www.sharing.wtf Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sharing.wtf/add59dc0f1bb3f17
Submission: On January 28 via manual (January 28th 2022, 1:29:11 pm UTC) from IE — Scanned from DE

Summary HTTP 324 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 84 IPs in 12 countries across 81 domains to perform 324 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sharing.wtf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2021. Valid for: a year.

This is the only time www.sharing.wtf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
51	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3030::ac43:d9ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	78.46.217.123 78.46.217.123	24940 (HETZNER-AS) (HETZNER-AS)
1	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3031::6815:dbb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:ce2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::6815:14df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::ac43:deda	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::6815:5ca8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.218.209 172.67.218.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:cf77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:3471	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
5	88.99.215.229 88.99.215.229	24940 (HETZNER-AS) (HETZNER-AS)
4	2606:4700:303... 2606:4700:3033::ac43:959f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.166.245 172.67.166.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	54.196.80.103 54.196.80.103	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	51.89.24.69 51.89.24.69	16276 (OVH) (OVH)
13	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	67.202.114.214 67.202.114.214	32748 (STEADFAST) (STEADFAST)
1	2600:9000:215... 2600:9000:2156:2e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
2 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
4 4	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	104.36.113.17 104.36.113.17	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.36.113.24 104.36.113.24	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 9	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
4 4	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	50.31.142.31 50.31.142.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1	54.228.102.236 54.228.102.236	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 6	3.251.21.8 3.251.21.8	16509 (AMAZON-02) (AMAZON-02)
2 2	18.157.252.145 18.157.252.145	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.101 38.27.122.101	174 (COGENT-174) (COGENT-174)
2 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
1	75.2.4.128 75.2.4.128	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3036::6815:5164	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1 2	209.54.180.144 209.54.180.144	16509 (AMAZON-02) (AMAZON-02)
1	54.84.55.94 54.84.55.94	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
4	2602:803:c001... 2602:803:c001::200:194	26667 (RUBICONPR...) (RUBICONPROJECT)
1	135.125.163.79 135.125.163.79	16276 (OVH) (OVH)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.42.29.166 188.42.29.166	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	147.75.61.140 147.75.61.140	54825 (PACKET) (PACKET)
1	104.18.29.199 104.18.29.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	199.212.255.244 199.212.255.244	25948 (FHMNET) (FHMNET)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:224a:8600:8:3ed5:e880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:310... 2606:4700:3108::ac42:2b42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.7.202 51.89.7.202	16276 (OVH) (OVH)
324	84

51 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sharing.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3016.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:d9ad (United States)

ASN13335 (CLOUDFLARENET, US)

platform.foremedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.217.123 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: box.createmyown.website

ads.remix.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:dbb (United States)

ASN13335 (CLOUDFLARENET, US)

freshremix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:ce2d (United States)

ASN13335 (CLOUDFLARENET, US)

beatportmp3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:14df (United States)

ASN13335 (CLOUDFLARENET, US)

scenedl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:deda (United States)

ASN13335 (CLOUDFLARENET, US)

traxsourcemp3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:5ca8 (United States)

ASN13335 (CLOUDFLARENET, US)

edmfresh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.218.209 (United States)

ASN13335 (CLOUDFLARENET, US)

dirrty.remix.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:cf77 (United States)

ASN13335 (CLOUDFLARENET, US)

djpool.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:3471 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.99.215.229 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.215.99.88.clients.your-server.de

app.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::ac43:959f (United States)

ASN13335 (CLOUDFLARENET, US)

app.dirrrtyremixes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.166.245 (United States)

ASN13335 (CLOUDFLARENET, US)

app.dirrtyremixes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.196.80.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-80-103.compute-1.amazonaws.com

track.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.24.69 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip69.ip-51-89-24.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.214 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.18 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.17 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.24 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.33.221.53 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.44 (United Kingdom) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.31 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.102.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-102-236.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.251.21.8 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-21-8.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.252.145 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-252-145.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: a210f278069827510.awsglobalaccelerator.com

check.fraudscore.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:5164 (United States)

ASN13335 (CLOUDFLARENET, US)

foremedianative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.144 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.55.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-55-94.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.adsolut.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c001::200:194 (San Jose, United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.29.166 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.212.255.244 (Canada)

ASN25948 (FHMNET, CA)

node222.impressionssl.adshop.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c263c22cb645df46d77a2c2dac4270b5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:8600:8:3ed5:e880:93a1 (United States)

ASN16509 (AMAZON-02, US)

acdn.flickstree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2b42 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.7.202 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p37.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124 c263c22cb645df46d77a2c2dac4270b5.safeframe.googlesyndication.com	820 KB
51	sharing.wtf www.sharing.wtf	559 KB
35	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7980 router.infolinks.com — Cisco Umbrella Rank: 2877 rt3016.infolinks.com — Cisco Umbrella Rank: 77746 node222.impressionssl.adshop.infolinks.com — Cisco Umbrella Rank: 556752	421 KB
29	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 pubads.g.doubleclick.net — Cisco Umbrella Rank: 462	309 KB
11	google.com www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80	4 KB
10	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 241 acdn.adnxs.com — Cisco Umbrella Rank: 565	26 KB
10	tynt.com de.tynt.com — Cisco Umbrella Rank: 1328 cdn.tynt.com — Cisco Umbrella Rank: 7672 ic.tynt.com — Cisco Umbrella Rank: 5045	9 KB
7	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 25627	3 KB
7	pubmatic.com 7 redirects image8.pubmatic.com — Cisco Umbrella Rank: 609 image2.pubmatic.com — Cisco Umbrella Rank: 1032 image4.pubmatic.com — Cisco Umbrella Rank: 848	2 KB
7	google.de www.google.de — Cisco Umbrella Rank: 5557 adservice.google.de — Cisco Umbrella Rank: 8028	2 KB
7	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5710 ghb.adtelligent.com — Cisco Umbrella Rank: 5988 sync.adtelligent.com Failed	32 KB
6	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 675 ice.360yield.com — Cisco Umbrella Rank: 1480	3 KB
5	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	6 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	40 KB
5	playstream.media app.playstream.media — Cisco Umbrella Rank: 150486	76 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	150 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 467	4 KB
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2853	69 KB
4	dirrrtyremixes.com app.dirrrtyremixes.com	122 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 2366 mp.4dex.io — Cisco Umbrella Rank: 2499	24 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 528	2 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	106 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	34 KB
3	edmfresh.com edmfresh.com	27 KB
2	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 12439	123 KB
2	flickstree.com acdn.flickstree.com — Cisco Umbrella Rank: 302435	126 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 418	310 KB
2	adsolut.in cpm.adsolut.in — Cisco Umbrella Rank: 42460	524 B
2	adform.net adx.adform.net — Cisco Umbrella Rank: 4833	409 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 284	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 690	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 327	677 B
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 11585	3 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1019 pixel.quantserve.com — Cisco Umbrella Rank: 424	10 KB
2	gaug.es track.gaug.es — Cisco Umbrella Rank: 277120	4 KB
2	dirrtyremixes.com app.dirrtyremixes.com	95 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 23756	113 KB
2	scenedl.org scenedl.org	14 KB
2	remix.es ads.remix.es dirrty.remix.es	5 KB
2	foremedia.net platform.foremedia.net — Cisco Umbrella Rank: 224714	3 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 596	533 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	17 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1204	7 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5646	177 B
1	e-planning.net pbjs.e-planning.net — Cisco Umbrella Rank: 7058	158 B
1	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 1818	911 B
1	districtm.io dmx.districtm.io — Cisco Umbrella Rank: 1407	284 B
1	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 7095	624 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770	425 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 921	44 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 969	99 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1228	88 B
1	foremedianative.com foremedianative.com — Cisco Umbrella Rank: 451827	17 KB
1	fraudscore.ai check.fraudscore.ai — Cisco Umbrella Rank: 379363	207 B
1	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 6197	238 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	416 B
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 877	72 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 702	758 B
1	bnmla.com match.bnmla.com — Cisco Umbrella Rank: 1587	114 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 4389	233 B
1	cpx.to s.cpx.to — Cisco Umbrella Rank: 2057	944 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1044	496 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 588	288 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	475 B
1	openx.net u.openx.net — Cisco Umbrella Rank: 710	305 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1056	814 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 898	437 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 12727	145 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 361	1 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2427	16 KB
1	waust.at waust.at — Cisco Umbrella Rank: 36672	7 KB
1	djpool.net djpool.net	12 KB
1	traxsourcemp3.com traxsourcemp3.com	12 KB
1	beatportmp3.com beatportmp3.com	7 KB
1	freshremix.net freshremix.net	153 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1501	114 KB
0	udmserve.net Failed udmserve.net Failed
0	pagefair.com Failed asset.pagefair.com Failed
324	81

	Domain	Requested by
51	www.sharing.wtf	www.sharing.wtf
30	pagead2.googlesyndication.com	www.sharing.wtf pagead2.googlesyndication.com srcdoc 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	tpc.googlesyndication.com	3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.sharing.wtf
15	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
15	securepubads.g.doubleclick.net	www.sharing.wtf securepubads.g.doubleclick.net 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com api.adinplay.com www.googletagservices.com
9	ib.adnxs.com	4 redirects player.adtcdn.com api.adinplay.com acdn.adnxs.com
8	rt3016.infolinks.com	resources.infolinks.com www.sharing.wtf
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
8	resources.infolinks.com	www.sharing.wtf resources.infolinks.com
7	mc.yandex.com	2 redirects www.sharing.wtf mc.yandex.ru
7	ic.tynt.com	www.sharing.wtf
6	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.google.com	www.sharing.wtf tpc.googlesyndication.com
5	ghb.adtelligent.com	player.adtelligent.com player.adtcdn.com
5	www.google-analytics.com	www.sharing.wtf www.google-analytics.com www.googletagmanager.com
5	app.playstream.media	www.sharing.wtf app.playstream.media imasdk.googleapis.com
4	www.googletagservices.com	3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
4	node222.impressionssl.adshop.infolinks.com	www.sharing.wtf blank
4	ice.360yield.com	player.adtcdn.com
4	fastlane.rubiconproject.com	player.adtcdn.com
4	mc.yandex.ru	2 redirects www.sharing.wtf
4	cm.g.doubleclick.net	3 redirects ssum-sec.casalemedia.com
4	image8.pubmatic.com	4 redirects
4	app.dirrrtyremixes.com	www.sharing.wtf
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	sync.1rx.io	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	www.googletagmanager.com	www.sharing.wtf platform.foremedia.net www.googletagmanager.com
3	cdn.jsdelivr.net	www.sharing.wtf api.adinplay.com
3	edmfresh.com	www.sharing.wtf
2	mug.criteo.com	www.sharing.wtf
2	gum.criteo.com	1 redirects
2	api.adinplay.com	3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com api.adinplay.com
2	acdn.flickstree.com	app.playstream.media
2	imasdk.googleapis.com	resources.infolinks.com imasdk.googleapis.com
2	cpm.adsolut.in	player.adtcdn.com
2	script.4dex.io	player.adtcdn.com script.4dex.io
2	adx.adform.net	player.adtcdn.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	ad.360yield.com	2 redirects
2	image4.pubmatic.com	2 redirects
2	ssum-sec.casalemedia.com	1 redirects router.infolinks.com
2	de.tynt.com	router.infolinks.com cdn.tynt.com
2	player.adtelligent.com	player.adtcdn.com
2	t.dtscout.com	waust.at t.dtscout.com
2	track.gaug.es	www.sharing.wtf
2	app.dirrtyremixes.com	www.sharing.wtf
2	player.adtcdn.com	www.sharing.wtf
2	scenedl.org	www.sharing.wtf
2	platform.foremedia.net	www.sharing.wtf platform.foremedia.net
1	id5-sync.com	player.adtcdn.com
1	acdn.adnxs.com	api.adinplay.com
1	c263c22cb645df46d77a2c2dac4270b5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	cdn.tynt.com	waust.at
1	prebid.a-mo.net	player.adtcdn.com
1	prebid-eu.creativecdn.com	player.adtcdn.com
1	pbjs.e-planning.net	player.adtcdn.com
1	mp.4dex.io	player.adtcdn.com
1	ads.betweendigital.com	player.adtcdn.com
1	dmx.districtm.io	player.adtcdn.com
1	rtb.adxpremium.services	player.adtcdn.com
1	ad.turn.com	1 redirects
1	match.deepintent.com	ssum-sec.casalemedia.com
1	sync.taboola.com	ssum-sec.casalemedia.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	foremedianative.com	platform.foremedia.net
1	check.fraudscore.ai	www.sharing.wtf
1	dm.hybrid.ai	www.sharing.wtf
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ssc-cms.33across.com	router.infolinks.com
1	p.rfihub.com	1 redirects
1	match.bnmla.com	router.infolinks.com
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	u.openx.net	router.infolinks.com
1	image2.pubmatic.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	www.google.de	www.sharing.wtf
1	pixel.quantserve.com	www.sharing.wtf
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	whos.amung.us	waust.at
1	z.moatads.com	s7.addthis.com
1	secure.quantserve.com	www.sharing.wtf
1	stackpath.bootstrapcdn.com	www.sharing.wtf
1	waust.at	www.sharing.wtf
1	djpool.net	www.sharing.wtf
1	dirrty.remix.es	www.sharing.wtf
1	traxsourcemp3.com	www.sharing.wtf
1	beatportmp3.com	www.sharing.wtf
1	freshremix.net	www.sharing.wtf
1	s7.addthis.com	www.sharing.wtf
1	ads.remix.es	www.sharing.wtf
0	udmserve.net Failed	player.adtcdn.com
0	sync.adtelligent.com Failed	www.sharing.wtf
0	asset.pagefair.com Failed	www.sharing.wtf
324	106

This site contains links to these domains. Also see Links.

Domain
www.wikihow.com
www.youtube.com
support.mozilla.org
www.howtogeek.com
help.opera.com
www.drrtyr.mx
search.drrtyr.mx
freshremix.net
beatportmp3.com
scenedl.org
traxsourcemp3.com
edmfresh.com
www.dirrtyremixes.com
edmdls.com
djpool.net
djremixalbums.com
remixsearch.net
www.filesharing.io
status.sharing.wtf
whos.amung.us

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-27` - `2022-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
ads.remix.es R3	`2022-01-22` - `2022-04-22`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.playstream.media AlphaSSL CA - SHA256 - G2	`2021-04-06` - `2022-05-08`	a year	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2021-01-18` - `2022-02-17`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
player.adtelligent.com R3	`2022-01-18` - `2022-04-18`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-12-08` - `2022-03-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.fraudscore.ai Sectigo RSA Domain Validation Secure Server CA	`2021-02-08` - `2022-03-11`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adsolut.in Sectigo RSA Domain Validation Secure Server CA	`2021-08-23` - `2022-09-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.360yield.com Amazon	`2021-07-28` - `2022-08-26`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2021-08-05` - `2022-09-05`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.e-planning.net R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.a-mo.net R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
node222.impressionssl.adshop.infolinks.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
acdn.flickstree.com Amazon	`2021-07-09` - `2022-08-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
adinplay.com Cloudflare Inc ECC CA-3	`2021-07-22` - `2022-07-21`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://www.sharing.wtf/add59dc0f1bb3f17
Frame ID: 2F1A37D2B918DB7303F7C6BFF4D75849
Requests: 196 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Frame ID: 4BB37B425B681795474084EB6D899D4F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: 005B8E2DC03DBF1BA28AAB33A51943C1
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 7A0D04D3C57192B53B809558F89C9CA6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: BF53D984A3794CDDED9E60D097FD9BBD
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 1EF9673B073F6C84FF3502F01DB48E78
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&adk=1812271804&adf=3025194257&lmt=1643376544&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544271&bpp=3&bdt=438&idt=203&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2661221419720&frm=20&pv=2&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219
Frame ID: 3C40314CC0E7AE3326DB8FE35A1D3E64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=9968197390&adk=3830745838&adf=4191892778&pi=t.ma~as.9968197390&w=728&lmt=1643376544&psa=0&format=728x90&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544274&bpp=1&bdt=441&idt=221&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2661221419720&frm=20&pv=1&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lqcC0M5GD3&p=https%3A//www.sharing.wtf&dtd=227
Frame ID: 61CAC30F874191DA69ED5C6F2FF12C7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=250&slotname=4212251255&adk=1915298160&adf=180725892&pi=t.ma~as.4212251255&w=300&lmt=1643376544&psa=0&format=300x250&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544275&bpp=1&bdt=442&idt=236&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2661221419720&frm=20&pv=1&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1057&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UfSG1qzyst&p=https%3A//www.sharing.wtf&dtd=239
Frame ID: 96A0EE7726164BE415AFA5E1C638D35C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=8551670060&adk=2848899565&adf=2390466099&pi=t.ma~as.8551670060&w=970&lmt=1643376544&psa=0&format=970x90&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544275&bpp=1&bdt=443&idt=243&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2661221419720&frm=20&pv=1&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ffisqc19Q0&p=https%3A//www.sharing.wtf&dtd=246
Frame ID: BA6EA2FC27DF3AA02E6CDE554EB6E489
Requests: 1 HTTP requests in this frame

Frame: https://node222.impressionssl.adshop.infolinks.com/impression/?vh=1539780863&agy=414981&aid=637313&cid=640282&gid=644256&id=644276&st=1643376544&kwid=0&skw=additional&sid=3237252_3&sip=3117783808&pid=18&tid=3&mime=image/jpeg&dev=0&mtyp=502&agtyp=0&rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&idfa=&gaid=&site_cat=13
Frame ID: 19C6BA93D1FA7065908B307912E55875
Requests: 1 HTTP requests in this frame

Frame: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B966F0D331E1EA0D6D303C4F7BD37FAC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Frame ID: BE812CCB173550BF745FE687EDF93F09
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5B454F86C353DB0E472F33456CD01951
Requests: 1 HTTP requests in this frame

Frame: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DF3FDADADF20DEC99A59D2F229F3DE3E
Requests: 14 HTTP requests in this frame

Frame: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E54C5465209C6832085B4A17CCD4957
Requests: 14 HTTP requests in this frame

Frame: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A66F21D19EE273BED275BE2BFF6150CF
Requests: 19 HTTP requests in this frame

Frame: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DAF25DD8CA172E99C3746E7A30751E6E
Requests: 13 HTTP requests in this frame

Frame: https://node222.impressionssl.adshop.infolinks.com/impression/?vh=1539789520&agy=414981&aid=637313&cid=640282&gid=644256&id=644264&st=1643376545&kwid=0&skw=server&sid=3237252_3&sip=3117783808&pid=15&tid=3&mime=image/png&dev=0&mtyp=502&agtyp=0&rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&idfa=&gaid=&site_cat=13
Frame ID: A611E66D9A7B18E4EDB6EB3F976FEDD8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=250&slotname=3546254966&adk=2426902379&adf=272530241&pi=t.ma~as.3546254966&w=970&url=https%3A%2F%2Fwww.sharing.wtf%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376545911&bpp=10&bdt=197&idt=204&shv=r20220126&mjsv=m202201200301&ptt=5&saldr=sa&correlator=6010198991580&frm=24&ife=3&pv=2&ga_vid=1179723932.1643376546&ga_sid=1643376546&ga_hid=550439547&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=4236235423&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=3495137589013993&pem=999&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uk51gz9qoppm&fsb=1&dtd=228
Frame ID: 532CF0375B82BDA20BE0DBC732351CEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=3546254966&adk=3041473798&adf=272530254&pi=t.ma~as.3546254966&w=970&url=https%3A%2F%2Fwww.sharing.wtf%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376545926&bpp=9&bdt=206&idt=245&shv=r20220126&mjsv=m202201200301&ptt=5&saldr=sa&correlator=4357060650104&frm=24&ife=3&pv=2&ga_vid=389439626.1643376546&ga_sid=1643376546&ga_hid=1780539547&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1548298141&scr_x=-12245933&scr_y=-12245933&eid=31064201&oid=2&pvsid=1113210353644179&pem=999&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.imzt2kadl8wn&fsb=1&dtd=264
Frame ID: 695C14B647656C5D7CBEFDDAD6B2CA7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=3546254966&adk=2834947142&adf=272530252&pi=t.ma~as.3546254966&w=728&url=https%3A%2F%2Fwww.sharing.wtf%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376545989&bpp=6&bdt=260&idt=221&shv=r20220126&mjsv=m202201200301&ptt=5&saldr=sa&correlator=74279130059&frm=24&ife=3&pv=2&ga_vid=567113236.1643376546&ga_sid=1643376546&ga_hid=1338826182&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1576167272&scr_x=-12245933&scr_y=-12245933&eid=44753656%2C31063221&oid=2&pvsid=1723598639359452&pem=999&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8tqupiulh9yx&fsb=1&dtd=238
Frame ID: A19FBAF5EDE179088FAE2AC3C60BBAB4
Requests: 1 HTTP requests in this frame

Frame: https://c263c22cb645df46d77a2c2dac4270b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 21EEA0E4A93640FF99CE6A1793109844
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 48251FAF11DE3C58011574B3CF3DD5B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 973F35F0D5ED8DC99C31CFACF5F3D6B0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8CDE2EAA06367D798A85ADB8ED80DB0B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8363AB35FB690BD6A889AF5917B3D8F6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A6F6CF75A8E9FC3920AB1B479E9DEAF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16C771B62CEF316F55C99A554EEF7FA2
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 352A45832939B782B86328E9DDA51CEB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 38967E1A7B3510FF4853FCFB81B4340E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2623864647E19654233E766990DA9A9B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Timmy Trumpet, Azteck, Darren Styles - Dance Tonight (Extended Mix) Hardstyle.mp3 - sharing.wtf

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery Sparklines (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

jquery\.sparkline.*\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

324
Requests

92 %
HTTPS

42 %
IPv6

81
Domains

106
Subdomains

84
IPs

12
Countries

4020 kB
Transfer

11136 kB
Size

98
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wikihow.com/Disable-Adblock

