHWYULIjsJ242uWGFxS9iSw4YtMUKdRp3uQYSVd2CKLlnixff8U4EbT1QRMiA_6e-r90CtXCtR7uJQxr4dqDnwtlgRVPRNBPMOVUYgUcVY6deCHC_Y5RFmdPvaLW4t39pCUS31zh1IfvojTy1XCcmnt0m8pKytxhHbB0mNxD47dearxU-5url2O1LBl_DcoluU7buP4niY5FqvigXcEntcVOtWoC6aDp-gMf6JiLAngu4gxKtQ4B4s2-Af-HxhcPhUlvEcd44SXQdOJofqNzw5rfiYNAnLvxUwooq77mvBszFWlQ&cid=CAASBORou14&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
cafe /
Resource Hash
0d7714542fde3ce30719d98ee4ad8371f59667f4b4de4f78d67e8c4b2b2b60d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13620
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7CE0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cazvfu5FLYb3IKLyPmLAP8OGJmA3XgsyEZbW1srKqDr6sqIKVKRABIPDumANgyQagAbywyrMByAEFqAMByAObBKoE0wFP0FCiqlssi_oh83X_Xc4vdoAxOuQdmDuJr3iR-njp3Eezr9hu4fAGtJgS4u9T41lMR64aBX6zqwjkmBQ3Z9AP13nti4BHh8Xit8Ml8oo-wh2e9hj-DvgLsZSfGDmheCN_-zGmUrm_5IGozyIlDtyfz-nOznlF0zZ4AQ8gjnqikQCL99daDn7XDEhvYDXJ16CbUCkEqfC7rqPUyLh0jGv3hXvZUze9ONPjGC0hMNuAjzPPfHPv1JPah-BIX2mH9rEo9DinBtE-2nxJSLbEPym6qJRowATFnoW80gPgBAOIBb6PgJY2kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAesz7XMAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwoQgdQNGIa8kbQB0ggHCIBhEAEYH4AKAcgLAbATiIDNDMgT9_-J3gPQEwDYEwqIFOYD2BQB0BUBgBcBshccChoIABIUcHViLTQ5MzUzOTEzODE2Nzk2ODEYAA&sigh=wnubZ1IH0UM&cid=CAQSGwCNIrLMYyMRhyRNJRGCVcHER7f7YcX7N95A7Q&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 22 Sep 2021 20:27:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 22 Sep 2021 20:27:40 GMT
truncated
/ Frame 7CE0 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6df7783f565f2d27764356cc70fdbac55188ccd734e2d98a908ea209f3c0914

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ee7591147d6d564a0bdc683fa1d63f03d8dbb45b6f7a8aaf45f2abd97fa4cba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 22 Sep 2021 20:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8559
x-xss-protection
0
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 7CE0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 07:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 19 Sep 2022 07:23:42 GMT
file.webm
r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 7CE0
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84F477FE642996FC72608C6738EB562B9422A684.043EA0640AA8119665856AD2AA606372ADEEF545/key/cms1/cms_redirect/yes/mh/TL/mip/216.131.114.115/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1632341328/mv/m/mvi/5/pl/24/file/file.webm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.194.182.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s33-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 20:27:40 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1901923
Last-Modified
Fri, 10 Sep 2021 14:49:47 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 22 Sep 2021 20:27:40 GMT

Redirect headers

date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
645
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84F477FE642996FC72608C6738EB562B9422A684.043EA0640AA8119665856AD2AA606372ADEEF545/key/cms1/cms_redirect/yes/mh/TL/mip/216.131.114.115/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1632341328/mv/m/mvi/5/pl/24/file/file.webm
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7CE0 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ktvyjz6z&c=4684295886124&slotId=2342147943062&qqid=CP2R18O1k_MCFbwHBgAd8HAC0w&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=832&mt=video%2Fwebm&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=43&vsrc=web_video_ads&ple=1&ape=1&met.4=videopreviewvisible.ha
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iad30s43-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 22 Sep 2021 20:27:40 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 0F9A 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Wed, 22 Sep 2021 09:07:14 GMT