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=roWd3cISn2M
Title: Chrome

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=yTKlAPUNTwk
Title: Firefox

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=LgIQY3uavf8
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/en-US/kb/tracking-protection
Title: Firefox's Tracking Protection

Search URL Search Domain Scan URL

URL: https://www.howtogeek.com/342986/how-to-disable-chromes-new-ad-blocker-on-certain-sites-or-all-sites/
Title: Chrome's built-in ad blocker

Search URL Search Domain Scan URL

URL: https://help.opera.com/en/latest/features/#adBlocker
Title: Opera's built-in ad blocker

Search URL Search Domain Scan URL

URL: https://www.drrtyr.mx/post/announcement-bad-news/
Title: More details here

Search URL Search Domain Scan URL

URL: https://search.drrtyr.mx/file/add59dc0f1bb3f17/Timmy-Trumpet,-Azteck,-Darren-Styles---Dance-Tonight-(Extended-Mix)-Hardstyle.mp3/
Title: More at remixsearch.net

Search URL Search Domain Scan URL

URL: https://freshremix.net/
Title: freshremix

Search URL Search Domain Scan URL

URL: https://beatportmp3.com/
Title: beatportmp3

Search URL Search Domain Scan URL

URL: https://scenedl.org/
Title: scenedl.org

Search URL Search Domain Scan URL

URL: https://traxsourcemp3.com/
Title: traxsourcemp3

Search URL Search Domain Scan URL

URL: https://edmfresh.com/
Title: edmfresh

Search URL Search Domain Scan URL

URL: https://www.dirrtyremixes.com/
Title: dirrtyremixes

Search URL Search Domain Scan URL

URL: https://edmdls.com/
Title: edmdls.com

Search URL Search Domain Scan URL

URL: https://djpool.net/
Title: djpool

Search URL Search Domain Scan URL

URL: https://djremixalbums.com/
Title: djremixalbums

Search URL Search Domain Scan URL

URL: https://remixsearch.net/
Title: remixsearch

Search URL Search Domain Scan URL

URL: https://www.filesharing.io/add59dc0f1bb3f17?pt=8c%2BgG4gdDD1E2PXm98BbkKBzA9N4f%2BvQY0tWvJlJ4SE%3D&sid=g488miifvp5mkfq6qp3i7gpde2&np=2
Title: FREE DOWNLOAD

Search URL Search Domain Scan URL

URL: https://status.sharing.wtf/
Title: site status

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/0akrqdovxs/
Title: 50

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 112

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzE1NTdBQ0ItNjRENS00NUU1LTkwQ0UtMTgzRTE1RDFEM0Qy&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzE1NTdBQ0ItNjRENS00NUU1LTkwQ0UtMTgzRTE1RDFEM0Qy&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DC1557ACB-64D5-45E5-90CE-183E15D1D3D2 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=C1557ACB-64D5-45E5-90CE-183E15D1D3D2

Request Chain 113

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=7422828097157295699

Request Chain 115

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-5dG0rxhE2uEaHuUQe0RHbA7Ek4_z0tgICZFqR5U-~A

Request Chain 116

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1643376544510 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7956066447 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7956066447 HTTP 302
https://sync.1rx.io/usersync/tradedesk/5ea1bb03-98b3-4cdb-afcc-0b5b1da817e5 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ffe35f99-d972-4e4b-98b5-a63be27db230-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-ffe35f99-d972-4e4b-98b5-a63be27db230-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-ffe35f99-d972-4e4b-98b5-a63be27db230-003

Request Chain 117

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 119

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.sharing.wtf%252Fadd59dc0f1bb3f17&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.sharing.wtf%25252Fadd59dc0f1bb3f17%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&pid=12306&adnxs_uid=7422828097157295699

Request Chain 121

https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
https://router.infolinks.com/dyn/imd-usync?user_id=4a1e42c2-362a-4dab-90ad-9fbb714158c7&partner_id=1531

Request Chain 122

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP433929bf-803e-11ec-93aa-064c62b4fd54 HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-g9rraANE2uGLyvB5BPknAO8BJtXiOKfS~A~UP433929bf-803e-11ec-93aa-064c62b4fd54

Request Chain 124

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=53b284b48c0a37e4d1f462d2

Request Chain 125

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC1557ACB-64D5-45E5-90CE-183E15D1D3D2 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=C1557ACB-64D5-45E5-90CE-183E15D1D3D2

Request Chain 126

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=5107433822481541973

Request Chain 147

https://mc.yandex.ru/watch/87053707 HTTP 302
https://mc.yandex.ru/watch/87053707/1

Request Chain 148

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfPvoJsZWiVRQjrxszxMMQAABFwAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfPvoJsZWiVRQjrxszxMMQAABFwAAAAB&dcc=t

Request Chain 151

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfPvoJsZWiVRQjrxszxMMQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJT4eydYXM7Bgx85hxSI35I&google_cver=1&gdpr=1

Request Chain 155

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2955104588892394069

Request Chain 188

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9532.KiEqVtEF7XCjcMSGDwG7ZO4obGhmoEXmo3lUnDYB2OUOMFnRTne2xeB4Scre1pvF.fRlEzI4wiUTopLMIrx1cAcj670Q%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9532.D_5HSdnFJ1kbUS5w8CswtUQ9uyVtAACvRHVbxNwYDk53lp3KJmcv8cp-hS-5p8DEvi9K_RIim8lvlOvve2ZDziIY_PJJ_bxeukbtwNObv1o%2C.9CcynhSH3u82G6BCHc-wToqjGM4%2C

Request Chain 195

https://mc.yandex.com/watch/87053707?wmode=7&page-url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A806032038360%3Ahid%3A931952479%3Az%3A0%3Ai%3A20220128132904%3Aet%3A1643376545%3Ac%3A1%3Arn%3A718973572%3Arqn%3A1%3Au%3A1643376545693577960%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643376543437%3Ads%3A11%2C132%2C249%2C15%2C0%2C0%2C%2C308%2C17%2C%2C%2C%2C716%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643376545%3At%3ATimmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20(Extended%20Mix)%20Hardstyle.mp3%20-%20sharing.wtf&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/87053707/1?wmode=7&page-url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A806032038360%3Ahid%3A931952479%3Az%3A0%3Ai%3A20220128132904%3Aet%3A1643376545%3Ac%3A1%3Arn%3A718973572%3Arqn%3A1%3Au%3A1643376545693577960%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643376543437%3Ads%3A11%2C132%2C249%2C15%2C0%2C0%2C%2C308%2C17%2C%2C%2C%2C716%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643376545%3At%3ATimmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20%28Extended%20Mix%29%20Hardstyle.mp3%20-%20sharing.wtf&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 324

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sharing.wtf%2F&domain=www.sharing.wtf&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=WJmYWXxFRkZkK1dGYnFkYy8vdWRCZFNDMkxoNlVYNGFJb050NkZtampFZWg2RWU2N1o0R0c1QjhkSWNIZTE3MDdJbmZnSjJ6SkwvTnB4L0Q3YjNpcFA2ZVNocERFTUVmazdHRmpLaXVjTFRUQWg1cTB1bW1UNGlyY1BiUXI0VXl5MlhhWlZZWlg3aERybnpJNHorVHRNZnFBMThtWGFTa0JwSkpHaGkrY2YzdnpVUXVHYTNYY3NnVk1LbWh1bGVMam1qS3BFeXBpSmlzL1NlWFhzOEttUHZUd3ZmQTFSTDdoSXJaWlBNZVZ5cEdRQXJvPXw&cppv=2

324 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request add59dc0f1bb3f17 Show response
www.sharing.wtf/ 165 KB
48 KB 393ms
249ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e354fc3b46b8e628749737188716e04705feca86feb0fd6d6768d15bbd16048e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
x-cache: MISS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9HXZX4YDZp2sjTlq4G50qRW0C4liszs280e4%2BqV1wq4I34IcpK0E9m5jvpepHqLx64LAiDCnUNJhvDwo%2F3ZzDIlzIEBcz96Q7fLaLeQ23xqOThSZnGZVTx%2FdjcNrja2r7nlgySTG65WPaDtyJc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d4a91456d475c1a-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 6fpFc5rlrPMaf0p7BwX_h0pswB4.js Show response
www.sharing.wtf/cdn-cgi/apps/head/ 6 KB
3 KB 26ms
24ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/cdn-cgi/apps/head/6fpFc5rlrPMaf0p7BwX_h0pswB4.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4a269d0a2178b485f9a4428eb0f49f942e583ca6e24a4926a86744633d5d7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2011048
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JF056K4RHB7CWGVM
x-amz-id-2: eCai3l3YDV5lvgeV2Yd3YJzOJGHT0D0rh918E/XYX8EGAjkueXS1PUMQdFAR5NSMSt9UI03af2I=
last-modified: Wed, 24 Oct 2018 12:09:25 GMT
server: cloudflare
etag: W/"f19e40d0eb856c21be82a33386e62a30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tbsVbS%2Fp2WunakToUiVpUorpc7e0HxEjx9tEnIhg0ikdXtu%2FRIpsZg%2BVNFEDkig8hey31gLWiTyx9Qlb0OTVAEMVcSwBIkLwVKqpNhG7yRilDi%2FsKbnXRv0TZXmVIiudHxbVuYTHhuiH2VUFOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: p8I86TYAcT6FKCxrWt_KwKaM9CXwYnYD
cf-ray: 6d4a914719cb5c1a-FRA

GET
H2 200 prebid4.13.0.js Show response
www.sharing.wtf/ 250 KB
77 KB 30ms
29ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/prebid4.13.0.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd87cf36d9f35db800b433d20f5159731da93c14c68354058acdc51cb1a0bd58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197386
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Fri, 04 Jun 2021 21:28:08 GMT
server: cloudflare
etag: W/"60ba9ae8-3e77d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcKy%2BsZSCY2t1FQ6Ycr6AEOi3s95Tn8yXsCFqcYmJtRJ%2FhHFGg3uvjNQLOw2NRaQtJsGKM%2FoZ1E%2BQzQVgaQtvf2x6IfC5zNfYw1bRBbSTHTHLofDYEIKos6%2FlclQYL2UrgMI0t4jdO0xnyssznU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719d35c1a-FRA
expires: Wed, 09 Feb 2022 06:39:10 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 59ms
25ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56232ab3283e454489f0e3fe503cc511856b765c5566d5210aadacf81ba3fffb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d4a91474f279255-FRA
date: Fri, 28 Jan 2022 13:29:03 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 28 Jan 2022 09:02:06 GMT
server: cloudflare
age: 1606
etag: W/"d9c-5d6a0b07078c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
expires: Fri, 28 Jan 2022 14:02:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 155ms
58ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5945208862215231

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1df256eecdc5410c5b7e6cfc2195ffc2c6434eb01f67ec31059c9a4b6af39a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sharing.wtf/
Origin: https://www.sharing.wtf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52024
x-xss-protection: 0
server: cafe
etag: 7964592808822526544
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:29:04 GMT

GET
H2 200 socialsider-v1.0.css
www.sharing.wtf/themes/flow/frontend_assets/socialsider-v1.0/_css/ 33 KB
4 KB 48ms
47ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755d33022faa2a301317f57104f9e3b27138fef9f84a3e285e07a1265ac702ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282241
cf-polished: origSize=36171
x-cache: HIT
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-8d4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLnZATxITRd2QTA2JrggUGpm%2FB0czKHWVtfIUDP47WxWIjg05x84zcC9UaI9FQWIdGkn18wmWBRb5M2tVzHJYQaqWS9kW%2B2r9%2Fhg3i3tLabakZGJ5dR2Mvq4fGqKfmnnwSIqwCYZ%2BC77EQLDJgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719d65c1a-FRA
expires: Tue, 08 Feb 2022 04:10:32 GMT

GET
H2 200 All-stylesheets.css
www.sharing.wtf/themes/flow/frontend_assets/css/ 793 B
768 B 24ms
23ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda80a344f493a216c0242e0b2c0e1ad9381c6124236e69d700d249b3b899098

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 373557
cf-polished: origSize=1470
x-cache: BYPASS
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Tue, 12 Oct 2021 17:32:13 GMT
server: cloudflare
etag: W/"6165c69d-5be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2B4NOoTVroAwZJ3%2Ft3u8yCJheBjY5AZA%2BHcxZesvPQQ53Yz%2FaVBZxDQl%2BMQ212T64cs7CzVIRb5QHDKEAfqoJcCeUXYFT2a4rdxAV2qV4aNqrxIFro3C3AFqKzg8QoEVUnZcUaTUfog6WKNTnN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719dc5c1a-FRA
expires: Mon, 07 Feb 2022 05:43:06 GMT

GET
H2 200 custom.css
www.sharing.wtf/themes/flow/frontend_assets/css/ 7 KB
3 KB 22ms
21ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/custom.css?v=11.16111
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8362e39aba607c86620ec90e80362d94156610ceb0bb506b390952d1ac903534

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282241
cf-polished: origSize=9920
x-cache: BYPASS
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: W/"5deb2656-26c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjkKM8udpQ1GGLbcm%2FrIYq4lrWof0eVekS%2BytXceT4V0ig8AF%2B9ofz3zbdCtmaTOZg0SjXbWAA%2Fnfjv7xS0T%2BobWoKYaat3kX%2FX3ACXhEdqEfBSselkHedWUixbcM8gffkPnjxT0oj%2FQefjla6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719de5c1a-FRA
expires: Tue, 08 Feb 2022 07:05:02 GMT

GET
H2 200 flow.css
www.sharing.wtf/themes/flow/frontend_assets/css/colors/ 2 KB
1 KB 58ms
57ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/colors/flow.css
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4b5fa539234afc2f04a8916f13a3ab973a82d4def74d62e46cbff04621255ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282241
cf-polished: origSize=2626
x-cache: HIT
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: W/"5deb2656-a42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoBPjVtPnwEfmzN76Q4evo0vZAFRTzbhmjPv4wbjdlxZaWSIasPp%2BVEp9WT%2BThGlpbbhoP6xJG3szk7SleKSc81SuyeTsL5mXEocizekhiZ1i02C5H7Fwc2f3eCcMoOJjbqgYbY%2Fp0GY8Gdrg0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719e05c1a-FRA
expires: Tue, 08 Feb 2022 04:24:07 GMT

GET
H2 200 responsive.css
www.sharing.wtf/themes/flow/frontend_assets/css/ 2 KB
1 KB 20ms
19ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/responsive.css
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33439b0e4aaf1a05e869609e0b43eed3173ac103afac8a4376a1f3c55bf56678

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282241
cf-polished: origSize=2844
x-cache: HIT
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: W/"5deb2656-b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCQo5a%2FKb0RwNs8ISNX8VUKMrSZWsGcgxeZ9sK94i1MrpqEs1%2BTmFHhpJA%2F1DLTNcM1H%2BbxL%2BUy1FfxofiHa7wUiQniLoroYfVi3XXZXO3InwpUYnLvFViERTLxYAh4ZE6FxkyteuSLBn2ziU8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719e15c1a-FRA
expires: Tue, 08 Feb 2022 04:10:32 GMT

GET
H2 200 entypo.css
www.sharing.wtf/themes/flow/styles/font-icons/entypo/css/ 12 KB
3 KB 22ms
21ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/styles/font-icons/entypo/css/entypo.css
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad56337270c6fd9a8e1eb1dfc162878e6b571c79cd9ea55d08ba8bcd0dc97ac6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 719135
cf-polished: origSize=17909
x-cache: BYPASS
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-45f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lStq%2FKxtgwep3wEdJWyY6PEq%2BrCP%2B2DW1Hn2DH4O6DHurgmPVy9a1qwAFOTwzisUj6rWhZ9ECedPX0fv9hlbZut%2BorgHpfTPrc3P3TqBLTKWFvzeNb3H5I6BFV10GjrPP46YRqGQ54SCLaXEhuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719e35c1a-FRA
expires: Thu, 03 Feb 2022 01:36:28 GMT

GET
H2 200 file-upload.css
www.sharing.wtf/themes/flow/styles/ 5 KB
2 KB 38ms
37ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/styles/file-upload.css
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cf1db69eaf84cb88cd1efd33c7346f8257bfea088837a62ccdefa96efff7d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282241
cf-polished: origSize=7543
x-cache: HIT
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-1d77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeIbXtRbXQZuQanRb%2FUNqlCBA8JSWzlGMdGePhLkWYKuxWw7RqHmbFR7UmnPghbysoqU1jGjWglaavy2sG7Nf2jukPrD4vY%2FAlDDwL0pkJIHQ3eoTdOhcXFsoeg7zy1za1kLtMCFj3kbWrblAAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719e45c1a-FRA
expires: Tue, 08 Feb 2022 04:07:06 GMT

GET
H2 200 modernizr.js Show response
www.sharing.wtf/themes/flow/js/ 8 KB
4 KB 18ms
18ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/modernizr.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15479ef5a4c3308a3c3acbdb1841035df455d9b7e6f2acec6d29ec9aa1df246e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 801046
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-20b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewAqLUCcB3zIqhVjtlTYPBFaR7jBKti%2FG40vJ3a0eKv%2F6BvvXp1uj5N%2B9LUIfFOuGJheZB5Lhewh7GSBXluEEwEe5wz%2Fj65zzRA%2FIvbxze%2F8%2F92D56wtJ%2Fm%2FQYMsXdP8csX0SHoBAzb7L%2FGSSCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719e75c1a-FRA
expires: Wed, 02 Feb 2022 06:04:03 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
www.sharing.wtf/themes/flow/js/ 94 KB
34 KB 35ms
32ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery-1.11.0.min.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 634559
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-1787d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2O6M3TOd9IrPWsZVLT0YT%2FH79Wj2GTVU2puGGi%2Fvttn%2FjwvfELtwB%2FZgPtiJWXxVJjCwcv7%2FIpn3si2G20m4spw4TNGAeUdiVf1LXtNGAGPirrsJxUqh2pywXwXuv0vOBzZ1PghJaSdr%2Bd4ieok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719f05c1a-FRA
expires: Fri, 04 Feb 2022 04:17:02 GMT

GET
H2 200 jquery-ui.js Show response
www.sharing.wtf/themes/flow/js/ 426 KB
106 KB 37ms
34ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery-ui.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 634122
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-6a684"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwXV6Rgc87%2B6ytCgip9E3JEMi2tSzh0by%2Foxqi0MhKviuUzaETi8Zyz62dFD45qlaTo2FGhhdGmsdYTUHd3aug1wmlBVIR9wFeMOwMfixHCh5Iwn45quOv%2F10%2BdpxkVISqDqmH7gM2bFZoR66bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719f35c1a-FRA
expires: Fri, 04 Feb 2022 05:20:21 GMT

GET
H2 200 jquery.dataTables.min.js Show response
www.sharing.wtf/themes/flow/js/ 68 KB
20 KB 26ms
23ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery.dataTables.min.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197156
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-10fe4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGieZkJsTXDSWwq1ck3g0P%2Btcxwe%2BLWfMaO9RK0szFpYTpTOUShHTSWYrQQ%2B%2B2gIStkuKS2S48ht0FybP0T98hCQ54Q%2BJpYAh%2FTkJMxCKrTwDiKuCzJbschblUUu6Ps6ockDqL7McCSQVbNMJuw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719f65c1a-FRA
expires: Wed, 09 Feb 2022 05:08:11 GMT

GET
H2 200 jquery.tmpl.min.js Show response
www.sharing.wtf/themes/flow/js/ 971 B
975 B 35ms
32ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery.tmpl.min.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9509c1e67bedbaded059d0aa8d5cee65cee3c9e3f43a5952a7a233cbc10810ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282241
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-3cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JChxoLAGkfVlX7hnbD2ueBq9dwhvq05SMptwhsUIPjiXhuKip03%2F1eatbFTyDgpBSPLYAGcXMWoh94gejM%2FljemTypK2g6PZNoOXuIQgdJ0lLfB52c5as2BN%2F0UgB2G%2F5F5YUdPR5iqGhkVp%2B%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719f75c1a-FRA
expires: Tue, 08 Feb 2022 04:24:07 GMT

GET
H2 200 load-image.min.js Show response
www.sharing.wtf/themes/flow/js/ 2 KB
2 KB 42ms
39ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/load-image.min.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b49885ee9e161e5595dfe428642255234d8d557c85699bb8bba72499717498c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197156
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-9f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xb6pGmC48JRYK9yJap%2FNSgS7wdHVZ3kgQN9pUhYdaYE0iJU53KMAkw41gvhFGf5zzvvF1DjLEX5k5QT3AEWJG%2FXU0eIg5UBorCsk0VuJtvTrwZ%2FhFy38qR1d3RFsm0oC5abXW3oy0zYXmAEZo4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719fa5c1a-FRA
expires: Wed, 09 Feb 2022 05:08:11 GMT

GET
H2 200 canvas-to-blob.min.js Show response
www.sharing.wtf/themes/flow/js/ 1 KB
941 B 42ms
40ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/canvas-to-blob.min.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 233a048b5eab2ecc75e2f72bf9a65de6ac06e697746156ade5b144305d76ca3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 634122
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-408"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wB5HVCFrFS%2BHcn2j2XzwLfY9Qp3kz3VVDsHfKJ89F90KpNJe%2FeSksGe6lSa%2BB%2B4aucngdf7FiptvhY7Xt5gVVND1BV9bl9PwXS6B1%2FhPZfsiqIwr%2Bx1lS26ZohRFpb44M3vQs%2Ffdat6%2BQNndY00%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a914719fc5c1a-FRA
expires: Fri, 04 Feb 2022 05:20:21 GMT