expires
Thu, 22 Sep 2022 09:07:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
40826
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js
pagead2.googlesyndication.com/bg/ Frame 0F9A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:47:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
88802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13338
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 21 Sep 2022 19:47:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F9A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BzaNpvJFLYe_WC8m1-wamiK_wDwAAAAA4AeAEAg&bg=!sbKlsvbNAAZNQyuQTUM7ACkAdvg8WssmEbvrBr_gMSFz7dLO_wMB5cNZg3bmuBYBxkZMch7D4rqHmQIAAABKUgAAAAtoAQcKANkkk6QG2NMlJ8HSDFAiHnx6jdHXW5wlOKAyKp_Hm0XFq3FmmPjf5OaQDnJRGL9ysa2wrxg4Y4oMD73v8tGgtA_BdF13qk70HPQc6EE_bdInFh_fnip_A8N6WQ-5HG41umvISHHbjUltfL8Jo-ruleuxrlJXbXXmXnEC7M_XgS1MqC7ytq_5Ru3SBUzgRDR9j-vkhHvqk1BhFRVy2bSYZreqLTEu_Q5vnt2WKn8i4VtffHrlVfZZCRoAuxbtc_maRt8G9hE2DppupjbWifW0490GIOXEgnFu8bqMmQKzeIrVsNTN3R0XnWQWwlHVyk4fy7NdEghH8z2t8t0i4pTaHR3i7z_49jSrG-LQ5w3p5ZnlK0IaTQjoBaa8VXABU9lYRDXc2ZXm4tfsLPycIg2vLW1_OWzE3yAdudKMbA0dATQwO7WcuWezrmGa_uDZNbd1UHAG2qGorCIbYm9C6pfcxZG4xJ8BWE5syTiejtJY8LC5vg4_dZVxeBUv7kM2WwB-vvCrrHSsWSY-v07IUrr__Jsp9Pkk_ubdLbexns0M7wSzGbOJZ_A-zGWS0KhWnSPQnueWYqmmmnvBHvtwuUDjKN_aJgA7ch9FWmhKDAh4ehEhDLbOyCUvAudWac9vGEEzoXo-AUf54FXjdTRo2paw_gquASx2RIyNUcTmsfsQaXYOGVjkAXhltZHx_BjHKJFR1tI4h84kseUKxasAc1Gc5d3GAIZ1TAolmx2g9Nh_NpE7N4s96Y7EKhJQoPHt0BZ_djcte5-xR0_7EmBh-ed5qI0PaPgMSVDw8WmMmN1XTLqm-kzuJ6UBre6fSICNHHIizjTjQXt0Qkl8SyUJJEJ09kQjGsxP3naktEVwHCSdjlcDaV4M-8TqnL5vTcx8fCKj7k2ufn-fIzaL_V_imawR9QRR9UyYXhY-MhTn3lI7W5EmJazCdTjR8yvkQ9Q90xgT4_Xz_DWjZwVyGHHc63z30Z51hj0H3oO9hc-TRq0k_nFxNLGF_6bLlRtNS4jf7astciGpOEtINGeUSIu5yGhloFBOKtQI52qzYuFG_V_3yruaAAiVsptybptqsEChK4GiYYadZFXKDSVpdeh00YijIKBlnzLOXW5YPM7QAzkMhPzE3gUJhubStEIz1wUK1y9pEMzduK7w1eQJJgVHWR_Vn-LAqoKEVY4eKCVVwd-Vj9Hy_rOgA3lk9TcA8HvcTSHz8A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7CE0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ktvyjz9s&c=4684295886124&slotId=2342147943062&qqid=CP2R18O1k_MCFbwHBgAd8HAC0w&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=832&mt=video%2Fwebm&vs=640x360&umsem=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F31a0b9674d0e19f3%252Fitag%252F43%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1663878460%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252FBBF3CAFB7729112080BC18E89664D9F5FCDE399E.A83257EF5D9EC97A95CF0825B2447EE720E703CA%252Fkey%252Fck2%252Ffile%252Ffile.webm&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iad30s43-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.webm
r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 7CE0 		342 KB
342 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84F477FE642996FC72608C6738EB562B9422A684.043EA0640AA8119665856AD2AA606372ADEEF545/key/cms1/cms_redirect/yes/mh/TL/mip/216.131.114.115/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1632341328/mv/m/mvi/5/pl/24/file/file.webm?range=0-349999
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.182.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s33-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
5cab2566a63e04f6c2892797d50e6460da4e5237916d7bdc5bb0a9fdf39ef6aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
350000
client-protocol
quic
last-modified
Fri, 10 Sep 2021 14:49:47 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Wed, 22 Sep 2021 20:27:40 GMT
dc_oe=ChMI76T3w7WT8wIVydreCh0mxAv-EAAYACCLipdLOhoIiZnizAIQxZ6FvNIDGPf_id4DILW1srKqDkITCP2R18O1k_MCFbwHBgAd8HAC0w;dc_rmcid=CAASBORou14;eps=CIBhEAEYHw;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D0%26na...
ade.googlesyndication.com/ddm/activity/ Frame 7CE0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI76T3w7WT8wIVydreCh0mxAv-EAAYACCLipdLOhoIiZnizAIQxZ6FvNIDGPf_id4DILW1srKqDkITCP2R18O1k_MCFbwHBgAd8HAC0w;dc_rmcid=CAASBORou14;eps=CIBhEAEYHw;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15025%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D181768971%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632342460504;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7CE0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXB1eu5FLYb3IKLyPmLAP8OGJmA3XgsyEZbW1srKqDr6sqIKVKRABIPDumANgyQagAbywyrMByAEFqAMByAObBKoE1gFP0FCiqlssi_oh83X_Xc4vdoAxOuQdmDuJr3iR-njp3Eezr9hu4fAGtJgS4u9T41lMR64aBX6zqwjkmBQ3Z9AP13nti4BHh8Xit8Ml8oo-wh2e9hj-DvgLsZSfGDmheCN_-zGmUrm_5IGozyIlDtyfz-nOznlF0zZ4AQ8gjnqikQCL99daDn7XDEhvYDXJ16CbUCkEqfC7rqPUyLh0jGv3hXvZUze9ONPjGC0hMNuAjzPPfHPv1JOChnq9zPvnZBmFcQIFg7rvZVWZ97MXmxJpJPxytVj3wATFnoW80gPgBAOQBgGgBnaAB6zPtcwCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoByAsB4AsBgAwBsBOIgM0MyBP3_4neA9ATANgTCogU5gPYFAHQFQGAFwE&sigh=9y9V1lmIq9A&label=part2viewed&ad_mt=5&acvw=sv%3D20210908%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15025%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D181768971%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632342460504
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7CE0 		0
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZs5MkURUaTpgwedF1qbhdr9RgeQxA588Wh5qkbFpezk5u2rt3WefaqWwRML2vT-EPkNyliqJrcXzE8PqwpkpKjhkHAZqTEb6QpEgBjbOmgGXEw27f-ba_xXSdcZzY_w1bEjO4rNxPnXllKMEQiBc_20RUdtU7Mm82j6n3d4YKXBZPXPI2i-zlRgvBfGizNrsr0t3axkpk5iI5ejVQyiPvFpFq0v4AjJd5zxzAGoAvejIAxsM0NO9hUxopMfGndv-mL-GjzhH2Xg1tb9HWgEiJ_mWY0OsCfJQRq4bBj13ncDEAMizlGV_ZckB8gLCuP0xd8NOtuaRMKRd_P7OFsL62-f2FDpEarX1OJCQWnio3sQX0jCxg5DG0UtW6sdQd4OCRKQInrmfCVoZybamGPR40uXiS7nLkS4xWSs13hy1Pc-bZ_MGGOSJ_iM8cXpsuLW-sgWe9nCJEG9WRZ3z8uyLJYsf3P6vg8KFezwrSl1fbW7AlKqzhVrewiW0X7t9RmCbdwfZ5GpBkY0VOaDwKmjIT0_pLSkYoRp-E703FKMwyP2_Zgbz-u67HbhOPHQupXIvVD2BXItU_r2A9kECgrFZDOzIb2yINDTfpgYE7Ff_aq1N-DlioHQ5rbBjQMr1XL-L58txzgjnWoErzi5-VtU_MLvXWk3SG6V4VJXlSPn-v6wqIj23Gtp7NjWDz3VdfE0Ti1BK3lK-A8kaBusIxPFnUOjGjJkpXPQEMyB2on6UGly6dG1c62BKuEjtiuZfRkJObTvvEIVEgyxqN92VuDvkXCOeLbKqASXvVMWWzovHjFJ8uPw-aaWLVlMiPP3gRldVduL3y6mLfDqXAcyBB9VfzbN4HdNeW5iN9MK-hq4b651UhHH8SL4R4dPLSImyR39rvgmtiA0M297Sjp7lS-UR-Yp4pr6I8xLEqwCxrsMKVwM7mJ5zp1vfEn3g5Tz96Q2jJH4zNvOIGPGs79g7Hkn27_bKFxoiLTz-tVirULg6auzYf9bhAyS3215_1_YYCSbTN85c5DXmAYMtmxczMWnHWHgPNWViPeZT1tVSKsx_cU9GcnA&sai=AMfl-YSaXXMhIxW8a-JqfVJK3rHN0G9eZWAsbR-lLfBiB5nyGcR7itMBwS4eDcsHk6gmkWp0SPS2yAh1xNOk-tqBB3oXjzUcmUuS5lsoof6XdVVj0TiKjjhbQE_qUiovfQW2qb9h&sig=Cg0ArKJSzGutO6-sueLpEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 22 Sep 2021 20:27:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rum
dsum-sec.casalemedia.com/ Frame 7CE0
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CKPcmAIQiZnizAIYhryRtAEgATAB&v=APEucNUGBDroGdShVO5hsIpsxVbHwXWag4ur9kF1qUUFXRmGmojia42xIAAwc191oC_LVUgnB9cj_anB6giWPQ7jiCERO3RW2w
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUuRveF3CTIlzSa3WTbKXAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.105.231.167 Atlanta, United States, ASN6453 (AS6453, US),
Reverse DNS
a104-105-231-167.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 20:27:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 22 Sep 2021 20:27:42 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CE0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI76T3w7WT8wIVydreCh0mxAv-EAAYACCLipdLOhoIiZnizAIQxZ6FvNIDGPf_id4DILW1srKqDkITCP2R18O1k_MCFbwHBgAd8HAC0w;dc_rmcid=CAASBORou14;eps=CIBhEAEYHw;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D15%26n...