GET
H2 200 jquery.iframe-transport.js Show response
www.sharing.wtf/themes/flow/js/ 9 KB
3 KB 24ms
22ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery.iframe-transport.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3f67c68965b4076cc7bc531f648c3a15aa30c1b9cede0486afd4eb4353f8c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197156
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-2427"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQBPGCYQs4b%2FvcD%2FDMa2%2BxJQY%2Fxr8WkPliN0tgBjRNHA7pUjHvif1RIFCVwTf4Pjxta%2Fu8IsQRIdBPsFsSqEXt67fltCpPn%2Bai80fDizD9hZ4%2FbO%2F2bZtaJIHzFCyRxCiQs6yUZaxRC%2FiwvBZ2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91472a015c1a-FRA
expires: Wed, 09 Feb 2022 05:08:11 GMT

GET
H2 200 jquery.fileupload.js Show response
www.sharing.wtf/themes/flow/js/ 55 KB
12 KB 45ms
42ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery.fileupload.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f809de94a782db6c7c5bc85db8bc8f6b05b1a473f736080b3ea8377fd6ed35cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 633291
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-dbd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8WF29OZE7%2BAbRe2wywwXVfajHfDQmoOD%2FM2oSgApb3bjt3gIL6hfO2yJE%2FIFRh8fQePn%2B8QxKoja6jpuCD5cAfc%2B9%2FthRZt3NHX3Lk50sMxupmtXoZQnY%2FsRAIENV4MUKYWxSQDymC8TUNQWdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91472a035c1a-FRA
expires: Fri, 04 Feb 2022 02:47:05 GMT

GET
H2 200 jquery.fileupload-process.js Show response
www.sharing.wtf/themes/flow/js/ 5 KB
2 KB 25ms
23ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery.fileupload-process.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6626568ee243b737cdfc12efc464eb97d786bdcce590a0326427e11f360293f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282241
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-14b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCpZIwoij7IbxOSyWsKNB2W2Qo3xT6wrH9isjOD5Syh3pGIFfZ29nFXGYnfZL%2FRv%2BMGSZmOFoFYLhxzsiw1LV2432KxLJ9ijB8Fzf2fP3TXs1zV4CP8qjH6DMgRFFCkOk69eIAMDFBTRuD7styQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91472a075c1a-FRA
expires: Tue, 08 Feb 2022 02:19:46 GMT

GET
H2 200 jquery.fileupload-resize.js Show response
www.sharing.wtf/themes/flow/js/ 8 KB
2 KB 35ms
33ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery.fileupload-resize.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d6f1126fbf381ae50f1264f82d5d2c55c400067557abf21387ab4c72af624cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631580
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-1f7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gY5R1Ig3OTaqE5soWd5ZCjpyaOpRX8ibRRgGNYN0eydnf7ZWexsZN2DLLujH9FF8NGxyhzb5FRRwXB7bsVOpf89JZEU%2Fb0M82ZSeG2RYkOflTO1fmnSq8C7qusvGwavqYBGeDufbQMthTRTmPhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91472a095c1a-FRA
expires: Fri, 04 Feb 2022 05:50:42 GMT

GET
H2 200 jquery.fileupload-validate.js Show response
www.sharing.wtf/themes/flow/js/ 4 KB
2 KB 34ms
32ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery.fileupload-validate.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 217bffe44b964e10fe120949b9a143b665a8c03a57ab348713de7d8b2878345e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282241
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-fea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXxIZGwvLIFqyNo5m8EljGcIs7G7fixG5tCiiYLxx%2FCAIVMc32D%2FL%2BnXBlF83KBaZkSjas8TXHfsxRJCKktk1xeKDHMMO8iSxMh22Z0OL9k5fnl%2BP%2FVmn3RDNhlJJOmYguIVFvsDeRzioThAA%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91472a0d5c1a-FRA
expires: Tue, 08 Feb 2022 02:19:46 GMT

GET
H2 200 jquery.fileupload-ui.js Show response
www.sharing.wtf/themes/flow/js/ 24 KB
5 KB 32ms
30ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery.fileupload-ui.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d4a5378ed9f8bf68dbfb6246761e6d44e2b11fa626d8b4f8d1d6a779f037cd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282241
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-61ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biMntfeBHFILfkC4gbnQOPRcAs2OUOX0ga%2Fd263KSNEwg38WFhX8TOgijO2M4sNGp%2BEIRkMk4hPYeZTQVXNxB2ejG02sreyjogBseyowDweed0RRhMR1qq8aSrQp8G%2BwN4zQTxLEeVUITM%2BGgyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91472a105c1a-FRA
expires: Tue, 08 Feb 2022 04:24:07 GMT

GET
H2 200 ZeroClipboard.js Show response
www.sharing.wtf/themes/flow/js/zeroClipboard/ 15 KB
4 KB 33ms
31ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/zeroClipboard/ZeroClipboard.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7fe89a030ea54a29616f0a473366e07d109dfb775f2afa050c2de82e3606fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15770
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-3bd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrO3kE3H5c0AZ9dpcqekevpTbIuMbo7vzw59id9Jiv2tQzRo8KMFIrtvSBQhhiOs5tDvUTZs2lRKZiOCqStvitaoCfSmVTF5qMRHvJt%2B8Mp8s8mhtEtS3%2Fy6plaYuBzk46SAmrRDENnB9Vdeu4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91472a125c1a-FRA
expires: Fri, 11 Feb 2022 05:48:30 GMT

GET
H2 200 global.js Show response
www.sharing.wtf/themes/flow/js/ 3 KB
1 KB 33ms
32ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/global.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569de589d8cef183783583db15262ecd761dc4ca47abd2645b2b475116fdb47b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 634122
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-a20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PueP3QoTSpj12roD5sdYgG%2FL40rnmw4JgDIzDXxGNHHzB%2FVyOxly8McmEgZmDsdL4dNVTjlJnN8Ar%2BqLQ2vbiOPH%2Fbn6krmEP%2FquulUD1M2JntB3N8pSoz7dTcz8oYg3VNFsi2rKMQW7KzZZceU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91472a165c1a-FRA
expires: Fri, 04 Feb 2022 05:20:21 GMT

GET
H2 200 notications.js Show response
www.sharing.wtf/themes/flow/js/ 6 KB
2 KB 44ms
43ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/notications.js?r=1
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71856c43c19b9468c42505f7acbe8a4e12bacb3c3c078dcc2d212cf7aa26a639

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 373557
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-16fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F70YgbKWawxWja9mpk77w1X3aEw0JcV0NaJHZvSpTZkU2fja2K38GQw5zMLhjARWONT82Rvr7oJEMQhQtOEmeRsQPbUEpGtkvrzMFSmoKy9B12h3%2FodmRXtjXNc7LYZOnrSkg%2FyzwR%2B2rc4PIrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91472a185c1a-FRA
expires: Mon, 07 Feb 2022 05:43:06 GMT

GET
H2 200 jquery.sparkline.js Show response
www.sharing.wtf/themes/flow/js/ 121 KB
25 KB 44ms
43ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/js/jquery.sparkline.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f2bcb0b842f3ed514ec601e5e72386ad0ed0c348a3ad505a0846ccacbc34834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 373557
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sun, 16 Jun 2013 03:19:56 GMT
server: cloudflare
etag: W/"51bd2edc-1e236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHVLO1LlCsEHxZtBPGN4w8u%2BXdpO7AABQVXWiFF9EMatxXq0vEXZhC045eqVAVYtECEqpBgpMaXNABr2ZW3Bm450Tqe5aCFX2mkDejKDP%2F9H63eFQwW23ofSnUh30vmy6WNYKi47nbpbncQbrkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91472a1a5c1a-FRA
expires: Mon, 07 Feb 2022 05:16:19 GMT

GET
H2 200 analytics Show response
platform.foremedia.net/code/8619/ 1002 B
999 B 153ms
114ms Script
application/javascript 2606:4700:3030::ac43:d9ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8619/analytics
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d9ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0598dd3e4f64e38ef01882d8f3d8e1956e4bbb52c5a7fc02fdb6a5d9d1791956

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ConnCdkOyk%2BJ1KCguSQaCv%2FzV120P5SitZprZospcdzehqpBR%2BlLwjIPhsYzDCqCc%2BeJLEekB3qXfQw%2Ba6QfuexVdnrDKeglQjMKlSsMJXnJqdFlbs0XB734QVf6yE6lVvh7i7OnGWpI5AMCRXCBkems3imV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 6d4a91485847920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 primary.jpeg
www.sharing.wtf/themes/flow/frontend_assets/images/adblock/ 13 KB
13 KB 45ms
41ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sharing.wtf/themes/flow/frontend_assets/images/adblock/primary.jpeg

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 373566
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12809
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: "5deb2656-3209"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOC2b3bcvSmPEnOBrO7o0suOitETR%2BowNs145cGJ8YG%2FNOz4y28xkcEKNQDDDOn15dhrJ%2B04lVP0o83frGFIEiv8sYQfCP0O%2ByeQzCoHzuBzNFijGSrAiIIPQrF65AZhwNRvaN05EZpZ3QKX3XM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4a91481e9468ec-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 advertisement.js Show response
ads.remix.es/ 164 B
304 B 60ms
11ms Script
application/javascript 78.46.217.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.remix.es/advertisement.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.217.123 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: box.createmyown.website
Software: nginx /
Resource Hash: d71599238e25608faec1d4fb7286e308dcf8322a66ec45f32a9c0a8ec808ba5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
last-modified: Sun, 06 Dec 2020 02:15:07 GMT
server: nginx
accept-ranges: bytes
etag: "5fcc3eab-a4"
content-length: 164
content-type: application/javascript; charset=utf-8

GET
H3 200 adbdetector.js Show response
www.sharing.wtf/ 13 KB
6 KB 43ms
42ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/adbdetector.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd451f4c6497debe481c082c5df0f6abd7aeadab1c3f96ec75b69f738edcdd53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282242
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:06 GMT
server: cloudflare
etag: W/"5deb265a-35ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6jBwX04F3eRdk30JiRW2T8xY9hnPtpzyMjStHxQEaeuJ7K98VApV4s11w3UWdVysfZe8lM5ilK5AZEKH1KTeE%2Bbkt91qWgYLUKA1SY359GxYYlSiJ7lcdrNJfH4U3ehpz9b5fy4ic%2BH20tKpao%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a9147ede368ec-FRA
expires: Tue, 08 Feb 2022 04:24:09 GMT

GET
H3 200 logo-sharing.wtf.png
www.sharing.wtf/ 8 KB
8 KB 28ms
24ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sharing.wtf/logo-sharing.wtf.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10d44d4a92b0e7019f127423dd660872a353e6dc5d9510c52706c709202f85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9882633
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7842
last-modified: Wed, 06 Oct 2021 04:11:12 GMT
server: cloudflare
etag: "615d21e0-1ea2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XB3xX%2Bze4HMeBxZKnufbV8RLjtKH3pC3ChMEhqaza3fSheGYCM6ZodWK3cX4WovZnwg5E0%2Bv2qMSTothppWmbt54IITTKkuYq0JTPK48jscDJkX5qWIuJYuez4Ffg8vMPucBQoFt3QqQ%2BEzZFVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4a91481e9768ec-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 50ms
25ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 28 Jan 2022 13:29:04 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 172ms
75ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65ca07333aae7a3e59fbb77cf883f58356fb5cd7ec1fd98894a2292a8f207c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52023
x-xss-protection: 0
server: cafe
etag: 13309181534218981335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:29:04 GMT

GET
H2 200 freshorange0-1.png
freshremix.net/wp-content/uploads/sites/37/2021/06/ 152 KB
153 KB 258ms
59ms Image
image/png 2606:4700:3031::6815:dbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freshremix.net/wp-content/uploads/sites/37/2021/06/freshorange0-1.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:dbb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d7e2388a1674492150a562d765710b7b189fbe00fe39d47c487ed82758789d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 156040
x-supercache: 0
last-modified: Fri, 25 Jun 2021 22:55:20 GMT
server: cloudflare
x-frame-options: ALLOWALL
etag: "60d65ed8-26188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZubhuOjw8AFg%2Fqn0rWbiTYICD4AFt6fRB%2FMgPJwHR%2BBZ2Bx%2BJhwCTClMHBGgIbVjMtVO3VdPglIr4Y9EEwnyKrKY4FAzraW7tqVqPqvZ4aUUyC%2F3HlGfBpXifcdHwUKamghV8%2BtjyKfxq9CfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4a91495f269066-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4377703e902743e78ee306054e70cbdc.png
beatportmp3.com/wp-content/uploads/sites/31/2021/08/ 6 KB
7 KB 67ms
29ms Image
image/png 2606:4700:3037::ac43:ce2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beatportmp3.com/wp-content/uploads/sites/31/2021/08/4377703e902743e78ee306054e70cbdc.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ce2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8cc656a0db56dab25f34b2fb4ef4a06f1a86037843c84d868482c725fe08cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5255
strict-transport-security: max-age=0; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6425
x-supercache: 0
last-modified: Tue, 03 Aug 2021 21:15:20 GMT
server: cloudflare
etag: "6109b1e8-1919"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mz1yi%2BvyhjdNS2yVgyRy755Oqaa0g7B9%2BgRfiV29BoeTKS4QSMV%2BtWEHZG7x4AAZI5puwR3pcB0tbrNoqW9gfdUQZGgBloCj%2BFnxENVAKg5JX9n%2FiaAPvvcGb2W95ael20%2BvoIPPcVQXZk69PB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d4a91485a6d9130-FRA

GET
H2 200 5df5845b90ed43419a2f9106e57f13b7.png
scenedl.org/wp-content/uploads/sites/30/2021/08/ 8 KB
9 KB 61ms
21ms Image
image/png 2606:4700:3035::6815:14df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scenedl.org/wp-content/uploads/sites/30/2021/08/5df5845b90ed43419a2f9106e57f13b7.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:14df , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01a2818bad367d74f0e4ae4450445816dcd212911c888331d75f9edc3f4ddc70

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282219
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8422
x-supercache: 0
last-modified: Tue, 03 Aug 2021 21:14:53 GMT
server: cloudflare
x-frame-options: ALLOWALL
etag: "6109b1cd-20e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vAstG4ulxv2XM8CVdRrXCnQAkGjpmP%2BAVlDKeP%2B%2FyAULVhn8cEQtY%2B%2FlWA%2FDQoFaZ32Eh5w0p3RlFI2Y%2FRkgDJnGd1lJIb3s0MLyD4fL7hC89RHhJgqksvfwxv7pB1a1ZmnCkmLbV5xEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4a91485a129112-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-traxsource-trans.png
traxsourcemp3.com/wp-content/uploads/sites/46/2021/08/ 11 KB
12 KB 65ms
27ms Image
image/png 2606:4700:3036::ac43:deda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://traxsourcemp3.com/wp-content/uploads/sites/46/2021/08/logo-traxsource-trans.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:deda , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ceea477adb1f1ce1a719a8f281e65e5cdd7ac2f37f2709a880c47336681d063

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11762
x-supercache: 0
last-modified: Thu, 05 Aug 2021 11:13:59 GMT
server: cloudflare
etag: "610bc7f7-2df2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5Mrx9S7YXIWPQ8HZE0FkDEhFPeCAHoNiPsoO5bgEOLQ3YdcP0pjWEh2ebQQpycd%2F10ytF%2Fr%2Fy8cpk%2BOL%2BSfYfcVoMwqT66i3e3WfsHZvsSdL2Q77xLtTOgT3dLsdyR9TKZ3fBVPE4McZQ35uDEAgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d4a91485d635b3e-FRA

GET
H2 200 logo-edmfresh-transparent.png
edmfresh.com/wp-content/uploads/sites/33/2021/08/ 11 KB
11 KB 130ms
44ms Image
image/png 2606:4700:3036::6815:5ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edmfresh.com/wp-content/uploads/sites/33/2021/08/logo-edmfresh-transparent.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5ca8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a813da18118eee96970a992296ba4f3487c9e8b80b25d9812775dd5debf1b80b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5782
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11231
x-supercache: 0
last-modified: Mon, 09 Aug 2021 11:21:20 GMT
server: cloudflare
etag: "61110fb0-2bdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcITWWEzLKQzlxzwJ%2Bz7bIxU8s6Erv18F98sqNESp5%2FOCcHV7Dcy%2BERzgZYBnExEPxTKemZGmGzj9G9hH4Ni7xBKpTOG7i0X7sl9mmI86RGpGvyc0xWfXROuQ4C7Dg6Hy5zencDQkugaSNc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d4a9148ae46909a-FRA

GET
H2 200 dr-logo-200.png
dirrty.remix.es/img/ 4 KB
4 KB 149ms
26ms Image
image/png 172.67.218.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dirrty.remix.es/img/dr-logo-200.png
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4169826fbd9498dd3ae10be5ecf126833055b3a2b4e224ae22a81139cc14bd2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 256643
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3980
last-modified: Fri, 04 Jun 2021 22:35:41 GMT
server: cloudflare
etag: "60baaabd-f8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeTOGJOqZj94cZ9kNsyHGsFv7pNpWaR3fOtG0a%2FUGLq7877zh0fl2pLrZv8ZpowJsRxo2S3T1hdazow6G81dY8bRVL6BI80eL6V4YFAcVJMu61q59CV%2B7YFQkn5wKD03taQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d4a91493f7f06a6-LHR
expires: Thu, 24 Feb 2022 14:11:41 GMT

GET
H2 200 logo-edmdl2.png
edmfresh.com/wp-content/uploads/sites/33/2021/08/ 7 KB
7 KB 49ms
24ms Image
image/png 2606:4700:3036::6815:5ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edmfresh.com/wp-content/uploads/sites/33/2021/08/logo-edmdl2.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5ca8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c7be8510a4e0bbac1434c68594640e78798244126a2e5e57ca1fe25c1ff7beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5782
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6775
x-supercache: 0
last-modified: Tue, 10 Aug 2021 12:21:41 GMT
server: cloudflare
etag: "61126f55-1a77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMGFM498ESTsQ5%2F3HELHnAboPh29fKVIY0byHxBJWtANDqH7VqZ0a07Rv9sc50%2BwGNChOoMzzCEd85TE0OA9T5QD4bCsDheSRGKDAaFXfPx6O46wXf6rGv1ZnBcklK0v74GfdbdJ%2FOlxFsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d4a9148ae4b909a-FRA

GET
H2 200 logo-djpool-red.png
djpool.net/wp-content/uploads/sites/17/2021/09/ 11 KB
12 KB 112ms
51ms Image
image/png 2606:4700:3037::ac43:cf77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://djpool.net/wp-content/uploads/sites/17/2021/09/logo-djpool-red.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:cf77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdaa1fa87ad83129b5cf578e4fa086ecf9af58ab1fb61cef96c1d432db239a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98496
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11694
x-supercache: 0
last-modified: Thu, 02 Sep 2021 13:39:51 GMT
server: cloudflare
x-frame-options: ALLOWALL
etag: "6130d427-2dae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PibFp71gDKmFadhmX6NdPSb8s%2FdxNYlGOfAgb4lo87TvDZR%2BRdnwWa%2FlAa61Kn2CwTiSlcqdkm81ekrdg97AzlfxooPm5WXHN2Hcs2mdhBlUIw7zwmJw%2BuMHinASZXLZJJMDquCp2Omj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4a9148f9d30c01-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-djremixesalbum.png
edmfresh.com/wp-content/uploads/sites/33/2021/08/ 8 KB
9 KB 40ms
21ms Image
image/png 2606:4700:3036::6815:5ca8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://edmfresh.com/wp-content/uploads/sites/33/2021/08/logo-djremixesalbum.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5ca8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

338a6aa64adcedd95491fa3834f0c37e924cddaa65f42f6956a125a582b143e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5782
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8646
x-supercache: 0
last-modified: Tue, 10 Aug 2021 12:17:56 GMT
server: cloudflare
etag: "61126e74-21c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kfj%2BkjPZoSXIhFAC6o6n4EnWJCxJILTeQ6wPGz2ojZwLz1UugDHFYuNbcZEUwDTZ2Ndcrs2KsCVnYBXCVtjPsrvW8SgQ7QL9RstTF5noZ60ALS3NsEbivsRGkWbsXlt6GkEz%2B15JOTVcG28%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d4a9148ae4c909a-FRA

GET
H3 200 logo-search.png
scenedl.org/wp-content/uploads/sites/30/2021/09/ 5 KB
5 KB 36ms
21ms Image
image/png 2606:4700:3035::6815:14df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scenedl.org/wp-content/uploads/sites/30/2021/09/logo-search.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:14df , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57145af5e5b17fb3195d77a245a1b01c4dbdf1f7d9772967c5a6055a336dc82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20227
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4985
x-supercache: 0
last-modified: Thu, 02 Sep 2021 14:00:23 GMT
server: cloudflare
x-frame-options: ALLOWALL
etag: "6130d8f7-1379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rq9tdsl7o158T%2ByCJrDLji3Xe%2BpkDsyXFuwSLkmrRzpOS0p06j2SCbL97bBA9eVukyGPkSu2pS4kTq4oARAa%2FD6x%2FlssOlrrgeq%2FcCVZ9BbV7c%2FvQH5qTUQ85eEFoaAJp06ZTGWSnUysyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4a91489f3b9199-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 us.png
www.sharing.wtf/themes/flow/images/flags/ 609 B
1 KB 44ms
41ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sharing.wtf/themes/flow/images/flags/us.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282242
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 609
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: "5deb2656-261"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Ba69lKlnzLfO%2BHbzi87ZvwjsqmPzLn86joL6fSu0EWd72F2Z1eoNCnMROlxvTKYl8iC%2BToVt20v4cFmBtj%2BqMmdfAqETfnrPitWR3f7vSbcZNIckYiTGTqnu%2FBeaI%2BtfgKz83IpnGPQ66BtxrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4a91481e9868ec-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 es.png
www.sharing.wtf/themes/flow/images/flags/ 469 B
1 KB 44ms
41ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sharing.wtf/themes/flow/images/flags/es.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282242
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 469
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: "5deb2656-1d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4k%2BGZk0X74ofvCRmIk5w5z%2B340Ow18ROX0lIPWxKZEW%2FGjRnm8IG776vX4Z%2Fr%2BjPyfC%2Bb9GKCA1tdb7F4HvScAvZwZbOmkecaU9ZvnX1V7d3Yy02l%2FQwuouYL5AAjJU3kdf1VIaHlJ4Ex3SKCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4a91481e9b68ec-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d.js Show response
waust.at/ 13 KB
7 KB 77ms
42ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368
last-modified: Mon, 03 May 2021 17:48:14 GMT
server: cloudflare
etag: W/"6090375e-3444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkoOwuoKaWCD3iw9gjoqt2%2BslxMl%2BL0V%2BRXZwcgm7MAtGMD8duyBhdF7RHmGpjWcsx6Kwk7qJ%2FZXZEdTzassMXwB%2FwcCsbwvacnIBuoql2X7SdjoP1BSPMZTYO6uZr%2F%2BmJ%2BTA%2BPS"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d4a9148cd5d90a2-FRA
expires: Sat, 29 Jan 2022 13:22:56 GMT