ade.googlesyndication.com/ddm/activity/ Frame 7CE0 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI76T3w7WT8wIVydreCh0mxAv-EAAYACCLipdLOhoIiZnizAIQxZ6FvNIDGPf_id4DILW1srKqDkITCP2R18O1k_MCFbwHBgAd8HAC0w;dc_rmcid=CAASBORou14;eps=CIBhEAEYHw;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15025%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D181768971%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632342460504;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7CE0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvB_CBomwI5eFD3jbnnR4rzoumREz2PXP7_yUDVI4RPHW671talTIP7kH-814aGKDeLrzRtvVfd1GvmQWoxnKk0VtyvLFGeWfLE1q9TUwu0VMOSTHs&sai=AMfl-YShFFI7jeWzqR97FAQElk_4AnmKRdmFdDOE71oZz_ymc0yBfdYyRpAvaayUfNsCXJ320qD3cujQcgmV&sig=Cg0ArKJSzBYuhEiTbAJNEAE&cid=CAASBORou14&id=lidarv&acvw=sv%3D20210908%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15025%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D181768971%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632342460504&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7CE0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXB1eu5FLYb3IKLyPmLAP8OGJmA3XgsyEZbW1srKqDr6sqIKVKRABIPDumANgyQagAbywyrMByAEFqAMByAObBKoE1gFP0FCiqlssi_oh83X_Xc4vdoAxOuQdmDuJr3iR-njp3Eezr9hu4fAGtJgS4u9T41lMR64aBX6zqwjkmBQ3Z9AP13nti4BHh8Xit8Ml8oo-wh2e9hj-DvgLsZSfGDmheCN_-zGmUrm_5IGozyIlDtyfz-nOznlF0zZ4AQ8gjnqikQCL99daDn7XDEhvYDXJ16CbUCkEqfC7rqPUyLh0jGv3hXvZUze9ONPjGC0hMNuAjzPPfHPv1JOChnq9zPvnZBmFcQIFg7rvZVWZ97MXmxJpJPxytVj3wATFnoW80gPgBAOQBgGgBnaAB6zPtcwCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoByAsB4AsBgAwBsBOIgM0MyBP3_4neA9ATANgTCogU5gPYFAHQFQGAFwE&sigh=9y9V1lmIq9A&label=vast_creativeview&ad_mt=5&acvw=sv%3D20210908%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15025%26vmtime%3D4%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D181768971%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1632342460504
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7CE0 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ktvyjzfi&c=4684295886124&slotId=2342147943062&qqid=CP2R18O1k_MCFbwHBgAd8HAC0w&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=832&mt=video%2Fwebm&vs=640x360&dm=15000&event_name=first_play&asset_bytes=216346&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=msms_oso.n2~lvlcl.ob~videopreviewstarted.p3&msms_mime0=video%2Fwebm%3B%20codecs%3D%22vp8%2C%20vorbis%22&msms_cs0=350000&msms_ns=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iad30s43-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1F7E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.docspal.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 22 Sep 2021 18:21:47 GMT
expires
Thu, 22 Sep 2022 18:21:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CE47 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
92fa18fd6e4818fcce51024696d30ed870a1a34dea13eb99ad95800ea7c58809
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ebZKDUejmjc640hNCcnwNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.docspal.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 22 Sep 2021 20:27:40 GMT
date
Wed, 22 Sep 2021 20:27:40 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ebZKDUejmjc640hNCcnwNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js
pagead2.googlesyndication.com/bg/ Frame 1F7E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:47:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
88802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13338
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 21 Sep 2022 19:47:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CE47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210921&jk=1602766978417665&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
file.webm
r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 7CE0 		342 KB
342 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84F477FE642996FC72608C6738EB562B9422A684.043EA0640AA8119665856AD2AA606372ADEEF545/key/cms1/cms_redirect/yes/mh/TL/mip/216.131.114.115/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1632341328/mv/m/mvi/5/pl/24/file/file.webm?range=350000-699999