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 21 KB
8 KB 59ms
46ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sharing.wtf/
Origin: https://www.sharing.wtf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 279238
x-jsd-version: 1.16.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19177-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6d4a91482be090d4-FRA

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/ 59 KB
16 KB 45ms
21ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sharing.wtf/
Origin: https://www.sharing.wtf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 674, 718, 718
age: 271765
cdn-cachedat: 2021-06-08 14:41:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: cf70411ac706ced2a83df80105a1a689
cf-ray: 6d4a91483932927a-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3 200 jquery.appear.js Show response
www.sharing.wtf/themes/flow/frontend_assets/js/animation/ 1 KB
1 KB 30ms
25ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/js/animation/jquery.appear.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa77538239ff2758ff9fa8ef646cad3e9ca818dd13fbf15ff3ca8a8bee173c69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282242
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-5c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWhp1OSmpW0a0Glb8OPExB%2FDOCM2UWPPrBafhRvKEOmPcscBHMjm0G3WXJI3m0GZ2Cfcx2J7Ep99hC8Rr3mLW6VZy4Rs8wHiH5gwlkIzWfZ5gKnTDg0hspGXRlPo5kD1lbqJcd5EWuEaNU7zkdY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e7c68ec-FRA
expires: Tue, 08 Feb 2022 04:24:09 GMT

GET
H3 200 jquery.themepunch.plugins.min.js Show response
www.sharing.wtf/themes/flow/frontend_assets/rs-plugin/js/ 83 KB
30 KB 36ms
31ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebf4e570b96d611fa540bb8745ba518a1005d50c4589a2c2cf3a60a97151a184

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282242
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-14cc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=to6qZ24JlzJ0suu7O3ftw7dvPSALG54xDqTllSr67QInEEkgaHyDb8v4NJz%2FovrNRzk%2Fs149YEAKUCnhjVryblr%2BF1efKzbQLVMRH3geML%2F8q8rrEBYc6ikOH6ntq84%2Fawtc1cnd%2FgbhlgFGRB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e7e68ec-FRA
expires: Tue, 08 Feb 2022 04:24:09 GMT

GET
H3 200 jquery.themepunch.revolution.js Show response
www.sharing.wtf/themes/flow/frontend_assets/rs-plugin/js/ 193 KB
39 KB 34ms
29ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d72616e59f2ba832c54a0e734cdf0a79cb8730f81a07b5de43864c15a240e221

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197144
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-303b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnNYYIjQISBmOHAvM4dOCnnV3p5ENfdI1dPvtRSIwL8ZcrEGornNm7zUNVgdfz4QMBRdGd0Pl9rR4Pat393hz0%2Fs6hxjbXW09OfbMimzX%2Bt00ATH87B57UEPHls908WSxYmeuBeAfn%2BQv6LsXX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e7f68ec-FRA
expires: Wed, 09 Feb 2022 05:08:14 GMT

GET
H3 200 jquery.scrollTo.js Show response
www.sharing.wtf/themes/flow/frontend_assets/js/nav/ 2 KB
2 KB 24ms
19ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afff7cdd8f6f0ca43b26573840f5ec5d3302dc1fc2b2209a1163e3978c9d012c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282242
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-981"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5HTOclOSDdE6Z93fsDtBfDvs9riZBOnTg%2Bsg0bKZsr2pYAUBuqyxBNyOsWy04a%2Bba2Ae1J2hegHrll8TDrKspTyq8RoJX%2BuxgrEZH678Obu0c0PhEWEBmbo3Ili6JDmUkBvH%2FTNLp72V6YJr4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e8168ec-FRA
expires: Tue, 08 Feb 2022 04:24:09 GMT

GET
H3 200 jquery.nav.js Show response
www.sharing.wtf/themes/flow/frontend_assets/js/nav/ 5 KB
2 KB 29ms
24ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/js/nav/jquery.nav.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10815e9b5addf60315886f7216b0530fd58fa8580ca6a81687f14ffee517c619

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197144
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-1547"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0M44a9hK%2BUF0DE%2BIVJrV%2Bal3kUby%2BotS3lbw94y%2BhBuh%2BCbQP9Q6qvodfaAlz30Q5o2CAvwkL8WHOuxupXxioYSAQt4uEO89vJ%2FUEfxdTaXS0xHiu%2F134Jj84UCfL73i%2FE93vjqHRGHJBkqBYKk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e8368ec-FRA
expires: Wed, 09 Feb 2022 06:39:12 GMT

GET
H3 200 jquery.sticky.js Show response
www.sharing.wtf/themes/flow/frontend_assets/js/sticky/ 4 KB
2 KB 45ms
40ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9f251d98edd1208a6c45aee90ff4011ed964e87e8bb622ae7a45249f1dae43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282242
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-1099"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvyxCHTz5pqivjpwKxri70sfx2Rmf166ej%2Btp%2FTMS0zrlTIibRfXvM9tP9Ofb6CgTDgK46keVtFI8McDoA15sgARLD8fu6a7zQkZohgbBieHsA2GJNeFru2BbWoLUjxJ%2F1dRo5v9z8qJN5xMS6M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e8568ec-FRA
expires: Tue, 08 Feb 2022 06:10:28 GMT

GET
H3 200 jquery.isotope.min.js Show response
www.sharing.wtf/themes/flow/frontend_assets/js/isotope/ 16 KB
6 KB 32ms
28ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 743b919a337dfbb6d1e8648d0793532d47f8af48059e17f7e32ae8738c7614a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 801045
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-3ead"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3y%2BV5UMr3eM42p3NyhiMA6iabBAD7WyG%2FcehQcB9NG0%2F13EOEgNSAMaBj0h%2Bdz05gHiWBqTtm%2BI%2F4Xhn7OGkPm4JDckgZI2scGJzxHpr6%2FhftSLQA6DOyw9kK8DnE246EV3sXszglcodBxEQfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e8868ec-FRA
expires: Wed, 02 Feb 2022 04:57:48 GMT

GET
H3 200 custom-isotope.js Show response
www.sharing.wtf/themes/flow/frontend_assets/js/isotope/ 2 KB
1 KB 25ms
20ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/js/isotope/custom-isotope.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9930043ffb4753c135a12f6be97e24ef56fdfd5aaf1af6a204d99937a7ba8ef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282242
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-71d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNmdfICDw4vD0ur1iAfPGRkQUbrlVIZ6RHxofaBdindFS3QK1nzLnRQyqEzKupCc%2BQlxb6pgMGBo%2Ba%2Bk9E6WU8ErKiuEaJ6ngxXTMBEwaecLPicVS5Pfp%2F%2Ff%2BdSSupi1zvTFjpoO7DXWGyLme6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e8b68ec-FRA
expires: Tue, 08 Feb 2022 02:19:48 GMT

GET
H3 200 SmoothScroll.js Show response
www.sharing.wtf/themes/flow/frontend_assets/js/SmoothScroll/ 7 KB
3 KB 45ms
40ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fa669071ed5fb03e9954ba360885e7ba95fb77ae5448dfc313c3c01202b46aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 801045
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-1cdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbvoqPtycWby5cBEd%2FCk%2BTZBaZPZoPDCWwUp1xZNBS3qLopuHuyOV0drA%2F%2BPCRBEKh0%2FSONMgjJtxW8DJnQlCb0ZJZo3MhN6xOHRI7dx7SusBuD6g0lCZtJwIAtwo2ehY4KFy%2F%2FVAnbfCXw8uR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e8e68ec-FRA
expires: Tue, 01 Feb 2022 22:12:27 GMT

GET
H3 200 custom.js Show response
www.sharing.wtf/themes/flow/frontend_assets/js/custom/ 5 KB
2 KB 32ms
28ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/js/custom/custom.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a6e94bd20712d563b536fbbeed0ec51909ef97a6e79a690cf830fa3c6aad074

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282241
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-1374"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMVuSYIVE987v5qi9pXCY9Mdxy%2ByL3Ko51lVdKDhtxOYthZma6OBbbIm%2F6gqIrEf5NUGEZP%2FxGS1l4umRRTU2NSvtXdKLGPi2uiSjnTKDypoWQwvlbzzp8ZSZzaRBy4ou%2BGpjcIIF5aHyzDJaLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e8f68ec-FRA
expires: Tue, 08 Feb 2022 04:24:09 GMT

GET
H3 200 gauge.min.js Show response
www.sharing.wtf/themes/flow/frontend_assets/js/ 17 KB
5 KB 45ms
40ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/js/gauge.min.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d9574ce1b6890bd6ccf1ef3d04fe1328f35c5bbced7b6b331459119ef4fe480

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 638839
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-45b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Neb9UW25H3HA%2BHHC77EOg9DH1%2FdYelzQczLygkw4acJu9Pudwtb%2FbgeV6k8G35Dec5l7jYowMwRZ5PSwogCoEBMt81priu82zwuM2HZZBKBYJjISk3jkleiHe3PReADLjcplEx2eELtbmoogpME%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91481e9168ec-FRA
expires: Fri, 04 Feb 2022 02:23:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 142ms
52ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6843703-13

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/cdn-cgi/apps/head/6fpFc5rlrPMaf0p7BwX_h0pswB4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84da0acc29d0afd860c0cf50301a2b5e31ead305d5d57761729feeab036f1980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36065
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jan 2022 13:29:04 GMT

GET
H2 200 hb_483572_13220.js Show response
player.adtcdn.com/prebidlink/456493/ 382 KB
112 KB 233ms
202ms Script
application/javascript 2606:4700:3037::6815:3471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 894fd647f2a17bdf254524c692f3a1dd41a6bce24f4349a9b76e4ffa9f9115df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 13 Jan 2022 16:22:45 GMT
server: cloudflare
etag: W/"61e051d5-5f760"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8E91y%2Fjtc4vzrrpQrzHxaqr7gMC30xJBwtyZMlkNR2WZUUmRyZcF8LrgvHheJvBv6YnR8jy7ujhTmnpDlKtgtFEEI4YpjLYeqR0HMZUddzPgB4UiqUd%2BDcujTAh5%2FvLME4xH7ScO%2BFgNruvaLNlsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4a9148fe2f904c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 28 Jan 2022 13:44:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 149ms
52ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

126f0de97cfcba019f4e8d55dba5189e721cdaf9b62fe23f25aa5494d3f7d19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27130
x-xss-protection: 0
server: sffe
etag: "1115 / 16 of 1000 / last-modified: 1643371765"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 28 Jan 2022 13:29:04 GMT

GET
H2 200 wrapper_hb_483572_13220.js Show response
player.adtcdn.com/prebidlink/456493/ 1 KB
1 KB 105ms
104ms Script
application/javascript 2606:4700:3037::6815:3471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/456493/wrapper_hb_483572_13220.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf42d4b9292667bd95276b66405d68ba67d30c91946724f10525579548cacac1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Jan 2022 12:15:58 GMT
server: cloudflare
etag: W/"61eaa3fe-41f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vmYiHAWusCrmAVo4i6eJQ0xruf7XQNVJ2gDb3As4mrxbEu12ftdbIKJWB%2Fln0JDYkpEDtba66GINm9t7yoIpoO6%2FPvYuU0E3nl%2F%2BxcpEpgVFNJ3rrrzFgBy9l19BSwd%2FB9RgxSZuWUiW0RVGVAKlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4a91490e4d904c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 28 Jan 2022 13:44:04 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ 178 KB
55 KB 24ms
22ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7bd1334f301c24ce594782077437f378992fa2d2608275a1e9bcfdcc9c9aea1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d4a914829499255-FRA
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 08:38:28 GMT
server: cloudflare
age: 7376
etag: W/"2c618-5d678203278bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sun, 27 Feb 2022 11:26:08 GMT

GET
H2 200 e5348885-f277-48dc-b249-4e674957fef5.js Show response
app.playstream.media/domain/floater/ 578 B
418 B 197ms
12ms Script
application/javascript 88.99.215.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/domain/floater/e5348885-f277-48dc-b249-4e674957fef5.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.215.99.88.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 96685c626a38c1f3d67f960ea5df55804239ffd14dd20e4f07e1e6b3616f234f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
last-modified: Wed, 29 Dec 2021 12:20:23 GMT
server: nginx/1.17.10
etag: W/"61cc5287-242"
content-type: application/javascript; charset=utf-8

GET
H3 200 fonts.css
www.sharing.wtf/themes/flow/frontend_assets/css/ 15 KB
1 KB 24ms
23ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/fonts.css?new=1222
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ae4a1f40523a959737a8f65dc36713ae7c7470c6273b2e357a182bed964449

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282240
cf-polished: origSize=18485
x-cache: BYPASS
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: W/"5deb2656-4835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWoTt7W1vvb9yKotK%2BcUbXdG1IEo00zq7klwj4kQRFL%2BabjMOjkds%2BJzsqoFe2RpmxOiwXDkxRnU1%2FMGqvQsreRH11RANBeTvW3WqBQG4n8JFWR4kDe10OYiPwtim5RqhYineaNw1LOe3Qf5wsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91478cec68ec-FRA
expires: Tue, 08 Feb 2022 07:05:03 GMT

GET
H3 200 settings.css
www.sharing.wtf/themes/flow/frontend_assets/rs-plugin/css/ 37 KB
6 KB 26ms
25ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/rs-plugin/css/settings.css
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 192e4e1e6fdab2d62997b5dc6b6db5f625e8b869843f17714b2cd84344668f40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282240
cf-polished: origSize=52843
x-cache: HIT
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-ce6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9FnBtfXZctJ9iNDr5J%2FlqKOfMZoBRYzYK12HLOCZDKzEjpwqPtZPMhSuv6hAtZJKpBLgZ2%2FkcG4sl%2Fu%2FuVL4GqeVVo9xMwtJXVRRZjfpXazfAYuuG5WPReH1uD%2FWuTHOAEpVCrd3D4%2BfQEYYBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91478cef68ec-FRA
expires: Tue, 08 Feb 2022 06:16:45 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 51ms
32ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 371605
x-jsd-version: 4.6.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19145-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6d4a9147adb26928-FRA

GET
H3 200 stylesheet.css
www.sharing.wtf/themes/flow/frontend_assets/css/ 17 KB
4 KB 24ms
23ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/stylesheet.css?r=1111
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4b7b3386203ea7d49946c321ec9e297009d94ed1d49253cca2a0195cd1fca1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282240
cf-polished: origSize=26961
x-cache: BYPASS
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: W/"5deb2656-6951"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNnEMSlXoliQVYQFEqOHxMWJ1avt%2FJiyjKnKXMWzZ%2FbZvYo5tfTG9iA%2ByRTiIYoZqebBi3cJ0McTVo6FdfKgkhDdn14LQuaCtQd%2Fvl9%2B2oP7aMCB2FUbN5x8fQj47YyNg4arGck5FieyH6tGY4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91478cf468ec-FRA
expires: Tue, 08 Feb 2022 07:05:03 GMT

GET
H3 200 animate.min.css
www.sharing.wtf/themes/flow/frontend_assets/css/animations/ 47 KB
5 KB 35ms
34ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/animations/animate.min.css
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b36949876f75f2961b55a066b1f9695ec8c3772771d700e951736b1fba45cbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282240
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: W/"5deb2656-bc86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usyb%2FlnmJaP2oujFjptbrpPRlPbJhj4FDI%2FuPoc%2FG1E5%2F4YafVBrA5vQPivjdn%2FT3zUrgO0yjq5ZeBs2RlPmeg9wSvs6gWPhPvBoOiveUfdHEndu0%2Fj3JQBNCbg9hzEI1enqAQZIMl2DiAU9iUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91478cfd68ec-FRA
expires: Tue, 08 Feb 2022 04:24:08 GMT

GET
H3 200 font-awesome.css
www.sharing.wtf/themes/flow/frontend_assets/fonts/font-awesome/css/ 17 KB
5 KB 31ms
31ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 282cad9f87f0679d70cb4a8e31d8b294d0caadfc7442717538572f5b1aa31cba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197154
cf-polished: origSize=22996
x-cache: HIT
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-59d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiMLA0IYBKK440lCqt%2Bm1M9XQctyL1ptS4ZEL9KQbvt6WJVEDFTSWxt73ri12hfknCR%2F4kt%2ByfZN3IMP0FKMDGNwFZtOrAa2ac8prc5zBff9jAY3DYVbz9yFHugtXQC3GLtJVVsizGrOS7XMGWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91478d0268ec-FRA
expires: Wed, 09 Feb 2022 06:39:11 GMT

GET
H3 200 isotope-style.css
www.sharing.wtf/themes/flow/frontend_assets/css/isotope/ 2 KB
1 KB 29ms
28ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/isotope/isotope-style.css
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c61f114d3bcd037a92e53efc4229540bce30752ae1895b158fbf11ad8109a97d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/themes/flow/frontend_assets/css/All-stylesheets.css?v=29a111a0511.112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 373557
cf-polished: origSize=2803
x-cache: HIT
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: W/"5deb2656-af3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylzUzeJRyE631sw5m3k6ftVbcgPHVhTIfJ1fuCSfs5%2FwT%2FGqEcUkpUxF2PDAQ34KBKRpsag9IJYPw85D%2B3RWgDchBoCnUsAb8K06KuWKBQaMgGlkaj5ylRyFeF8H%2BuNfkDw3627g6kxF5z9RHd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1209600, must-revalidate, proxy-revalidate
cf-ray: 6d4a91478d0468ec-FRA
expires: Mon, 07 Feb 2022 05:16:22 GMT

GET
H3 200 to-top.png
www.sharing.wtf/themes/flow/frontend_assets/images/icons/to-top/ 1 KB
2 KB 62ms
60ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sharing.wtf/themes/flow/frontend_assets/images/icons/to-top/to-top.png

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/stylesheet.css?r=1111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37be654a36cfd07acf97729e3ab480317dc2644c152bfbebd36376ead8dbde47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/themes/flow/frontend_assets/css/stylesheet.css?r=1111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9882633
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1183
last-modified: Sat, 07 Dec 2019 04:11:02 GMT
server: cloudflare
etag: "5deb2656-49f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GucWleAgnL23rYRRs2Wyds25yZ207eV4P2I2jZXGwNySNNaXz%2BA%2BXipDnXlHseKOYiX8j2VQs3Z9fBCpRRALux2DjgnLq9dVM0p6MqXdApQl338UNJPz0aDV02Z9vY0WNd2kt4vnFleqVP5LXe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4a91484f0368ec-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ProximaNovaSoft-regular.woff
app.dirrrtyremixes.com/fonts/ 30 KB
30 KB 59ms
26ms Font
application/font-woff 2606:4700:3033::ac43:959f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dirrrtyremixes.com/fonts/ProximaNovaSoft-regular.woff
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/fonts.css?new=1222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:959f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64604a28402fdf655fd995a7e9593171374f67e3f05ee2a92bc7d0c3909f69d9

Request headers

Referer: https://www.sharing.wtf/
Origin: https://www.sharing.wtf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4505
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Mar 2015 23:18:52 GMT
server: cloudflare
etag: W/"5519d9dc-7720"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3E4wr6IjOMkjjeycB4n6Fyp5%2F2t3Tdbme5u96OIsAv7wDJSh53N%2BhukQkef%2Fq4qxfIMEy%2F%2F0feX4Hpz%2FMYDKasEhWdVxlrlEPVYHJttJ0GEL6PxP%2FrGGay38KSIUHYa1s6t8D2tAmfQZCLOw6FMA4vzXM5s"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d4a91488d509042-FRA

GET
H2 200 ProximaNovaSoft-semibold.woff
app.dirrrtyremixes.com/fonts/ 30 KB
31 KB 52ms
19ms Font
application/font-woff 2606:4700:3033::ac43:959f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dirrrtyremixes.com/fonts/ProximaNovaSoft-semibold.woff
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/fonts.css?new=1222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:959f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba99699e18309fa14c4963932307d90edcff6940afb5e99c9267f9c4856ec04

Request headers

Referer: https://www.sharing.wtf/
Origin: https://www.sharing.wtf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4505
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Mar 2015 23:18:52 GMT
server: cloudflare
etag: W/"5519d9dc-79a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVr7gvL0JyxUNfDyQNSm%2B6FmAezyZI8SXAVBLZXF%2FOsoDxKir5adUnSliArpFRJwBuosBBtjIE0o3aOlpyAbsHnqHnvuKBPoDMuXKmiCBC%2BZ8AHnzvSl%2B9ljF%2BqDlBCx6I1e1nni49b2gn7TsTuAyvuCK4JX"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d4a91488d539042-FRA