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.182.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s33-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
40cfc83c7a6482f371590842fdaea7143c4b955cf2d0092e3a1ff27f986593a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
350000
client-protocol
quic
last-modified
Fri, 10 Sep 2021 14:49:47 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Wed, 22 Sep 2021 20:27:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210921&jk=1602766978417665&bg=!l5SllNDNAAZNQyuQTUM7ACkAdvg8WpT74itXOAL9SrfUnH-u6p2TzEEiWvvZkO4mDO2W3PbeoQf7ygIAAACEUgAAAAloAQcKAGJcImU1CKdfMiZtJ1mxej7VihGoQAcy7OKeaOG4zL5bP4BI5iSXyan29ICASLM6ClZphCQXggYDhNDxE9M5XYZcOeCYUuUhxmUqx558iXVRMDDr6zgphkryzDXGnVh6LaMI75kCePKFClq5VBoWgZBF7IHf2bfoq9JZrVg9r5nw6dxbbwN-XhIIIkMwe1Dmy9XT2COoq5D4q2OWFuQq9Xcf6A9J475vl94fYrYdbhGs9u8aVcH4Dmv5lStzOoMt1lOCMpl7LswZARtVtCcG3afN_EsB7BSo4zwcBnTII3suAGCixc2mfw26VO3bHnSVFtxl6Gy3jG44G53opuv3gdTB_ZQtdFZcDP1wHLKkUalFvenCv1J9rdgDiV-w8EtZKQFuLtq5iXpkuqErefBdM4pSvcV7DPUS6YCTtgs0HOUuhnrXdB8_9Df39obJhV7RJqHgi6TiOue1N4oXHEfuDxJ3aI5CZmvCWSU1yxoYmodX2PodDTUfA2C4AakyKfimBwOOuV-rXh9B9_FTKR5uBIeMo19lkDQ_pGGbNlSaHA5Bul1TaXgLtui5F1aKrAJZl_NplhxbDp-qgj8oZAFovG9UhrmI8BXABoZtWWZPVj4_GhGu89nrZoX5-m76JObP-ubzwl1RujxVHoGB-kcYe2fKrv1QVCuscsm1UaxnCU1Et2C1JVoHd5Jp_1ORC1T8Pl4NkjuVuJh2Nl-gyF77VEZ_ufdEzkddt1fCRpR_3bQKEG8FDHOdhsPOfm8dtwKtaFBARvRpVpmJTZb-bsYial1lNfwlD51jchSXp-fjzBGlzm0V-LNgFf74vR6Hz535Iy_AIr_BSdhRXdYtwQdSuVKAzjM35df8pXI_oxHXWST73E1CxZBgPrCMntSgFmhTckenSKiZwb1tEddDQXVxDbYYwa4N_ntzdaBm630I_CFgh5ilyr3NcRE4xMTAs9far8EQarW5SKvL71CPa_GR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.docspal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
file.webm
r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 7CE0 		342 KB
342 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84F477FE642996FC72608C6738EB562B9422A684.043EA0640AA8119665856AD2AA606372ADEEF545/key/cms1/cms_redirect/yes/mh/TL/mip/216.131.114.115/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1632341328/mv/m/mvi/5/pl/24/file/file.webm?range=700000-1049999
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.182.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s33-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
40613182624bae7c399c59de3e2415d5d707a89d2574a03b19ca14698590b8a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
350000
client-protocol
quic
last-modified
Fri, 10 Sep 2021 14:49:47 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Wed, 22 Sep 2021 20:27:40 GMT
file.webm
r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 7CE0 		342 KB
342 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84F477FE642996FC72608C6738EB562B9422A684.043EA0640AA8119665856AD2AA606372ADEEF545/key/cms1/cms_redirect/yes/mh/TL/mip/216.131.114.115/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1632341328/mv/m/mvi/5/pl/24/file/file.webm?range=1050000-1399999
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.182.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s33-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
c2ebbd3ad551ba37ef69ea48e0213a0e39590590a1e47ee405982780cb90b573
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:41 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
350000
client-protocol
quic
last-modified
Fri, 10 Sep 2021 14:49:47 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Wed, 22 Sep 2021 20:27:41 GMT
csi
csi.gstatic.com/ Frame 7CE0 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ktvyjzhl&c=4684295886124&slotId=2342147943062&qqid=CP2R18O1k_MCFbwHBgAd8HAC0w&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=832&mt=video%2Fwebm&vs=640x360&dm=15000&met.4=lvlcl.vx~lvlcl.12n~lvlcl.19l
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
iad30s43-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.webm
r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 7CE0 		342 KB