GET
H3 200 fontawesome-webfont.woff
www.sharing.wtf/themes/flow/frontend_assets/fonts/font-awesome/fonts/ 43 KB
44 KB 25ms
24ms Font
application/font-woff 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sharing.wtf/themes/flow/frontend_assets/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer: https://www.sharing.wtf/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
Origin: https://www.sharing.wtf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281584
x-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 07 Dec 2019 04:11:03 GMT
server: cloudflare
etag: W/"5deb2657-ad90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BDCjPbLNSoct7QkAJRbZHXHQ%2BDBNLVl4rujXv9Pof6gagrunhkWaXLGqoZgBXTXIJ1oittODw42UbdKBw67WS%2BFNprvBWHBUnhuR9T0t3SwoA%2F%2FcS1%2B2TbQHtPkBv0Fob26Xl%2F7Hg58TKpx28g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 6d4a91484f0768ec-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Gotham-Bold.woff
app.dirrtyremixes.com/fonts/ 71 KB
50 KB 56ms
21ms Font
application/font-woff 172.67.166.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dirrtyremixes.com/fonts/Gotham-Bold.woff
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/fonts.css?new=1222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.166.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00e888c04b8bc98d0fb7eb7861f42ca72db696d137f05f05c5ae454d1bdf3c3b

Request headers

Referer: https://www.sharing.wtf/
Origin: https://www.sharing.wtf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Oct 2014 06:40:43 GMT
server: cloudflare
etag: W/"543b73eb-11c14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pm5UvtcpG47Rh%2Fx40Gsyew2zG0Qi9jAvHXP%2FVQW4DD9ig8QOscSPUOtjmiaqWXQjZ7u%2FsjVEg0cQywsWyEpW%2FvjUONpbZew3iA2Awh%2BqrhlXGYVUv0J3UgJZS4esgn%2FS0oFWUYxU%2B%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6d4a914888f49055-FRA

GET
H2 200 ProximaNovaSoft-bold.woff
app.dirrrtyremixes.com/fonts/ 30 KB
30 KB 59ms
26ms Font
application/font-woff 2606:4700:3033::ac43:959f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dirrrtyremixes.com/fonts/ProximaNovaSoft-bold.woff
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/fonts.css?new=1222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:959f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae167e7a780a2e610ee670604e522a8b11a40139c56a491e6eacbae1a4e25bec

Request headers

Referer: https://www.sharing.wtf/
Origin: https://www.sharing.wtf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4676
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Mar 2015 23:18:51 GMT
server: cloudflare
etag: W/"5519d9db-77c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ataG2uxVc482AG3YpqcSc8ia6NzxvzRspIW0v9N0NRs0DS3At6HwPFUCEN71o1NyRGGCKanrgHOP3HHFtoUhnV9LEdZiNq5PeafjuATSqu%2FjTUn3e4KZRRtRp6JMZSIktVSx48c1I9pYo7eot%2FTtU%2FJSa0bo"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d4a91488d549042-FRA

GET
H2 200 ProximaNovaSoft-medium.woff
app.dirrrtyremixes.com/fonts/ 30 KB
31 KB 51ms
18ms Font
application/font-woff 2606:4700:3033::ac43:959f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dirrrtyremixes.com/fonts/ProximaNovaSoft-medium.woff
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/fonts.css?new=1222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:959f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 165edab02224e989f70df304bec51017f29c55aa9309fb2d136fcdd3a1fb7c7a

Request headers

Referer: https://www.sharing.wtf/
Origin: https://www.sharing.wtf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4505
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 30 Mar 2015 23:18:51 GMT
server: cloudflare
etag: W/"5519d9db-797c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dektKmA2alt2OTpM%2BpRPZ4X4nUJIvCOvF6bP59eZe1tXWySJLNgxQD4COWR3dXnYk8snmZpQ%2B42RTzTFrvKRM8Em%2FZiWDO7ybhWC7I4OM6UvILd4yrR8pPtXTQcBUX%2FLRkwjC802Z2vsaggjyfhNBYpkIR3N"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d4a91488d559042-FRA

GET
H2 200 GothamRnd-Medium.woff
app.dirrtyremixes.com/fonts/ 61 KB
44 KB 63ms
28ms Font
application/font-woff 172.67.166.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dirrtyremixes.com/fonts/GothamRnd-Medium.woff
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/themes/flow/frontend_assets/css/fonts.css?new=1222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.166.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db17b8f931ce15c9ac70dae0f4ca9729e46c316bac58f96786b3edc73774fbac

Request headers

Referer: https://www.sharing.wtf/
Origin: https://www.sharing.wtf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1668
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Oct 2014 06:40:43 GMT
server: cloudflare
etag: W/"543b73eb-f3e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohaNX%2BYQR%2BGbEK7QNsBG3kRjzfZydJhZsgdr4t85wt4%2BFccmvf3InaxG1JIBe0jWcM82%2FQ8%2FzPHnvRpLhcp2DL5TSKYAiaeb9fvEQ2sP4UQuKKh9tEdHZj%2BTiyw%2Fs9MYM67kY%2BLnyD0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6d4a914888fb9055-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
36ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6850
date: Fri, 28 Jan 2022 11:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 28 Jan 2022 13:34:54 GMT

GET
H/1.1 200
OK track.js Show response
track.gaug.es/ 4 KB
4 KB 409ms
99ms Script
application/javascript 54.196.80.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaug.es/track.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.196.80.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-80-103.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 13:29:04 GMT
Last-Modified: Wed, 15 Dec 2021 05:45:49 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "61b9810d-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 34ms
8ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 04 Feb 2022 13:29:04 GMT

GET measure.min.js
asset.pagefair.com/ 0
0

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 4BB3 9 KB
2 KB 210ms
202ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0a9d7833775e69429b74f5998f2bc54b0d366217d9b65c609b20eb0e6137fed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d4a91496c4c9255-FRA
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
37 B 282ms
281ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 6d4a91498c879255-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 331 B
495 B 252ms
252ms Script
text/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&jsv=1779.004-3.025.ab.1786.003-3.025&_cb=16433765442190
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b07df7275d5ca2bf972ecd5f217a7caf1e55f93ac32d26454a6a11a9078be71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cache-control: max-age=0
cf-ray: 6d4a91498c8a9255-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 25ms
10ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=14366
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 26ms
8ms Script
application/javascript 51.89.24.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&j=
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 13:29:04 GMT
X-T: 0.551
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: ger1
Expires: Fri, 28 Jan 2022 13:29:03 GMT

GET
H3 200 analytics Show response
platform.foremedia.net/getcode/8619/ 7 KB
2 KB 245ms
226ms Script
application/javascript 2606:4700:3030::ac43:d9ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8619/analytics
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8619/analytics
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d9ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e04b7ddd992665c7257119c8cba87e383065d43e0072a777f46c405e7caf1b6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwZArJ3XQjX89vUt3hDth9rUPoSiCVuFMbs3JsGAIZo4dg7LoiM2VYf0e3Pv%2FUqgY6%2Buax6H2Cq%2FNi1RruzmrOeujn%2BbBNAA4HI583HlqFvJLqYeYoNrypKXgZ0mUwV2C7GKSDTvfmiIG5pALY0fQdLe%2B48I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 6d4a9149cd5292a1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ 283 KB
102 KB 113ms
66ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5945208862215231&plah=www.sharing.wtf

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5945208862215231

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f4fdf9f78a6678207ffa7eabc4f2a2eac3cd756b3aa69c6ad75b4dc81ce1d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104322
x-xss-protection: 0
server: cafe
etag: 107536255599717519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:29:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame 005B 10 KB
5 KB 123ms
39ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5945208862215231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 27 Jan 2022 15:52:32 GMT
expires: Thu, 10 Feb 2022 15:52:32 GMT
cache-control: public, max-age=1209600
age: 77792
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
145 B 318ms
106ms Script
text/javascript 67.202.114.214
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=0akrqdovxs&t=Timmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20(Extended%20Mix)%20Hardstyle.mp&c=d&x=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&y=&a=0&v=27&r=6945
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.214 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: a66e1f116f7a1960caa2ca0e0fe9a1c83541cda6b61bcc44fc7d2fed8841907c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 rules-p-aRcPwKQFvbG4U.js Show response
rules.quantcount.com/ 3 B
437 B 38ms
8ms Script
application/javascript 2600:9000:2156:2e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-aRcPwKQFvbG4U.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:27:37 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
age: 32488
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:46:37 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: JziiXjtdCQaon5N2qwb-WzSUe6a4J_oWVgACBmhpbhuA6H9e-AUtxw==

GET
H2 200 hbw_master_483572_13220.js Show response
player.adtelligent.com/prebidlink/456493/ 109 KB
27 KB 50ms
13ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/456493/hbw_master_483572_13220.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/wrapper_hb_483572_13220.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7f87ee70e373d8752ac6ccdeded28ef1f9a3c9eda90ed5c480fb2e3034b47255

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
last-modified: Fri, 21 Jan 2022 12:15:58 GMT
server: nginx
etag: W/"61eaa3fe-1b4a1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 28 Jan 2022 14:29:04 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 60ms
18ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-55211914-1&cid=85046236.1643376544&jid=1834091503&gjid=1061102814&_gid=649586026.1643376544&_u=YGBAiEABBAAAAE~&z=723089907

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 28 Jan 2022 13:29:04 GMT
content-type: text/plain
access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 86ms
39ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1026272061&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&ul=en-us&de=UTF-8&dt=Timmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20(Extended%20Mix)%20Hardstyle.mp3%20-%20sharing.wtf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=1834091503&gjid=1061102814&cid=85046236.1643376544&uid=&tid=UA-55211914-1&_gid=649586026.1643376544&cd2=0&z=731214958

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 09:04:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15868
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
118 KB 88ms
41ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Jan 2023 10:36:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 135 B
127 B 95ms
47ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sharing.wtf

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

13e568e8d8a410012d90bc0eb9a6807cdefd7978cdf06c72cb0929236c79abad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Fri, 28 Jan 2022 13:29:04 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
317 B 24ms
10ms Script
application/javascript 51.89.24.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=sharing.wtf&_ss=1rpl4oj5zw&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=1i9v&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b53910d40ba2801ce5faee60b42204543b8c12dd569079aacfd6cd7c375d3a81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 13:29:04 GMT
X-T: 0.13
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Fri, 28 Jan 2022 13:29:03 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 71ms
47ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1026272061&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&ul=en-us&de=UTF-8&dt=Timmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20(Extended%20Mix)%20Hardstyle.mp3%20-%20sharing.wtf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAAG~&jid=472486199&gjid=479385651&cid=85046236.1643376544&tid=UA-6843703-13&_gid=649586026.1643376544&_r=1&gtm=2ou1q0&z=190795366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1168066147;rf=0;a=p-aRcPwKQFvbG4U;url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17;uht=2;fpan=1;fpa=P0-201589705-1643376544350;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0...
pixel.quantserve.com/ 35 B
371 B 47ms
13ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1168066147;rf=0;a=p-aRcPwKQFvbG4U;url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17;uht=2;fpan=1;fpa=P0-201589705-1643376544350;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=sharing.wtf;je=0;sr=1600x1200x24;dst=0;et=1643376544350;tzo=0;ogl=image.https%3A%2F%2Fwww%252Esharing%252Ewtf%2Fthemes%2Fflow%2Fimages%2Ffile_icons%2F160px%2Fmp3%252Epng%2Cimage.https%3A%2F%2Fwww%252Esharing%252Ewtf%2Fthemes%2Fflow%2Ffrontend_assets%2Fimages%2Ficons%2Ffavicon%2Fapple-t

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 floater.js Show response
app.playstream.media/js/floater/ 260 KB
73 KB 38ms
38ms Script
application/javascript 88.99.215.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/js/floater/floater.js
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/domain/floater/e5348885-f277-48dc-b249-4e674957fef5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.215.99.88.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 6b80cc6bd4159ee9d40e84386c005b9042cb60f6c4dda34ed7d9df99d8a93013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
last-modified: Sat, 06 Mar 2021 07:09:26 GMT
server: nginx/1.17.10
etag: W/"60432aa6-41129"
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 140 B
391 B 86ms
15ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456493/hbw_master_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 86d0ae5ece3f8698ae121611ce572c19516a37840350f93a8862a2381300e607

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.sharing.wtf
Date: Fri, 28 Jan 2022 13:29:03 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 140
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
417 B 86ms
15ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=483572&site_id=13220&full_page_url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&adid=yfyp2r.u5&features=32&vpbv=N046&lifecycle_tte=940
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456493/hbw_master_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.sharing.wtf
Date: Fri, 28 Jan 2022 13:29:03 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 152ms
64ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-55211914-1&cid=85046236.1643376544&jid=1834091503&_u=YGBAiEABBAAAAE~&z=1213662904

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 153ms
64ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-55211914-1&cid=85046236.1643376544&jid=1834091503&_u=YGBAiEABBAAAAE~&z=1213662904

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
de.tynt.com/deb/ Frame 7A0D 75 B
289 B 314ms
104ms Document
text/html 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Sat, 29 Jan 2022 13:29:04 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Fri, 28 Jan 2022 13:29:03 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame BF53
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

1 KB
3 KB

22ms
22ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 00cc4b8ae6453104d22d9565039968cc2783db8fab51849c34897c21462dd8e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|188|26|176|4
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Fri, 28 Jan 2022 13:29:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Content-Length: 1532
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 28 Jan 2022 13:29:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1EF9 2 KB
814 B 33ms
7ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 4BB3
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzE1NTdBQ0ItNjRENS00NUU1LTkwQ0UtMTgzRTE1RDFEM0Qy&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzE1NTdBQ0ItNjRENS00NUU1LTkwQ0UtMTgzRTE1RDFEM0Qy&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DC1557ACB-64D5-45E5-90CE-183E15D1D3D2
https://router.infolinks.com/dyn/pbm-usync?uid=C1557ACB-64D5-45E5-90CE-183E15D1D3D2

0
188 B

123ms
123ms

Image
text/html

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=C1557ACB-64D5-45E5-90CE-183E15D1D3D2
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 6d4a9151d9609255-FRA
content-length: 0
expires: Thu, 28 Jan 2021 13:29:05 GMT

Redirect headers

location: https://router.infolinks.com/dyn/pbm-usync?uid=C1557ACB-64D5-45E5-90CE-183E15D1D3D2
date: Fri, 28 Jan 2022 13:29:04 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 4BB3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=7422828097157295699

35 B
242 B

119ms
119ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=7422828097157295699
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d4a914b99929255-FRA
content-length: 35
expires: Thu, 28 Jan 2021 13:29:04 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9d80a56f-26ee-4a12-86d2-9ee37222171e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=7422828097157295699
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
u.openx.net/w/1.0/ Frame 4BB3 43 B
305 B 89ms
21ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 4BB3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-5dG0rxhE2uEaHuUQe0RHbA7Ek4_z0tgICZFqR5U-~A

35 B
209 B

249ms
249ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-5dG0rxhE2uEaHuUQe0RHbA7Ek4_z0tgICZFqR5U-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d4a914b89689255-FRA
content-length: 35
expires: Thu, 28 Jan 2021 13:29:04 GMT

Redirect headers

location: https://router.infolinks.com/dyn/VR-usync?uid=y-5dG0rxhE2uEaHuUQe0RHbA7Ek4_z0tgICZFqR5U-~A
date: Fri, 28 Jan 2022 13:29:04 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 4BB3
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1643376544510
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7956066447
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7956066447
https://sync.1rx.io/usersync/tradedesk/5ea1bb03-98b3-4cdb-afcc-0b5b1da817e5
https://sync.targeting.unrulymedia.com/csync/RX-ffe35f99-d972-4e4b-98b5-a63be27db230-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-ffe35f99-d972-4e4b-98b5-a63be27db230-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-ffe35f99-d972-4e4b-98b5-a63be27db230-003

35 B
213 B

139ms
139ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-ffe35f99-d972-4e4b-98b5-a63be27db230-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d4a914d1d4c9255-FRA
content-length: 35
expires: Thu, 28 Jan 2021 13:29:04 GMT

Redirect headers

location: https://router.infolinks.com/dyn/r1-usync?uid=RX-ffe35f99-d972-4e4b-98b5-a63be27db230-003
date: Fri, 28 Jan 2022 13:29:04 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXffe35f99d9724e4b98b5a63be27db230003
content-type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 4BB3
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
113 B

164ms
164ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store
cf-ray: 6d4a914e0f5c9255-FRA
content-length: 35

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 4BB3 0
496 B 407ms
94ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 4BB3
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.sharing.wtf%252Fadd59dc0f1bb3f17&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.sharing.wtf%25252Fadd59dc0f1bb3f17%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&pid=12306&adnxs_uid=7422828097157295699

95 B
944 B

127ms
29ms

Image
image/png

54.228.102.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&pid=12306&adnxs_uid=7422828097157295699

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17

Protocol

HTTP/1.1

Server

54.228.102.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-102-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Fri, 28 Jan 2022 13:29:04 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Fri, 28 Jan 2022 13:29:04 UTC

Redirect headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cc389b92-dfac-495c-a4a2-6dcc63b96802
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&pid=12306&adnxs_uid=7422828097157295699
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 4BB3 42 B
233 B 267ms
86ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

imd-usync
router.infolinks.com/dyn/ Frame 4BB3
Redirect Chain

https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
https://router.infolinks.com/dyn/imd-usync?user_id=4a1e42c2-362a-4dab-90ad-9fbb714158c7&partner_id=1531

35 B
200 B

118ms
118ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/imd-usync?user_id=4a1e42c2-362a-4dab-90ad-9fbb714158c7&partner_id=1531
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d4a914c1aba9255-FRA
content-length: 35
expires: Thu, 28 Jan 2021 13:29:04 GMT

Redirect headers

location: https://router.infolinks.com/dyn/imd-usync?user_id=4a1e42c2-362a-4dab-90ad-9fbb714158c7&partner_id=1531
date: Fri, 28 Jan 2022 13:29:04 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 4BB3
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP433929bf-803e-11ec-93aa-064c62b4fd54
https://router.infolinks.com/dyn/outh-usync?uid=y-g9rraANE2uGLyvB5BPknAO8BJtXiOKfS~A~UP433929bf-803e-11ec-93aa-064c62b4fd54

35 B
235 B

197ms
197ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-g9rraANE2uGLyvB5BPknAO8BJtXiOKfS~A~UP433929bf-803e-11ec-93aa-064c62b4fd54
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d4a914c3aff9255-FRA
content-length: 35
expires: Thu, 28 Jan 2021 13:29:04 GMT

Redirect headers

location: https://router.infolinks.com/dyn/outh-usync?uid=y-g9rraANE2uGLyvB5BPknAO8BJtXiOKfS~A~UP433929bf-803e-11ec-93aa-064c62b4fd54
date: Fri, 28 Jan 2022 13:29:04 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK usersync
match.bnmla.com/ Frame 4BB3 0
114 B 299ms
92ms Image
text/plain 38.27.122.101
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 13:29:04 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 4BB3
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=53b284b48c0a37e4d1f462d2

35 B
273 B

155ms
154ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=53b284b48c0a37e4d1f462d2
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d4a914d4da99255-FRA
content-length: 35
expires: Thu, 28 Jan 2021 13:29:04 GMT

Redirect headers

Date: Fri, 28 Jan 2022 13:29:04 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=53b284b48c0a37e4d1f462d2
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 4BB3
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC1557ACB-64D5-45E5-90CE-183E15D1D3D2
https://router.infolinks.com/dyn/usersync?pmuservalue=C1557ACB-64D5-45E5-90CE-183E15D1D3D2

0
164 B

182ms
182ms

Image
text/plain

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=C1557ACB-64D5-45E5-90CE-183E15D1D3D2
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 6d4a914fcc659255-FRA
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=C1557ACB-64D5-45E5-90CE-183E15D1D3D2
date: Fri, 28 Jan 2022 13:29:04 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 4BB3
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=5107433822481541973

35 B
237 B

184ms
184ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=5107433822481541973
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d4a914e2fca9255-FRA
content-length: 35
expires: Thu, 28 Jan 2021 13:29:05 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=5107433822481541973
Date: Fri, 28 Jan 2022 13:29:04 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 4BB3 0
72 B 376ms
118ms Image
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP005 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-33x-status: 2000208
date: Fri, 28 Jan 2022 13:29:04 GMT
server: 33XP005

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 4BB3 0
35 B 142ms
141ms Image
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/usync/manage?pid=3237252&wsid=3&pdom=www.sharing.wtf&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 6d4a914d1d479255-FRA
content-length: 0

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 441 B
573 B 15ms
15ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=695562&aid2=695563&aid3=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456493/hbw_master_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 46b2acd28a4bf0aedf47d73bbc69804d3ffe45c504eff20a5c11c4a26582e4a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 13:29:03 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.sharing.wtf
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 283

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
416 B 50ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.sharing.wtf&callback=_gfp_s_&client=ca-pub-5945208862215231

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5945208862215231&plah=www.sharing.wtf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e0fe5c88f296a605e17568d042762fbe8917d47cbff944f6e0b7beb12fa6dabe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 133ms
46ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sharing.wtf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 135ms
48ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sharing.wtf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&tn=A&cls=scrollup&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3C40 603 B
67 B 108ms
60ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&adk=1812271804&adf=3025194257&lmt=1643376544&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544271&bpp=3&bdt=438&idt=203&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2661221419720&frm=20&pv=2&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 13:29:04 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET csync
sync.adtelligent.com/ 0
0

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 164ms
55ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 121
x-xss-protection: 1; mode=block
expires: -1

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61CA 603 B
67 B 135ms
98ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=9968197390&adk=3830745838&adf=4191892778&pi=t.ma~as.9968197390&w=728&lmt=1643376544&psa=0&format=728x90&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544274&bpp=1&bdt=441&idt=221&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2661221419720&frm=20&pv=1&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lqcC0M5GD3&p=https%3A//www.sharing.wtf&dtd=227

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 13:29:04 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96A0 603 B
67 B 114ms
90ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=250&slotname=4212251255&adk=1915298160&adf=180725892&pi=t.ma~as.4212251255&w=300&lmt=1643376544&psa=0&format=300x250&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544275&bpp=1&bdt=442&idt=236&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2661221419720&frm=20&pv=1&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1057&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UfSG1qzyst&p=https%3A//www.sharing.wtf&dtd=239

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 13:29:04 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA6E 603 B
67 B 106ms
90ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=8551670060&adk=2848899565&adf=2390466099&pi=t.ma~as.8551670060&w=970&lmt=1643376544&psa=0&format=970x90&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544275&bpp=1&bdt=443&idt=243&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2661221419720&frm=20&pv=1&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ffisqc19Q0&p=https%3A//www.sharing.wtf&dtd=246

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 13:29:04 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 doq.htm Show response
rt3016.infolinks.com/action/ 2 KB
2 KB 279ms
235ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3016.infolinks.com/action/doq.htm?pcode=utf-8&r=16433765445411
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14fbd94cbc204ce4a730c765b0aa050d038555551e7c98bf4efb28db087d4529

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
x-application-context: application:prod
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-language: de-DE
access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 6d4a914bab3291f5-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/481464/ 4 KB
2 KB 20ms
6ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/481464/config.json?cb=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: fb4a353f40732e4dd64d44525c2a22393cba70808417ce8e547f321544526f10

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 12:01:10 GMT
server: nginx
etag: W/"61f3db06-10c6"
content-type: application/json
access-control-allow-origin: https://www.sharing.wtf
expires: Fri, 28 Jan 2022 14:29:04 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

POST
H/1.1 200
OK /
check.fraudscore.ai/ 43 B
207 B 145ms
8ms Ping
text/plain 75.2.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.fraudscore.ai/?key=c812ee97d5a1de1821e9324476591e50&source=www.sharing.wtf&affiliate_name=www.sharing.wtf&aff_sub1=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a210f278069827510.awsglobalaccelerator.com
Software: openresty /
Resource Hash: d962d20dea200a9de2ff7539c2bb262c474a734888ddb19bb607e1c0dff9a20c

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 28 Jan 2022 13:29:04 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 94ms
47ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8619/analytics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd60311b7f862c00d9e8355287503804d66b0143f1245cfb51785f6839e6480b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36113
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jan 2022 13:29:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 97ms
51ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6843703-13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a79813d0ddba46deaac5a38d7a50f838d4999422e5d60fec3a5888c9394c9be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36149
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jan 2022 13:29:04 GMT

GET
H2 200 native.js Show response
foremedianative.com/js/native/ 48 KB
17 KB 76ms
21ms Script
application/javascript 2606:4700:3036::6815:5164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foremedianative.com/js/native/native.js
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8619/analytics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba03cc685ee113c6a8bde68f5e37f74e8285d0da7bf3d50f916acec186e93edb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 Jan 2022 11:53:02 GMT
server: cloudflare
age: 3159
etag: W/"c0a4-5d62a60b2f31f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3K4U7CbF62F%2Fl0bUaKVGz%2F3eBH3KHAghiBk5x6LHJeHa7GLdXfwSANQkfHoBV%2BB69JvWbVsbWiqva9TqOTkpcJsc%2F4bAjeMHAInJGSLf8wLOlsjJR%2BtrKFcC86ESyILIJcdQv9Ajpn0EeTatcmedUtyj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4a914beb7f876a-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 198 KB
68 KB 127ms
62ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-10e38"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69176
expires: Fri, 28 Jan 2022 14:29:04 GMT

GET
H2

200

1
mc.yandex.ru/watch/87053707/
Redirect Chain

https://mc.yandex.ru/watch/87053707
https://mc.yandex.ru/watch/87053707/1

43 B
83 B

31ms
31ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/87053707/1

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
last-modified: Fri, 28-Jan-2022 13:29:04 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 13:29:04 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
last-modified: Fri, 28-Jan-2022 13:29:04 GMT
strict-transport-security: max-age=31536000
location: /watch/87053707/1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 13:29:04 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame BF53
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfPvoJsZWiVRQjrxszxMMQAABFwAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfPvoJsZWiVRQjrxszxMMQAABFwAAAAB&dcc=t

43 B
645 B

103ms
103ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfPvoJsZWiVRQjrxszxMMQAABFwAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WY7YDCANJ90BKH2ATEJJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 53MJQKPABXF3RYC9FJYH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfPvoJsZWiVRQjrxszxMMQAABFwAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame BF53 170 B
502 B 168ms
49ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfPvoJsZWiVRQjrxszxMMQAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame BF53 70 B
265 B 104ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame BF53
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfPvoJsZWiVRQjrxszxMMQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJT4eydYXM7Bgx85hxSI35I&google_cver=1&gdpr=1

43 B
1020 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJT4eydYXM7Bgx85hxSI35I&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 28 Jan 2022 13:29:04 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJT4eydYXM7Bgx85hxSI35I&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame BF53 0
88 B 400ms
95ms Image
text/plain 54.84.55.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.55.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-55-94.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 200 /
sync.taboola.com/sg/indexscod/1/cm/ Frame BF53 0
99 B 75ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YfPvoJsZWiVRQjrxszxMMQAA%261116
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13766

GET
H2 200 113
match.deepintent.com/usersync/ Frame BF53 0
44 B 326ms
97ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-length: 0
server: b

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF53
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2955104588892394069

43 B
993 B

28ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2955104588892394069
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 28 Jan 2022 13:29:04 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2955104588892394069
pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame BF53 35 B
197 B 126ms
125ms Image
image/gif 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YfPvoJsZWiVRQjrxszxMMQAA%261116
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6d4a914ba9bb9255-FRA
content-length: 35
expires: Thu, 28 Jan 2021 13:29:04 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 77ms
25ms Preflight 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sharing.wtf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 28 Jan 2022 13:29:04 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.sharing.wtf
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
941 B 55ms
18ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167857
x-amz-request-id: txfd1c77a515734f94831ab-0061f15fee
x-amz-id-2: txfd1c77a515734f94831ab-0061f15fee
last-modified: Wed, 26 Jan 2022 14:43:29 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEAupavdEBo5Fdlov1nnhBVXnuE81qj%2FmNdAced0w3m6ObL3ADXSXHme0h1%2B8FefUtjBJ5wQVnW1RkXYD%2BqXWY6Y9OYjuLwhbP5KFNZA%2BqoIFBNHEJ0Dx0uRmpafuF9o6fVrmTmMwKT27fBU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1643208209303360
cf-ray: 6d4a914bfc65693f-FRA

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
409 B 117ms
78ms XHR
text/plain 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 204
No Content hb Show response
cpm.adsolut.in/ 0
262 B 79ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.adsolut.in/hb?zone=121459&v=1.6
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.sharing.wtf
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 204
No Content hb Show response
cpm.adsolut.in/ 0
262 B 79ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.adsolut.in/hb?zone=121460&v=1.6
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.sharing.wtf
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
647 B 18ms
16ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 070d79e27bc70b05b1059445da1d1cd16d2b14c21676312c31604404a847b112

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 28 Jan 2022 13:29:03 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.sharing.wtf
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 357

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
1 KB 719ms
207ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=57&alt_size_ids=221&eid_pubcid.org=d18e2bba-3e99-40c7-bf5e-2bbb6a7f0328%5E1&rf=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=c4b7f6fb-d52d-4f5e-ad73-cb00aa10d561&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6216927970953181
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 476a15ddf507973fa5f641d6fb1b9b37b9c630a502fc43e74544cff4f7c72135

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.sharing.wtf
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
1 KB 733ms
220ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=55&alt_size_ids=221&eid_pubcid.org=d18e2bba-3e99-40c7-bf5e-2bbb6a7f0328%5E1&rf=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=a82f0eb8-4bcb-44ac-ac22-2d906b163a78&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1875084797242521
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c3e51a32765a46a8bad6e474e93598a9673c13666080775d75444fc8f8c3da8d

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.sharing.wtf
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
1 KB 719ms
205ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=55&alt_size_ids=221&eid_pubcid.org=d18e2bba-3e99-40c7-bf5e-2bbb6a7f0328%5E1&rf=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=9e28d79a-3383-4d93-b816-4f271604bc52&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.30751691834113815
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3dea43c9b2452e3fedc3cf41878835f46ab48e52e9038d2bceb2443c5dc7b98e

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.sharing.wtf
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 719ms
203ms XHR
application/json 2602:803:c001::200:194
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=221&eid_pubcid.org=d18e2bba-3e99-40c7-bf5e-2bbb6a7f0328%5E1&rf=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=61889c8a-cedf-4bf7-9285-dd7f4fb4d243&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4378128120103839
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c001::200:194 San Jose, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: cd018678d18af536476cf3ad07220604bb7d9ad7cc6d8ba7fbd743591802bf9b

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.sharing.wtf
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 472 B
1 KB 15ms
15ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

288eecb154bbc708dbeabb9ae90e2d04c420f5b0b7c2f7baa52564650829df34

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a2d0ae53-6ae4-4a92-8b27-cddaa33f9422
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sharing.wtf
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 472
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ 1 KB
767 B 124ms
114ms XHR
application/json 3.251.21.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2274ab6eed2b863f7%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17%22%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d18e2bba-3e99-40c7-bf5e-2bbb6a7f0328%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2225d018cc190107d%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22591953%2C%22tid%22%3A%22c4b7f6fb-d52d-4f5e-ad73-cb00aa10d561%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.21.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-21-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d3ffd57030c01c60c74807bc7891a20b752e1811d0a600a2045458a20c919558

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sharing.wtf
date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 534
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 hb Show response
ice.360yield.com/ 1 KB
767 B 101ms
92ms XHR
application/json 3.251.21.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2275cca0f62fb5ed1%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17%22%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d18e2bba-3e99-40c7-bf5e-2bbb6a7f0328%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226b583193076e6%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22591955%2C%22tid%22%3A%22a82f0eb8-4bcb-44ac-ac22-2d906b163a78%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.21.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-21-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e519487292cc8f7d22fc2ab346cabc47f3fe32f4cf73f3b2ac8933d246d98d7c

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sharing.wtf
date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 534
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 hb Show response
ice.360yield.com/ 1 KB
768 B 101ms
92ms XHR
application/json 3.251.21.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2276f415ab27b707e%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17%22%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d18e2bba-3e99-40c7-bf5e-2bbb6a7f0328%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22275937067959c36%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22591955%2C%22tid%22%3A%229e28d79a-3383-4d93-b816-4f271604bc52%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.21.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-21-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6509182c223425566a7f4f3af7309442c2f8608e16046f6c53dd1f25a23daa08

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sharing.wtf
date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 535
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 hb Show response
ice.360yield.com/ 95 B
310 B 38ms
29ms XHR
application/json 3.251.21.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2277757e5a9b9637e%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17%22%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d18e2bba-3e99-40c7-bf5e-2bbb6a7f0328%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2228fb651a2fa2e65%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22591954%2C%22tid%22%3A%2261889c8a-cedf-4bf7-9285-dd7f4fb4d243%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.21.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-21-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f527d2ab3efc153a4408204447a221c269511593d05595f3ef28678663bdbffb

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sharing.wtf
date: Fri, 28 Jan 2022 13:29:04 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 95
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET img.fetch
udmserve.net/udm/ 0
0

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 325 B
624 B 859ms
175ms XHR
application/json 135.125.163.79
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190286.ip-135-125-163.eu
Software: /
Resource Hash: 64f908e2ffe891cb7649bf3036f8987d0a297352da146961f58212830887c456

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:05 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 325
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
284 B 79ms
45ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.sharing.wtf
access-control-allow-credentials: true
cf-ray: 6d4a914c2f1f904f-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
911 B 212ms
114ms XHR
application/json 188.42.29.166
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 472 B
1 KB 36ms
36ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2f040bf83eb349e3cdccb65c43000e2ecd4928348e3c82cfb5c9f4e9b94babac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9b913673-62a6-4667-b27d-28cf8097fe94
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sharing.wtf
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 472
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
646 B 68ms
43ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cfdf6a69d74950eb08e57c2fefa04a709935443156455cf4d96c640974d38f6

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 6d4a914c2c2391f5-FRA
pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Validating the Prebid Request adunit sizes. 1 unsupported banner sizes for adUnit: dirtyremixes_dirtyremixes_970x250_1, Validating the Prebid Request adunit sizes. 1 unsupported banner sizes for adUnit: dirtyremixes_dirtyremixes_728x90_1, Selecting bids. No selected bids
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/2e43c/1/www.sharing.wtf/ 2 B
158 B 59ms
15ms XHR
text/plain 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.sharing.wtf/ROS?rnd=0.01774434833666838&e=970x250_0%3A970x250%2C1x1%2B970x90_0%3A970x90%2C1x1%2B970x90_1%3A970x90%2C1x1%2B728x90_0%3A728x90%2C1x1&ur=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&e_pubcid=d18e2bba-3e99-40c7-bf5e-2bbb6a7f0328
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sharing.wtf
date: Fri, 28 Jan 2022 13:29:04 GMT
access-control-allow-credentials: true
server: openresty
content-type: text/plain
content-length: 2
x-sid: AMS-607

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
177 B 65ms
22ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sharing.wtf
date: Fri, 28 Jan 2022 13:29:04 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 c Show response
prebid.a-mo.net/a/ 10 KB
7 KB 526ms
316ms XHR
application/json 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: f06c0fff066adf545fea59e2370d816365dc0fcd293988611a43ae4d74bc3b47

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sharing.wtf
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 213
content-length: 6395

GET
H/1.1 200
OK track.gif
track.gaug.es/ 35 B
389 B 104ms
103ms Image
image/gif 54.196.80.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.gaug.es/track.gif?h[site_id]=565de7e75dd05322f90087e8&h[resource]=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&h[referrer]=&h[title]=Timmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20(Extended%20Mix)%20Hardstyle.mp3%20-%20sharing.wtf&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1643376544672

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.196.80.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-80-103.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Jan 2022 13:29:04 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 53ms
28ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 13607
etag: W/"6129520b-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6d4a914c6a329237-FRA
expires: Mon, 31 Jan 2022 13:29:04 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 54ms
34ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167276
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx3a81bb531b374b83b0c71-0061f1617a
x-amz-id-2: tx3a81bb531b374b83b0c71-0061f1617a
last-modified: Wed, 26 Jan 2022 14:43:28 GMT
server: cloudflare
etag: W/"88567a823cfd2840dd0a3198b929d466"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfgqRn1HFxkFio66netEDD4cPE3TVG0SCUGzqyWErVB8Spf43wLrz8zZCxAJJuEyyU6SDvBPeXwzg7ds2nHm%2BNZKGqVAeANpTF6y3AGjHhTm8yNQ042XCJgkwtSudCYIzUhxfDO%2BaK9Jtuj3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1643208208262354
cf-ray: 6d4a914c6aad917a-FRA
access-control-allow-headers: Authorization

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 48ms
48ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1026272061&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&ul=en-us&de=UTF-8&dt=Timmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20(Extended%20Mix)%20Hardstyle.mp3%20-%20sharing.wtf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAAG~&jid=1073184024&gjid=739419048&cid=85046236.1643376544&tid=UA-182103897-1&_gid=649586026.1643376544&_r=1&gtm=2ou1q0&z=200875134

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6850
date: Fri, 28 Jan 2022 11:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 28 Jan 2022 13:34:54 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 314ms
103ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0akrqdovxs&lm=0&ts=1643376544747&dn=TC&iso=0&img=https%3A%2F%2Fwww.sharing.wtf%2Fthemes%2Fflow%2Fimages%2Ffile_icons%2F160px%2Fmp3.png&t=Timmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20(Extended%20Mix)%20Hardstyle.mp3%20-%20sharing.wtf&cu=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9532.KiEqVtEF7XCjcMSGDwG7ZO4obGhmoEXmo3lUnDYB2OUOMFnRTne2xeB4Scre1pvF.fRlEzI4wiUTopLMIrx1cAcj670Q%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9532.D_5HSdnFJ1kbUS5w8CswtUQ9uyVtAACvRHVbxNwYDk53lp3KJmcv8cp-hS-5p8DEvi9K_RIim8lvlOvve2ZDziIY_PJJ_bxeukbtwNObv1o%2C.9CcynhSH3u82G6BCHc-wToqjGM4%2C

43 B
333 B

32ms
31ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9532.D_5HSdnFJ1kbUS5w8CswtUQ9uyVtAACvRHVbxNwYDk53lp3KJmcv8cp-hS-5p8DEvi9K_RIim8lvlOvve2ZDziIY_PJJ_bxeukbtwNObv1o%2C.9CcynhSH3u82G6BCHc-wToqjGM4%2C

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9532.D_5HSdnFJ1kbUS5w8CswtUQ9uyVtAACvRHVbxNwYDk53lp3KJmcv8cp-hS-5p8DEvi9K_RIim8lvlOvve2ZDziIY_PJJ_bxeukbtwNObv1o%2C.9CcynhSH3u82G6BCHc-wToqjGM4%2C
date: Fri, 28 Jan 2022 13:29:04 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
100 B 31ms
31ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 28 Jan 2022 14:29:04 GMT

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ 123 KB
46 KB 29ms
28ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d4a914d2d7b9255-FRA
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 08:38:28 GMT
server: cloudflare
age: 7353
etag: W/"1eb7c-5d678203274d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sun, 27 Feb 2022 11:26:31 GMT

GET
H2 200 bubble.js Show response
resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ 156 KB
47 KB 36ms
35ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/bubble.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383218cb294a8a07fefa67740d966d1bef0e356d01e9fc63f4b2dc136c31f863

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d4a914d2d7d9255-FRA
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 08:38:28 GMT
server: cloudflare
age: 7375
etag: W/"27068-5d678203274d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sun, 27 Feb 2022 11:26:09 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 360 KB
120 KB 137ms
51ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86d06f0e5f9de695408914746ded8bc3455d103eeedcc157750273d2d3ab6c0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122261
x-xss-protection: 0
expires: Fri, 28 Jan 2022 13:29:04 GMT

GET
H2 200 getads.htm Show response
rt3016.infolinks.com/action/ 2 KB
679 B 891ms
890ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3016.infolinks.com/action/getads.htm?50=&hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22server%22%2C%22scs%22%3A%22peDIapg7QA%22%7D%5D&rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&jsv=1779.004-3.025.ab.1786.003-3.025&sr=1600X1200&rts=1643376544864&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&tzo=-0000&c=c&strg=true&rsd=Io1aKFmtxOXvbyotC5WfaZNzwamh1ZhdAobfJpB3-18Nsf4mIvuy7XU5hx-ppy_hEEwf19IbGWGeaNcLT61bg95BpF4-9gWJwI89MhSmxBzzBoaSj3AVn1vZRanlqVqv-7trXaZ2-ddPXLFiFMsP2c2IMVv-wMzbETkPsalxvlE&rsk=11&rcs=o64CuhyqYZQjwrS3EAwp-A&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb67b3893508d7a5e285d49bcbba927d3bc2b1afc44e95863559a70bada2f6df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6d4a914d6df39255-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 intag_incontent.js Show response
resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ 173 KB
35 KB 27ms
27ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/intag_incontent.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc28f4decaffac8127cbc295059a013c2e6017bb67226aafc132e0fb74ca7d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d4a914d7e059255-FRA
date: Fri, 28 Jan 2022 13:29:04 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 08:38:28 GMT
server: cloudflare
age: 7373
etag: W/"2b3b7-5d67820328477"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sun, 27 Feb 2022 11:26:11 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/87053707/
Redirect Chain

https://mc.yandex.com/watch/87053707?wmode=7&page-url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A698%3Afu%3A0%3...
https://mc.yandex.com/watch/87053707/1?wmode=7&page-url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A698%3Afu%3A0...