342 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84F477FE642996FC72608C6738EB562B9422A684.043EA0640AA8119665856AD2AA606372ADEEF545/key/cms1/cms_redirect/yes/mh/TL/mip/216.131.114.115/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1632341328/mv/m/mvi/5/pl/24/file/file.webm?range=1400000-1749999
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.182.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s33-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
d1198db43a849793aa84ab06d41246b97e223b7addc40d011547a4e363f9798e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:41 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
350000
client-protocol
quic
last-modified
Fri, 10 Sep 2021 14:49:47 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Wed, 22 Sep 2021 20:27:41 GMT
file.webm
r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 7CE0 		148 KB
148 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5e6nss.c.2mdn.net/videoplayback/id/31a0b9674d0e19f3/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663878460/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/84F477FE642996FC72608C6738EB562B9422A684.043EA0640AA8119665856AD2AA606372ADEEF545/key/cms1/cms_redirect/yes/mh/TL/mip/216.131.114.115/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1632341328/mv/m/mvi/5/pl/24/file/file.webm?range=1750000-2099999
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.182.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s33-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
cd63fe9c1d901829f16a9569cc4a8aefde6f3e229271a140ddfbfd8edf3f0c41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:27:41 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151923
client-protocol
quic
last-modified
Fri, 10 Sep 2021 14:49:47 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Wed, 22 Sep 2021 20:27:41 GMT
dc_oe=ChMI76T3w7WT8wIVydreCh0mxAv-EAAYACCLipdLOhoIiZnizAIQxZ6FvNIDGPf_id4DILW1srKqDkITCP2R18O1k_MCFbwHBgAd8HAC0w;dc_rmcid=CAASBORou14;eps=CIBhEAEYHw;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D9%26na...
ade.googlesyndication.com/ddm/activity/ Frame 7CE0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI76T3w7WT8wIVydreCh0mxAv-EAAYACCLipdLOhoIiZnizAIQxZ6FvNIDGPf_id4DILW1srKqDkITCP2R18O1k_MCFbwHBgAd8HAC0w;dc_rmcid=CAASBORou14;eps=CIBhEAEYHw;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,53,279,547%26tos%3D2001,0,0,0,0%26mtos%3D2001,2001,2001,2001,2001%26amtos%3D0,0,0,0,0%26mcvt%3D2001%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2170%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D1%26dur%3D15026%26vmtime%3D2179%26dtos%3D2001%26dtoss%3D1%26dvs%3D2001%26dfvs%3D2001%26dvpt%3D2170%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D181768971%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2001;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1632342460504;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7CE0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvB_CBomwI5eFD3jbnnR4rzoumREz2PXP7_yUDVI4RPHW671talTIP7kH-814aGKDeLrzRtvVfd1GvmQWoxnKk0VtyvLFGeWfLE1q9TUwu0VMOSTHs&sai=AMfl-YShFFI7jeWzqR97FAQElk_4AnmKRdmFdDOE71oZz_ymc0yBfdYyRpAvaayUfNsCXJ320qD3cujQcgmV&sig=Cg0ArKJSzBYuhEiTbAJNEAE&cid=CAASBORou14&id=lidarv&acvw=sv%3D20210908%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,53,279,547%26tos%3D2001,0,0,0,0%26mtos%3D2001,2001,2001,2001,2001%26amtos%3D0,0,0,0,0%26mcvt%3D2001%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2170%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D1%26dur%3D15026%26vmtime%3D2179%26dtos%3D2001%26dtoss%3D1%26dvs%3D2001%26dfvs%3D2001%26dvpt%3D2170%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D181768971%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2001&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1632342460504
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI76T3w7WT8wIVydreCh0mxAv-EAAYACCLipdLOhoIiZnizAIQxZ6FvNIDGPf_id4DILW1srKqDkITCP2R18O1k_MCFbwHBgAd8HAC0w;dc_rmcid=CAASBORou14;eps=CIBhEAEYHw;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D1%26na...
ade.googlesyndication.com/ddm/activity/ Frame 7CE0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI76T3w7WT8wIVydreCh0mxAv-EAAYACCLipdLOhoIiZnizAIQxZ6FvNIDGPf_id4DILW1srKqDkITCP2R18O1k_MCFbwHBgAd8HAC0w;dc_rmcid=CAASBORou14;eps=CIBhEAEYHw;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,53,279,547%26tos%3D3772,0,0,0,0%26mtos%3D3772,3772,3772,3772,3772%26amtos%3D0,0,0,0,0%26mcvt%3D3772%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3941%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D48%26pst%3D1%26dur%3D15026%26vmtime%3D3953%26dtos%3D1771%26dtoss%3D2%26dvs%3D1771%26dfvs%3D1771%26dvpt%3D1771%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3772,3772,3772,3772,3772%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D181768971%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3772;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1632342460504;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7CE0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CXB1eu5FLYb3IKLyPmLAP8OGJmA3XgsyEZbW1srKqDr6sqIKVKRABIPDumANgyQagAbywyrMByAEFqAMByAObBKoE1gFP0FCiqlssi_oh83X_Xc4vdoAxOuQdmDuJr3iR-njp3Eezr9hu4fAGtJgS4u9T41lMR64aBX6zqwjkmBQ3Z9AP13nti4BHh8Xit8Ml8oo-wh2e9hj-DvgLsZSfGDmheCN_-zGmUrm_5IGozyIlDtyfz-nOznlF0zZ4AQ8gjnqikQCL99daDn7XDEhvYDXJ16CbUCkEqfC7rqPUyLh0jGv3hXvZUze9ONPjGC0hMNuAjzPPfHPv1JOChnq9zPvnZBmFcQIFg7rvZVWZ97MXmxJpJPxytVj3wATFnoW80gPgBAOQBgGgBnaAB6zPtcwCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgGEQARgfgAoByAsB4AsBgAwBsBOIgM0MyBP3_4neA9ATANgTCogU5gPYFAHQFQGAFwE&sigh=9y9V1lmIq9A&label=videoplaytime25&ad_mt=3953&acvw=sv%3D20210908%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,53,279,547%26tos%3D3772,0,0,0,0%26mtos%3D3772,3772,3772,3772,3772%26amtos%3D0,0,0,0,0%26mcvt%3D3772%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3941%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D48%26pst%3D1%26dur%3D15026%26vmtime%3D3953%26dtos%3D1771%26dtoss%3D2%26dvs%3D1771%26dfvs%3D1771%26dvpt%3D1771%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3772,3772,3772,3772,3772%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D181768971%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3772&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1632342460504
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4935391381679681&output=html&h=280&slotname=4398886239&adk=567909160&adf=2122034364&pi=t.ma~as.4398886239&w=600&fwrn=4&fwrnh=100&lmt=1632342459&rafmt=1&psa=0&format=600x280&url=https%3A%2F%2Fwww.docspal.com%2Fviewer%3Fid%3D-&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632342459483&bpp=7&bdt=229&idt=121&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=4403220150140&frm=20&pv=2&ga_vid=1373469401.1632342460&ga_sid=1632342460&ga_hid=660013125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=500&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062423%2C31062524&oid=3&pvsid=1602766978417665&pem=810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZhDqF5KP0&p=https%3A//www.docspal.com&dtd=134
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 20:27:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster object| I18N function| $ function| jQuery function| MakeRequest function| AbortLastRequest function| IsValidEmail function| IsValidUrl function| ToFixedNumber function| FormatFileSize function| GetInputFileSize function| AlertUnsupportedFormatType function| renderModalTemplate function| ShowNotificationMessage function| bindDragAndDropEvents function| GetCookieOptions function| SetCookieValue function| SetCurrentLanguage function| BuildPhrase object| LastRequest function| ProgressBar object| TRANSFER_TYPES function| FileTransferTask function| SwfUploadWrapper object| destinationType object| tempUnavailable object| fileTypeByExtention object| presets object| defaultOutputType object| fileSizeLimits object| ConversionTypes function| DP_jQuery_1632342459383 object| Forms function| InitViewerToolbar function| Viewer object| dp object| VIEWER object| JOB_STATUS object| filetypeOptions function| SetLanguageAndRedirect function| GetLangPageUrl string| GoogleAnalyticsObject function| ga object| adsbygoogle string| VIEWER_URL object| jQuery191032233023704366803 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
www.docspal.com/ Name: PHPSESSID