331 B
706 B

32ms
31ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/87053707/1?wmode=7&page-url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A806032038360%3Ahid%3A931952479%3Az%3A0%3Ai%3A20220128132904%3Aet%3A1643376545%3Ac%3A1%3Arn%3A718973572%3Arqn%3A1%3Au%3A1643376545693577960%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643376543437%3Ads%3A11%2C132%2C249%2C15%2C0%2C0%2C%2C308%2C17%2C%2C%2C%2C716%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643376545%3At%3ATimmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20%28Extended%20Mix%29%20Hardstyle.mp3%20-%20sharing.wtf&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

de474c28c58934d333709003c8490c1ff3a5bdeab6d791c0b0ce64b61fa487f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
x-content-type-options: nosniff
last-modified: Fri, 28-Jan-2022 13:29:04 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sharing.wtf
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 13:29:04 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:04 GMT
last-modified: Fri, 28-Jan-2022 13:29:04 GMT
location: /watch/87053707/1?wmode=7&page-url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A806032038360%3Ahid%3A931952479%3Az%3A0%3Ai%3A20220128132904%3Aet%3A1643376545%3Ac%3A1%3Arn%3A718973572%3Arqn%3A1%3Au%3A1643376545693577960%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643376543437%3Ads%3A11%2C132%2C249%2C15%2C0%2C0%2C%2C308%2C17%2C%2C%2C%2C716%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643376545%3At%3ATimmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20%28Extended%20Mix%29%20Hardstyle.mp3%20-%20sharing.wtf&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.sharing.wtf
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 13:29:04 GMT

GET
H2 200 dcl.htm Show response
rt3016.infolinks.com/action/ 0
40 B 302ms
301ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3016.infolinks.com/action/dcl.htm?rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&jsv=1779.004-3.025.ab.1786.003-3.025&capara=%7B%22failedAlgos%22%3A%22palgo%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6d4a914def299255-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getads.htm Show response
rt3016.infolinks.com/action/ 2 KB
700 B 470ms
469ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3016.infolinks.com/action/getads.htm?50=&hks=%5B%7B%22lid%22%3A%22IL_IN_CONTENT0%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22c%22%2C%22miw%22%3A9%2C%22maw%22%3A1150%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22sdata%22%3A%22additional%22%2C%22scs%22%3A%22e8iqqG4KjG%22%7D%5D&rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&jsv=1779.004-3.025.ab.1786.003-3.025&sr=1600X1200&rts=1643376544956&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&tzo=-0000&c=c&strg=true&rsd=Io1aKFmtxOXvbyotC5WfaZNzwamh1ZhdAobfJpB3-18Nsf4mIvuy7XU5hx-ppy_hEEwf19IbGWGeaNcLT61bg95BpF4-9gWJwI89MhSmxBzzBoaSj3AVn1vZRanlqVqv-7trXaZ2-ddPXLFiFMsP2c2IMVv-wMzbETkPsalxvlE&rsk=11&rcs=o64CuhyqYZQjwrS3EAwp-A&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13ef8fb367cf3402ee10ae08364d3213444b74c16e0f5f58ccb06aa0f06a610

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6d4a914e0f4e9255-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dcl.htm Show response
rt3016.infolinks.com/action/ 0
142 B 191ms
191ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3016.infolinks.com/action/dcl.htm?rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&jsv=1779.004-3.025.ab.1786.003-3.025&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A1%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6d4a914e0f539255-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getads.htm Show response
rt3016.infolinks.com/action/ 2 KB
663 B 868ms
868ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3016.infolinks.com/action/getads.htm?50=&hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE0%22%2C%22bdc%22%3A3%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A14%2C%22maw%22%3A1614%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22sdata%22%3A%22internet%22%2C%22scs%22%3A%22dS030XRJOu%22%7D%5D&rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&jsv=1779.004-3.025.ab.1786.003-3.025&sr=1600X1200&rts=1643376544960&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&tzo=-0000&c=c&strg=true&rsd=Io1aKFmtxOXvbyotC5WfaZNzwamh1ZhdAobfJpB3-18Nsf4mIvuy7XU5hx-ppy_hEEwf19IbGWGeaNcLT61bg95BpF4-9gWJwI89MhSmxBzzBoaSj3AVn1vZRanlqVqv-7trXaZ2-ddPXLFiFMsP2c2IMVv-wMzbETkPsalxvlE&rsk=11&rcs=o64CuhyqYZQjwrS3EAwp-A&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9df5999aa7a1d1cd7de83699ba024b9fdfa69caa982d27fc067bee7a24c0e94f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6d4a914e0f5a9255-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 104ms
104ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!0akrqdovxs&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:04 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Sat, 29 Jan 2022 13:29:05 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 104ms
104ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0akrqdovxs&lm=0&ts=1643376544747&dn=TC&iso=0&img=https%3A%2F%2Fwww.sharing.wtf%2Fthemes%2Fflow%2Fimages%2Ffile_icons%2F160px%2Fmp3.png&t=Timmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20(Extended%20Mix)%20Hardstyle.mp3%20-%20sharing.wtf&cu=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 vidice.js Show response
resources.infolinks.com/js/vidice/1.0/ 620 KB
168 KB 35ms
34ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/vidice/1.0/vidice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1779.004-3.025.ab.1786.003-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d4a914ed9a89255-FRA
date: Fri, 28 Jan 2022 13:29:05 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 10 Jul 2019 15:15:02 GMT
server: cloudflare
age: 7372
etag: W/"9b0d4-58d552435a78c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sun, 27 Feb 2022 11:26:13 GMT

GET
BLOB 200
OK 95f56949-7b9b-4fe7-a514-5882f5d158f0
https://www.sharing.wtf/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sharing.wtf/95f56949-7b9b-4fe7-a514-5882f5d158f0
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 103ms
103ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0akrqdovxs&lm=0&ts=1643376544747&dn=TC&iso=0&img=https%3A%2F%2Fwww.sharing.wtf%2Fthemes%2Fflow%2Fimages%2Ffile_icons%2F160px%2Fmp3.png&t=Timmy%20Trumpet%2C%20Azteck%2C%20Darren%20Styles%20-%20Dance%20Tonight%20(Extended%20Mix)%20Hardstyle.mp3%20-%20sharing.wtf
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 103ms
102ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0akrqdovxs&lm=0&ts=1643376544747&dn=TC&iso=0&img=https%3A%2F%2Fwww.sharing.wtf%2Fthemes%2Fflow%2Fimages%2Ffile_icons%2F160px%2Fmp3.png
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 104ms
103ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0akrqdovxs&lm=0&ts=1643376544747&dn=TC&iso=0&img=https%3A%2F%2Fwww.sharing.wtf%2Fthemes%2Fflow%2Fimages%2Ffile_icons%2F160px%2Fmp3.png
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 adview.htm
rt3016.infolinks.com/action/ 0
135 B 203ms
202ms Image
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt3016.infolinks.com/action/adview.htm?rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&bdc=2&midx=0&emd=NDI0fjY0MDI4Ml82NDQyNzY&rts=1643376545448&prod_t=c&jsv=1779.004-3.025.ab.1786.003-3.025&capara=%7B%22docHeight%22%3A1200%2C%22width%22%3A1140%2C%22index%22%3A0%7D&sdata=additional&scs=e8iqqG4KjG&rsd=Io1aKFmtxOXvbyotC5WfaZNzwamh1ZhdAobfJpB3-18Nsf4mIvuy7XU5hx-ppy_hEEwf19IbGWGeaNcLT61bg95BpF4-9gWJwI89MhSmxBzzBoaSj3AVn1vZRanlqVqv-7trXaZ2-ddPXLFiFMsP2c2IMVv-wMzbETkPsalxvlE&rsk=11&rcs=o64CuhyqYZQjwrS3EAwp-A
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6d4a91513ff29255-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
node222.impressionssl.adshop.infolinks.com/impression/ 37 B
221 B 493ms
94ms Image
image/gif 199.212.255.244
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node222.impressionssl.adshop.infolinks.com/impression/?vh=1539780863&agy=414981&aid=637313&cid=640282&gid=644256&id=644276&st=1643376544&kwid=0&skw=additional&sid=3237252_3&sip=3117783808&pid=18&tid=3&mime=image/jpeg&dev=0&mtyp=502&agtyp=0&rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&idfa=&gaid=&site_cat=13&pixel=1
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.244 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:41:12 GMT
x-replied-from: 199.212.255.221:26080
server: nginx/1.16.1
content-type: image/gif
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 37
expires: 0

GET
H2 200 loader.gif
resources.infolinks.com/static/skins/ 962 B
1 KB 22ms
21ms Image
image/gif 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/skins/loader.gif
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
via: 1.1 google
cf-cache-status: HIT
age: 7375
cf-polished: origSize=1631, status=webp_bigger
content-length: 962
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
server: cloudflare
etag: "65f-54142035d0066"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Sun, 27 Feb 2022 11:26:10 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4a91513ff69255-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 loader-bg.png
resources.infolinks.com/static/skins/ 902 B
1 KB 25ms
24ms Image
image/webp 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/skins/loader-bg.png
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
via: 1.1 google
cf-cache-status: HIT
age: 7375
cf-polished: origFmt=png, origSize=1488
content-disposition: inline; filename="loader-bg.webp"
content-length: 902
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
server: cloudflare
etag: "5d0-541420359b4a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 27 Feb 2022 11:26:10 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4a91513ff99255-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 /
node222.impressionssl.adshop.infolinks.com/impression/ Frame 19C6 34 KB
35 KB 574ms
186ms Image
image/jpeg 199.212.255.244
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node222.impressionssl.adshop.infolinks.com/impression/?vh=1539780863&agy=414981&aid=637313&cid=640282&gid=644256&id=644276&st=1643376544&kwid=0&skw=additional&sid=3237252_3&sip=3117783808&pid=18&tid=3&mime=image/jpeg&dev=0&mtyp=502&agtyp=0&rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&idfa=&gaid=&site_cat=13
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.244 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ae6dd1a5a95983fa63ac01d5922fe25718afd7ba31989914dabb49091f07ce28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:41:12 GMT
x-replied-from: 199.212.255.222:26080
server: nginx/1.16.1
content-type: image/jpeg
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 35137
expires: 0

GET
H2 200 urlChecker Show response
app.playstream.media/api/ 15 B
203 B 46ms
22ms Fetch
application/json 88.99.215.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/api/urlChecker?url=https://www.sharing.wtf/add59dc0f1bb3f17
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/js/floater/floater.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.215.99.88.clients.your-server.de
Software: nginx/1.17.10 / PHP/7.4.11
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: br
server: nginx/1.17.10
x-powered-by: PHP/7.4.11
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache, private

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 90ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sharing.wtf

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 95ms
48ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sharing.wtf

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 73 KB
11 KB 111ms
110ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1508229664283361&correlator=244637860459943&output=ldjh&impl=fifs&eid=44757101%2C31063223&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220128&iu_parts=22479386016%2Cdirtyremixes_dirtyremixes_970x250_1%2Cdirtyremixes_dirtyremixes_970x90_1%2Cdirtyremixes_dirtyremixes_970x90_2%2Cdirtyremixes_dirtyremixes_728x90_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x250%7C1x1%2C970x90%7C1x1%2C970x90%7C1x1%2C728x90%7C1x1&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3D9f548a3ca288acc2-22d399852fcd0078%3AT%3D1643376544%3ART%3D1643376544%3AS%3DALNI_Ma3Vk2jKqaXqzto1meuSgK_O0pYlQ&bc=31&abxe=1&dt=1643376545520&lmt=1643376545&dlt=1643376543833&idt=720&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C315%2C315%2C230&adys=217%2C573%2C1141%2C1487&adks=4225142424%2C1333508004%2C3773986693%2C253470133&ucis=1%7C2%7C3%7C4&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&vis=1&scr_x=0&scr_y=0&psz=1600x290%7C1140x130%7C1140x130%7C1140x130&msz=970x-1%7C970x-1%7C970x-1%7C1140x90&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=true&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

16e2160edd23e7985f423751d9d261f8593c0d71f89fa012c3cf0e3b47e652be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11549
x-xss-protection: 0
google-lineitem-id: 5842309196,5842309196,5841568690,5842309196
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138372912337,138372912373,138372439958,138372911371
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B966 6 KB
4 KB 172ms
44ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 28 Jan 2022 13:29:05 GMT
expires: Sat, 28 Jan 2023 13:29:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 105ms
105ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0akrqdovxs&lm=0&ts=1643376544747&dn=TC&iso=0&img=https%3A%2F%2Fwww.sharing.wtf%2Fthemes%2Fflow%2Fimages%2Ffile_icons%2F160px%2Fmp3.png
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 e5348885-f277-48dc-b249-4e674957fef5 Show response
app.playstream.media/api/getVideos/ 299 B
368 B 39ms
38ms Fetch
application/json 88.99.215.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/api/getVideos/e5348885-f277-48dc-b249-4e674957fef5
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/js/floater/floater.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.215.99.88.clients.your-server.de
Software: nginx/1.17.10 / PHP/7.4.11
Resource Hash: e385aab54e8bbd8b5c33a8a02cca77054752ee4afc1acab435d449ca3d5e09c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Jan 2022 13:29:05 GMT
cache-control: no-cache, private
server: nginx/1.17.10
content-encoding: br
x-powered-by: PHP/7.4.11
content-type: application/json

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 270p.m3u8 Show response
acdn.flickstree.com/obowhjtI-jSJ4-cqoh-Kp9Y-4Z04RGIu7592/ 2 KB
2 KB 198ms
23ms XHR
binary/octet-stream 2600:9000:224a:8600:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/obowhjtI-jSJ4-cqoh-Kp9Y-4Z04RGIu7592/270p.m3u8
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/js/floater/floater.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:8600:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ca419a1c3a0a256fd1c875eafb2e94ef162e2f0920596a831eb6f23d3795b44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
vary: Origin
age: 2756
x-cache: Hit from cloudfront
content-length: 1715
last-modified: Sun, 24 Oct 2021 06:02:16 GMT
server: AmazonS3
etag: "3f3ea2252be507910009a14efcbc02e9"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: gdeJkX_fHJHt-HzHWUBvpedMNuyPJbAyV44MJCz3RRTpgvaYHEu_GQ==

GET
H3 200 bridge3.497.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BE81 584 KB
190 KB 87ms
40ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cabaabab26a777959cb28bc1460c059ba210a37745cb57bdc3ddca2f28955c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194721
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Jan 2022 03:23:47 GMT
expires: Fri, 27 Jan 2023 03:23:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 27 Jan 2022 03:18:10 GMT
content-type: text/html
age: 122718
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 167ms
46ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Jan 2022 13:29:05 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5B45 37 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 28 Jan 2022 14:08:15 GMT

GET
H2 200 container.html Show response
3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF3F 6 KB
3 KB 46ms
46ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 13:29:05 GMT
expires: Sat, 28 Jan 2023 13:29:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E54 6 KB
3 KB 46ms
46ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 13:29:05 GMT
expires: Sat, 28 Jan 2023 13:29:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A66F 6 KB
3 KB 45ms
44ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 13:29:05 GMT
expires: Sat, 28 Jan 2023 13:29:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DAF2 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 13:29:05 GMT
expires: Sat, 28 Jan 2023 13:29:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0akrqdovxs&lm=0&ts=1643376544747&dn=TC&iso=0
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/add59dc0f1bb3f17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DF3F 22 KB
7 KB 130ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Jan 2023 11:11:23 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DF3F 111 KB
39 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9e2cfdc48e6588f31ae5677f5c2e7e23aaffb861ad27499f8a247771535ed30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39657
x-xss-protection: 0
server: cafe
etag: 15773268401226262812
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:29:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF3F 123 KB
38 KB 147ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 13:29:05 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5E54 22 KB
7 KB 134ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Jan 2023 11:11:23 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5E54 111 KB
39 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9898b7091f5cfef072855ea4916faa22ae29041ee5bbf211f752e53e2d20a15c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: cafe
etag: 4771726337075691544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:29:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E54 123 KB
37 KB 191ms
102ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 13:29:05 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A66F 22 KB
7 KB 159ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Jan 2023 11:11:23 GMT

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/DTM/dirrrtyremixes.com/ Frame A66F 407 KB
123 KB 64ms
34ms Script
application/javascript 2606:4700:3108::ac42:2b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/DTM/dirrrtyremixes.com/tag.min.js
Requested by: Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 703d8134b250ac28b8778fbf5855f56fde1878b9be631357735de689474c4440

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279216
x-host: adinplay-2
last-modified: Mon, 24 Jan 2022 14:54:47 GMT
server: cloudflare
etag: W/"61eebdb7-65b18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEd4VFkOmwRtu6Fc05hrwA%2Fzp3nTJKBc5nMBCGxA38At6%2FWIP3zrvaoJ8AyO4VEdLTUbPS25RpHUuapnFMj12plDQgRuXJ%2Fn7x8a1oyIQ9g%2FvoGbUqJUAEyISnCwwV9X6M78NuthU7uuD6XyA3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
cf-ray: 6d4a91531f555c38-FRA

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A66F 123 KB
37 KB 203ms
115ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 13:29:05 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DAF2 22 KB
7 KB 136ms
49ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Jan 2023 11:11:23 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DAF2 111 KB
39 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9e2cfdc48e6588f31ae5677f5c2e7e23aaffb861ad27499f8a247771535ed30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39657
x-xss-protection: 0
server: cafe
etag: 15773268401226262812
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:29:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAF2 123 KB
37 KB 229ms
142ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 13:29:05 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview.htm
rt3016.infolinks.com/action/ 0
158 B 189ms
188ms Image
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt3016.infolinks.com/action/adview.htm?rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&bdc=1&midx=0&emd=NDI0fjY0MDI4Ml82NDQyNjQ&rts=1643376545760&prod_t=d&jsv=1779.004-3.025.ab.1786.003-3.025&skin=sidebar&theme=nologo&sdata=server&scs=peDIapg7QA&rsd=Io1aKFmtxOXvbyotC5WfaZNzwamh1ZhdAobfJpB3-18Nsf4mIvuy7XU5hx-ppy_hEEwf19IbGWGeaNcLT61bg95BpF4-9gWJwI89MhSmxBzzBoaSj3AVn1vZRanlqVqv-7trXaZ2-ddPXLFiFMsP2c2IMVv-wMzbETkPsalxvlE&rsk=11&rcs=o64CuhyqYZQjwrS3EAwp-A
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 6d4a91532ce69255-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
node222.impressionssl.adshop.infolinks.com/impression/ 37 B
222 B 182ms
93ms Image
image/gif 199.212.255.244
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node222.impressionssl.adshop.infolinks.com/impression/?vh=1539789520&agy=414981&aid=637313&cid=640282&gid=644256&id=644264&st=1643376545&kwid=0&skw=server&sid=3237252_3&sip=3117783808&pid=15&tid=3&mime=image/png&dev=0&mtyp=502&agtyp=0&rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&idfa=&gaid=&site_cat=13&pixel=1
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.244 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:41:12 GMT
x-replied-from: 199.212.255.224:26080
server: nginx/1.16.1
content-type: image/gif
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 37
expires: 0

GET
H2 200 /
node222.impressionssl.adshop.infolinks.com/impression/ Frame A611 22 KB
22 KB 175ms
94ms Image
image/png 199.212.255.244
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node222.impressionssl.adshop.infolinks.com/impression/?vh=1539789520&agy=414981&aid=637313&cid=640282&gid=644256&id=644264&st=1643376545&kwid=0&skw=server&sid=3237252_3&sip=3117783808&pid=15&tid=3&mime=image/png&dev=0&mtyp=502&agtyp=0&rid=c3da58e4-848f-4c1c-bdee-31caf7aab749&idfa=&gaid=&site_cat=13
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.212.255.244 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2bb4b6318510e8591ad23a2c2a5dc2b3bf1c9a7f0dc31ae70c62377a17877dd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:41:12 GMT
x-replied-from: 199.212.255.75:26080
server: nginx/1.16.1
content-type: image/png
cache-control: no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length: 22605
expires: 0

GET
H2 200 obowhjtI-jSJ4-cqoh-Kp9Y-4Z04RGIu7592_480x270p@400Kbps20211024T054549_00001.ts Show response
acdn.flickstree.com/obowhjtI-jSJ4-cqoh-Kp9Y-4Z04RGIu7592/ 123 KB
124 KB 17ms
17ms XHR
binary/octet-stream 2600:9000:224a:8600:8:3ed5:e880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/obowhjtI-jSJ4-cqoh-Kp9Y-4Z04RGIu7592/obowhjtI-jSJ4-cqoh-Kp9Y-4Z04RGIu7592_480x270p@400Kbps20211024T054549_00001.ts
Requested by: Host: app.playstream.media
URL: https://app.playstream.media/js/floater/floater.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:8600:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60ac8d682d62301186cc293d7d8261fd655b8b112a36a433209b6c8c35ed509a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
vary: Origin
age: 2847
x-cache: Hit from cloudfront
content-length: 126148
last-modified: Sun, 24 Oct 2021 06:02:41 GMT
server: AmazonS3
etag: "015c08be01184497e256a198a6586dee"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: rolW1lP3IE7ssq0GMec1frjVXK3foJJR93_W-Nk5iccOUJIwT340CQ==

GET
BLOB 200
OK 839c248f-1d2c-47f7-b0e9-ef0519086341
https://www.sharing.wtf/ 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sharing.wtf/839c248f-1d2c-47f7-b0e9-ef0519086341
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a10d5f8325553e96dc757de567977c5c5a6d53197cf2985080da090de90d8956

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 62383
Content-Type: text/javascript

GET
H2 200 e5348885-f277-48dc-b249-4e674957fef5 Show response
app.playstream.media/api/vmap/ Frame BE81 2 KB
2 KB 33ms
32ms XHR
text/xml 88.99.215.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/api/vmap/e5348885-f277-48dc-b249-4e674957fef5?height=256&width=455&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.215.99.88.clients.your-server.de
Software: nginx/1.17.10 / PHP/7.4.11
Resource Hash: 84cc1b50e5e6f2984ad3e75988b1edf5a32e8020f746e0c36c5135c3605f9e8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Fri, 28 Jan 2022 13:29:05 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx/1.17.10
x-powered-by: PHP/7.4.11
content-type: text/xml; charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF3F 0
0 77ms
76ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7WiCgHMaY4GG7EJD88Llxhi2q_y791CqqNU4T1D3Sk7cZ7yiZUx34NsLdRbXrwk5C58bmNaJfn7OlSsZ-4V9eIAQxVndb-s6oFcdop-ZClDnknDm00tjgyHPubAV-iwmJ1cIUiwacJAX22Lug-joC7ADB6rx705KfvCqkj3iHXbXkG05A6mGBXKjqBI3Juwh8s-0JVVZsvimnoKyib5Sv92x6jvDI5afIhXjteqXnjSBpAREWNcyo0Yt29wMX1zIXHTiM2ZQ3DrwL77ILF8oykir7Jk9_iZENuBNF-w6DuPfpygZnFOFvRQmCFFDQti4WCYEG1M3oexU8vijpFFWi0_9f&sig=Cg0ArKJSzKB_phjXaZSPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ Frame DF3F 283 KB
102 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5945208862215231&plah=3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f4fdf9f78a6678207ffa7eabc4f2a2eac3cd756b3aa69c6ad75b4dc81ce1d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104322
x-xss-protection: 0
server: cafe
etag: 107536255599717519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:29:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E54 0
0 91ms
91ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3YOJdKFCFSRwQw-JYxeivBKxxqEHHiyHruEFGnRxD0VZvM17MeYhwkgAn_8WEUgRpu6JuUyQH7UUKToVC-nC8DiBrhvrzEC5YL_OX1TQTfl0hEPmo-KtTen8hxiNsjlUw5z41oHDvoEY41KaUOcNnzu9-SLVIwo8DOCxrrUli20yB1N2VikLN-t8hshJreQLk3Km61et-YVmnWOZ0XLg0YBx0as1fGkK1S7vykFAtHLdqR3_bljVYlY5pwkoDCVrO8xjcy0q-xSfiqFoI08sK2KVprCzAOf6veACyoh_BfKAWoEvAj2Xh0YY_BwexXQq5ABVxW7Dy1kBVLW-CxKQrCw&sig=Cg0ArKJSzGriQEsJHdb-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ Frame 5E54 283 KB
102 KB 83ms
81ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f4fdf9f78a6678207ffa7eabc4f2a2eac3cd756b3aa69c6ad75b4dc81ce1d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104322
x-xss-protection: 0
server: cafe
etag: 107536255599717519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:29:05 GMT