Value: pl3vocom74hoeipgal857dogi0
.docspal.com/ Name: _ga
Value: GA1.2.1373469401.1632342460
.docspal.com/ Name: _gid
Value: GA1.2.1415384109.1632342460
.docspal.com/ Name: _gat
Value: 1
.docspal.com/ Name: __gads
Value: ID=3e0b6f5ff85ead2d-22785d8f48c90038:T=1632342459:RT=1632342459:S=ALNI_MbdDBfPk_y-KNjo-NmaCwFzkDW-pw
.doubleclick.net/ Name: IDE
Value: AHWqTUmC1O0kTVGYVmh2HLubX33Umpekadfpa7tHJb3glUDKT_ZKcncgEZlIN3GLNME
.casalemedia.com/ Name: CMID
Value: YUuRveF3CTIlzSa3WTbKXAAA
.casalemedia.com/ Name: CMPS
Value: 3166
.casalemedia.com/ Name: CMPRO
Value: 1144
.casalemedia.com/ Name: CMST
Value: YUuRvWFLkb0A
.casalemedia.com/ Name: CMRUM3
Value: 2d614b91bd2760

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
ajax.googleapis.com
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
r5---sn-4g5e6nss.c.2mdn.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.docspal.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.105.231.167
104.18.10.207
104.244.42.8
142.250.181.226
142.250.184.194
142.250.185.132
142.250.185.163
142.250.185.170
142.250.185.66
142.250.185.74
142.250.185.98
142.250.186.129
142.250.186.142
142.250.186.162
142.250.186.170
142.250.186.78
142.250.186.98
142.250.81.195
144.76.109.82
157.240.236.35
173.194.182.202
74.125.206.157
93.184.220.66
01520616156712ea999b19c7d0627acb4852e46824996cbaf918840edd9db9f3
035bf4204feef95575a2bb2f1dece253a6d43841fe3fe83db3df45be4858264b
052ad869a53a63a4dcc5cc365055adfd5f212ddf3c7953d8dd456b35047d3a53
0aebcd38397f33a5e7c8d39dd1dcb0eb19618cd23cd430a535c9e8666542c815
0d7714542fde3ce30719d98ee4ad8371f59667f4b4de4f78d67e8c4b2b2b60d9
0ddd3dc005842bd02b0bba0fa65951f4b64714504c887af0dfcbd97f390325c4
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6
3819d0f413bafa599b42d39cb7aeb3f8eadd40c96f606e1b97ebf46d63e20e0a
3c1d42c26f8daa9f66333428765f17f2828f1ad52825046afae232a09a43a913
40613182624bae7c399c59de3e2415d5d707a89d2574a03b19ca14698590b8a5
40cfc83c7a6482f371590842fdaea7143c4b955cf2d0092e3a1ff27f986593a0
4844ef54264e1ca5bda4454e54f1a9ad0669087b157a8551c32b6b6f6a2451b9
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
56f000a686b26e0539d95f395600fa5f80b33005f6f916d9311115d1aa39a946
59ea86b053315ede37d19a6d7a9513ca811a58e3c575ed2ba56db0e04c12df27
5c844391859be030b8cd4c8b279324c07ed6d91c5b51f4370bf8b0f344716215
5cab2566a63e04f6c2892797d50e6460da4e5237916d7bdc5bb0a9fdf39ef6aa
64d2575d82b06557bac4a30aa5e21371b6b3a0a2537c7512811c44737690a378
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e8a0725ff32b36f48465864ada4d77813d5ff814e7746120bacf18cde1004ed
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
7f1551f90ab3ca65e29db51c05ec8bcb16750deb40ace91e62573dadb9eac7eb
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
860bc56b818d4bd8e3117b9eff3425620598132f9e30c86f0e1b55d96177cd19
92fa18fd6e4818fcce51024696d30ed870a1a34dea13eb99ad95800ea7c58809
9b23fc7b74a8dace47d13aa1bd952aabd7caae7481f6f922144d837fa7f2b5ee
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa461af97f5d18a6985883f19b84893bc978d480bb937dfdf24bb9510a48a552
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae6432a9076b57e826d1f5e28f76b5fbc266596d3a72f5273c7c7faf734f65c1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43a0d3b5d5c67aae170079548f9e1ba854cf36ce2c9504bf9c26dbd36e3f30b
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
b77cec4c2fad9815a183f71a57c725a745bf1065e4773e0b6941996e0e65d971
b9ab2d75248033446778c77da217ca3adf84dae7f08c3e5052c9df814ae8f2db
ba84976b6d62b2086724bda5b09247d7566b524a5da5f8f82152e17bf175bae0
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1583efa5fa6a65efc68a7e708f23ed1256e946869c83470f03dffb53d10b2ee
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c2ebbd3ad551ba37ef69ea48e0213a0e39590590a1e47ee405982780cb90b573
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccb897af71295a7de9bb04c4cd48d51246b422478a8b018a4905a2df84d5cf4e
cd63fe9c1d901829f16a9569cc4a8aefde6f3e229271a140ddfbfd8edf3f0c41
d1198db43a849793aa84ab06d41246b97e223b7addc40d011547a4e363f9798e
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee7591147d6d564a0bdc683fa1d63f03d8dbb45b6f7a8aaf45f2abd97fa4cba4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6df7783f565f2d27764356cc70fdbac55188ccd734e2d98a908ea209f3c0914
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995