GET
DATA 200
OK truncated
/ Frame DF3F 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8109d839c097816638bda57ab12be8ba9451cdb88d64c5bf6426fd326151f3ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DAF2 0
0 75ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstytiZV12q23LLYpb8yL3ZH8R1HayjsttG-LWlM_x4rQokFjmdivfJn8D2uS6zKRgRegsXD_lGb63dal6kR5-OMBNaZxXtDt3UwbdzOEAGtgNkGHycPiVNgjoJvVs2tMOeC8_JrthOko26ipsNc5R109yJr79pxQLQoV5FW3jOkS5ah44fPtN7JtocukxQZsiX1g8eX3yFME1-0GvwaYKminqzBqAA6_v3tjYelt3HQrnpSN-n23mqhnm0yJ_-6laIy1IwMKQFzcMxojdBHUxYe2nsWY2s2donzFnHVwLhx8U2VhID6jAeWbUvowoKKY6kSLjJX-0vvoPBVcTseWiw92w&sig=Cg0ArKJSzAF3Ua2Kng6uEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ Frame DAF2 283 KB
102 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f4fdf9f78a6678207ffa7eabc4f2a2eac3cd756b3aa69c6ad75b4dc81ce1d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104322
x-xss-protection: 0
server: cafe
etag: 107536255599717519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:29:06 GMT

GET
DATA 200
OK truncated
/ Frame 5E54 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c54dd84d49646c6fc88a5858160d2d4fb6b6b2a7896702eb7d0b9d370d121e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DAF2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9885d288a75dd98489c1c64d899fee8551928f80c259c4f88d4d7f6d3ef51940

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A66F 0
0 76ms
76ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXUMBL7hIDZ6coDqN6W6jhhwXwxE4HYmxCn87TjDL5EwNskN9aANl9rr1XWrAgG-kC-xzqrf9AmhYN965YOxo49DbUINJGDB34myQgRJCLjD98pzCWVRRN0Fu9X8KPSBSH0XLVG3YrpKL7uYRHKG4bbFtpwlwl3awYM9RAf6mILgq36J8yD0xkLPcMySzXIE5gvHI-URwP9oytylukCC9zk9IalY6Gsm71ZJGIKvGGbyU1n_t2IL1TA1ERCQom9yG8MfiZDWFW00xuw17ZxurN74yR-4L9D7iGWt_sR9Yb7_Rwx8DRRAYF52XhJRjkZkNYpABnK0pY8S8kn6g8NYqi&sig=Cg0ArKJSzF-H69xS-JRUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
URL: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame A66F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df0f530b4fc796956827f8dfcc834d99c51152f2dd8fcbccc5cc5e1c70083d32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A66F 79 KB
27 KB 61ms
60ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/DTM/dirrrtyremixes.com/tag.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3a837873b3c174524e190a4c9a9bf52379cac4d2822bb5e524c60df2d9d15abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27136
x-xss-protection: 0
server: sffe
etag: "1115 / 198 of 1000 / last-modified: 1643371812"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 28 Jan 2022 13:29:06 GMT

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame A66F 2 KB
1 KB 19ms
18ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220128

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/DTM/dirrrtyremixes.com/tag.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79db41bb706b2799a7d4ab3769fa0eeeddf32c504a5054be9b00f30622a9efe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11554
x-jsd-version: 1.0.1235
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19125-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69c-w3wKlfy+duwPmjPSJ261T4/xb74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d4a91551c5090d4-FRA

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ Frame A66F 16 B
372 B 17ms
16ms Script
application/javascript 2606:4700:3108::ac42:2b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/DTM/dirrrtyremixes.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279244
x-host: adinplay-2
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6pkBNuH6mBT2gcoFrzC6n5sHumzw3o7Jh43dJFKLwyTCJAoeLzj4xRi3fpyu3mkTcVq8BPvfdWIl%2FO9arXAcyx2ql2Y2KAPDjwZg2obszSiivBOepZ%2BPkSpT9mqtBPrQcatTLPq8QdAf4fZ9eM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d4a91551c135c38-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A66F 143 B
1 KB 365ms
364ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/DTM/dirrrtyremixes.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1e862362b97bbf331176142e8102ead2463aabf19ccf249ea30907f4902b0cb6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:06 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 82eb2719-d0b9-4594-9832-346b18b76633
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame DF3F 107 B
122 B 46ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame DF3F 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 532C 603 B
66 B 64ms
64ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=250&slotname=3546254966&adk=2426902379&adf=272530241&pi=t.ma~as.3546254966&w=970&url=https%3A%2F%2Fwww.sharing.wtf%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376545911&bpp=10&bdt=197&idt=204&shv=r20220126&mjsv=m202201200301&ptt=5&saldr=sa&correlator=6010198991580&frm=24&ife=3&pv=2&ga_vid=1179723932.1643376546&ga_sid=1643376546&ga_hid=550439547&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=4236235423&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=3495137589013993&pem=999&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uk51gz9qoppm&fsb=1&dtd=228

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 13:29:06 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame BE81 156 B
516 B 273ms
273ms XHR
text/xml 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2FSPM_Adsolut_DirrtyRemix%2FSPM_Adsolut_DirrtyRemix_Floater_PreRoll&description_url=https%3A%2F%2Fwww.dirrtyremix.es%2F&tfcd=0&npa=0&sz=400x300%7C640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2842260505965526&sdkv=h.3.497.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=566381981&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.497.0&media_url=blob%3Ahttps%253a%2F%2Fwww.sharing.wtf%2Ff54c6995-1da4-42a8-befc-15dad456473f&sid=D1D7965F-F947-4D43-BA84-4665E4A13878&nel=0&eid=44738438&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&dt=1643376546143&cookie=ID%3D9f548a3ca288acc2-22d399852fcd0078%3AT%3D1643376544%3ART%3D1643376544%3AS%3DALNI_Ma3Vk2jKqaXqzto1meuSgK_O0pYlQ&scor=3918567608653602&ged=ve4_td2_tt0_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5E54 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5E54 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 695C 603 B
66 B 64ms
63ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=3546254966&adk=3041473798&adf=272530254&pi=t.ma~as.3546254966&w=970&url=https%3A%2F%2Fwww.sharing.wtf%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376545926&bpp=9&bdt=206&idt=245&shv=r20220126&mjsv=m202201200301&ptt=5&saldr=sa&correlator=4357060650104&frm=24&ife=3&pv=2&ga_vid=389439626.1643376546&ga_sid=1643376546&ga_hid=1780539547&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1548298141&scr_x=-12245933&scr_y=-12245933&eid=31064201&oid=2&pvsid=1113210353644179&pem=999&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.imzt2kadl8wn&fsb=1&dtd=264

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 13:29:06 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame DAF2 107 B
122 B 46ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame DAF2 107 B
122 B 56ms
55ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A19F 603 B
66 B 60ms
60ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=3546254966&adk=2834947142&adf=272530252&pi=t.ma~as.3546254966&w=728&url=https%3A%2F%2Fwww.sharing.wtf%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376545989&bpp=6&bdt=260&idt=221&shv=r20220126&mjsv=m202201200301&ptt=5&saldr=sa&correlator=74279130059&frm=24&ife=3&pv=2&ga_vid=567113236.1643376546&ga_sid=1643376546&ga_hid=1338826182&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1576167272&scr_x=-12245933&scr_y=-12245933&eid=44753656%2C31063221&oid=2&pvsid=1723598639359452&pem=999&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8tqupiulh9yx&fsb=1&dtd=238

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 13:29:06 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A66F 352 KB
118 KB 45ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Jan 2023 11:54:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF3F 0
0 74ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvO1IfSp7JyxNsEpKPp83TFP41_ib-8c10rzPM_DxRO-wStq1gqb-7gUvC6njBfvNPXYZKY91-rmrPZxQd_o79X0T1cDOPZBK-B-jrp0vLslqPHwUnZDGEbmEm-4gsVJsmD5PqE0CnvqC5JaiZX3KssQOoxQUYv6rtqsld6bajpjJeYRTXhiEWjop3YFcfftIoee00ffAQhBhTdwpjP-DHN0GN9UnSfEcjyxvEXKLL_kU8H8bzg_J56qpkTz6LrnyAV8-aA4-g9L9DQZJBUqwMuV29lm2uf5mWm2PVrzgV43AMVouMAPyNu89M1op25PGTA5mFQ70s_JsdzrkAbcazHnTTI7-Y&sig=Cg0ArKJSzLzxjS6IR2WgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 28 Jan 2022 13:29:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DF3F 12 KB
9 KB 102ms
57ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0373cfa5cce3be91364a2dd7e643f84369704b4b8bebf06cb8d4b68b5d882832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8991
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5E54 0
0 76ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveTJNJgZKxjq9xSNVhXlTq5aSj51KIkG1giNZBYdV02uFX0I0XVgl66rAKueCuXo_bNvUAcZlO6b-DEDK4JzFuZ6xTCzjvErSMklYtP3Db-anGHwti9Lw4XYZt70qiBfGRJbRRvisxqT4uko9B8iOh2IOOUHVCiYke5T-ls30hkgjnJMYEU3iuQ-K9nlD5I3G8IIr9IPx93BBNOlcJw2mO27KxX0mmNz7w-TD3Jh_G_JYomZ5rtQd9JzCj65T1NtQXQxGYwyzEIXVW9rFpOuYurvqq5NynHCp_u8SsDyb5l1b26fqzlU4Wiwnr5G-2zSwECHTp3ivGwjncQhvmWtFOHeaM&sig=Cg0ArKJSzMY2lhh8qzbBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 28 Jan 2022 13:29:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5E54 11 KB
9 KB 86ms
66ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

474156ec01bbea960ae3eda4515b79d33ea19f1aa7a585b6a0162ec03d5e2d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8842
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DAF2 0
0 75ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1th4Z7kGtaPaVefIMsnjH-kg7Pa65gb1ubHWpoci9fnYJYc5jTmhvelu8rfSICGkUDGM34PHA-Nh41dpu373XCmHMi7MgaMJzfudr20zPbrcUfz5R-FYkaA_xAk7NZvIO6x_3_c41p6ZQWK8yMGj7Joj0ALsL4XFyXLEwygSCCRS8EK4swNDlxdWEcZzqa1gAL49G6wcgSnsaepHRUVQ4-rAVkjZILbpZit3gL67nD4veLF2IGAPMKIeBQrzdxDji9fnOkE3Zomc0Uu_yyrxsq8OwFw8l9yHgOVsg5jCgTJYwSoSC8xOzaKD-5mUQa63_hU3xCVwdDMBHR-M_lCZpLmNz&sig=Cg0ArKJSzGMzeyH5_kJIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 28 Jan 2022 13:29:06 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DAF2 11 KB
9 KB 56ms
49ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626a9fc0d4904d184d5de01f639caf95e1cb07f3dd287f3bc40aec20ac88263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8908
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A66F 0
0 76ms
75ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdcnazQKvpzrqmRwMUo6SyUwlYYIiaQqru1b5hpNxceSify7JVt0bIFBjbJs8FlIVJz0IWsaSHssxwphCWZBETYyKFBKsQTa0tnHczqNTYtwdJsLnzSKRcZgURQhfv7oz7vqMf6xNjhokIb1qZUcECfWG-PzhcNUjNYU8Fyg_1j-oZbHa-NIy4NSZXZI0BwCpxpu3NAUYKp44BM9uLhS-x0_MN4CbmP74adCAvybE2sdCuNaKCuet4J9roAAtddaESY5Pr0YJreYhyU5A6Yb-q_zKyNRjU2-ZmwKw07et_cm1x0UjzTiKRchMtiKDYO_1qCj3JCVhX5om1nKcmLBtlM2I&sig=Cg0ArKJSzDYsKpWYmMfJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 28 Jan 2022 13:29:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DAF2 17 KB
6 KB 123ms
74ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 13:29:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DF3F 17 KB
6 KB 109ms
69ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 13:29:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5E54 17 KB
6 KB 92ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 13:29:06 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame A66F 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A66F 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A66F 330 B
179 B 76ms
75ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1545968005273559&correlator=3749971526640951&output=ldjh&impl=fif&eid=31064551%2C31063708%2C31061166&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220128&iu_parts=421469808%3A22479386016%2Cdirrrtyremixes.com_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&eri=5&cust_params=GS%3DYes%26FC%3D1%26OS%3DOther&cdm=3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com&bc=31&abxe=1&dt=1643376546489&dlt=1643376545724&idt=632&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=970&ish=90&oid=2&adxs=0&adys=0&adks=4282808982&ucis=5d92ih9ugilu&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2F3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com&loc=https%3A%2F%2F3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&top=www.sharing.wtf&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=970x0&ga_vid=1810222396.1643376546&ga_sid=1643376546&ga_hid=642022523&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1b79c991df0552998e0cb890f6de7b47e74b3e01f208a566ee90db1ea2f8c0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A66F 12 KB
9 KB 57ms
56ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f62ddd1bda63fd5d45d1a23067b24c84dcd061fff8b58ebb0c9da60d5a80267b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8980
x-xss-protection: 0

GET
H2 200 container.html Show response
c263c22cb645df46d77a2c2dac4270b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 21EE 6 KB
3 KB 74ms
46ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c263c22cb645df46d77a2c2dac4270b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 28 Jan 2022 13:29:06 GMT
expires: Sat, 28 Jan 2023 13:29:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
206 B 18ms
17ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456493/hbw_master_483572_13220.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.sharing.wtf
Date: Fri, 28 Jan 2022 13:29:05 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4825 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 12:46:33 GMT
expires: Sat, 28 Jan 2023 12:46:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 973F 783 B
535 B 101ms
51ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28e8848a7288d1bd5064b6e5deb78cf39627f627c683c19327679421495c0906

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C84cFowqLuXOq+uD1WlvHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 28 Jan 2022 13:29:06 GMT
date: Fri, 28 Jan 2022 13:29:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-C84cFowqLuXOq+uD1WlvHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8CDE 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 12:46:33 GMT
expires: Sat, 28 Jan 2023 12:46:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8363 783 B
532 B 85ms
51ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b87009e8f8dbf0c8fcf578961f7292e78d19960eb513624c6cc4503f24dfd2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NentfF+oEX2frfdfMSHRuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 28 Jan 2022 13:29:06 GMT
date: Fri, 28 Jan 2022 13:29:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NentfF+oEX2frfdfMSHRuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A6F 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 12:46:33 GMT
expires: Sat, 28 Jan 2023 12:46:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 16C7 783 B
536 B 67ms
50ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5eb35b0f3ef71b4f225145faa254ac5357eea3ab2657e24f589e40a408947c22

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-34QlNMg5PJpBZWLqQJAOJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 28 Jan 2022 13:29:06 GMT
date: Fri, 28 Jan 2022 13:29:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-34QlNMg5PJpBZWLqQJAOJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A66F 17 KB
6 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 13:29:06 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 4825 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:54:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 11:54:53 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 352A 52 KB
17 KB 52ms
8ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/DTM/dirrrtyremixes.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 29 Jan 2022 13:29:08 GMT
Date: Fri, 28 Jan 2022 13:29:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CDE 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:54:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 11:54:53 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A6F 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:54:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 11:54:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3896 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 12:46:33 GMT
expires: Sat, 28 Jan 2023 12:46:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2623 783 B
534 B 52ms
50ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e2d0277201932ca63537359ba595328cfee5eb8a2e3c39c1eef8f65c07f8032

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cUobB7UijD4p2iCpSQYCjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 28 Jan 2022 13:29:06 GMT
date: Fri, 28 Jan 2022 13:29:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-cUobB7UijD4p2iCpSQYCjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 352A 0
735 B 42ms
42ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:06 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2a510198-88dc-4387-ac0b-c871ef3b75b1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 16C7 0
0 104ms
103ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=1723598639359452&rc=
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8363 0
0 88ms
87ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=3495137589013993&rc=
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 973F 0
0 88ms
88ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=1113210353644179&rc=
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4825 0
9 B 42ms
41ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TBOhlA
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2623 0
0 104ms
104ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=1545968005273559&rc=
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 3896 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:54:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 11:54:53 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5A6F 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?50AOsg
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8CDE 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UMIesA
Requested by: Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:29:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E54 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=1113210353644179&bg=!dnWldTHNAAY6OBv_Ojg7ACkAdvg8WtmQnFnlhk9-58u3xkQ0iBERuftgPcHKdh7jAxqQ6HjlCRtCgAIAAAD6UgAAAAJoAQeZAwKtPXNvHKL5ZuDbq09XQ8jtFfADv_Zv1ybT4UimtimF2s_OXpdLePGiM1S_D6oD81Z04OM4R--Ls1PTWWygT2ehAeR1IbviW4krO3Qk1mU9IBqNJdgFdYyCLOZmi1Jk_DnFLm7rG4QQjNswnEZstgzJRiOrDbotCXpMddFonhu2wfGKJHWqjmiEgpuDj0FfdkQbV9em0JtnnxjJ0_kTiFRXf_8c5CE7JSchMjJ5BVS8wFlaG7PC9-VFEBK9e6gtUScxvfCgov63TMfYSMiCwkinma25XSWwmr1BgzzpmVYA1IKeHapm4hgqs6uZpEyBzOs-Q36okz4RGaukrSMj5qYpMLEuxEDqFUpMp-bvdG4vfOvz16fr4e8wuoelvVcGEfclC5l_ib1GjSWOvQ-UfCzbl-FhcVdfJn_ApcRqcSuwyB-aYBNfIXP_NnWu6Uo5Bq4MJk3kj9KYtGn46eBb6_KbJaNlEfc32S12-8El1Buq6ttqwZRc-xOqLYtO7FgnQXfFdPQOj4-uHbD_UVqFxt__Zwz4a8rvX0PPtb2hPzm_kPTs_yaaiSvkHitICM7KYj5MsRrWD8OWNYrtCInA5cXf8QcMf0KaUPIEX09gsK5nZxl01UGnUFBcTq9XVgZu5lfPbjp47-jfp4JVsncRPq8hotrcRfV_ykJidCcbnF9XYHA-VZsSMC3yseLTP1jClyjzUfnL4N44tzLAWb4kGerF6iRvi2Qzmk69nnXCed8vfByFoAqUWVrn6Hw_DLO3_Q-MB6s294m9eQ-iZDT36UKfu_DxImTeXGyaL1RMjQHTdbgulPyu5HBNDB_rm_FoW_0EO3y9cv95IxAtvDSMj30CfvpQwCd3midQCeFiByh49AfmMQuGgc8uxPbk3t1-DBBEOlIl_WnQSRJCcMk_tWS6PlYKEuuBf0DGl5FKKU4z-dwBhxJCl1nJWweJD_KbdEeL_2Qf6EYHePXjZ87_wGgQm27pSokq2mvfoM17W-3IvauEQJ5Eu-h3bBgExVbLdaDnAw

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAF2 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=1723598639359452&bg=!xcalxoLNAAY6OBv_Ojg7ACkAdvg8WiJA227UoBSKxDNSSlzi2_Aio8g2ffuvnH241MJJ6Zz5gIkaRgIAAADdUgAAAAZoAQcKAH8W4YpoS-hCGNrSErggU6HNi5eBTFu8iXA1muHRa5guvi75nJQIM9FpsMsnQ6niMp7HBU7SUBEpfp-ccaoxcuaNX7Wp2OmcCqQPsfModfCQle5399e3yZRFQt5xHsJCu7Qv6CQxEv57-5LLeZhL6AZSNqobJeBbChCG3PTQOYpGmQMAeZdtgNooxZA2d90qytkTj3156TUPV2qSEE2iTQehz4Vil2k_fC71Mwtq07d0kL51IJofr8Vx7ZiOzEfTEkyNs7WDR48H2ViMM1N6aTzXPxAT7Px7AfnsFirWVc5jUO31mOVp9H8bMu2DQ7SyWlOLESHIU3M2zVSuO38rVujx_ShITVjM3pwBoWUjAFQw1BBgANZz2KFVHIHpmUkeIeIllybEGyZVVLIV4HGE_OirqFWTt02p3Ptgq7JlZWh2tkRbed3OLL2zW_fAe8N1lkligL3q1LVxV-ZKAySZLoJGLgV6nUhUm3XjlpM7Rj0G8El_c2j6A-M0lVVNWNXg-VIQC4uyaIWuSg2ylPMpybqk03Ie8ZA6FLvHfwEnqg0X9kFWsPklpBNQXowkM57KntNrLfwQKtltpyqrl5ujmmEuZ3CRUwenXBQ8HNKAlelxnI8b7PToEqd-yjpW90LMaGLarebdH9TB4vUXbIG98S4wvzoCb31edFlRekKxSBLecxykBT3UggUz7HZnh5TAgyX9ZO2jopa0etIkfimmW4fEG1ozB4_Wpdvec5BToBovdZ6W3W1gcBTwAlpNCGEkH23tChfuPSHq4S_7SWAAXRIpoMPgYezIWG-ZtynLWPlYKmzjXZRVzvw1SvpD_8dhqSA9QTFbwvy1aVJKFAwR4DbmoVNo4z3k0ex5zGZdttTmG55JpgGciq2foFvv1S-xzDxf5DXVrzqDs5Esq-m9OczP8DE46nTo_Gqz3e6SjW-pzeXCTNz0tY6UsFIhG9c9RL-n5UY6qoVdC8lhj05Go79W1g6MoloKjSxwBbOABnlB4dZVvBuHF6bQvDJek9aHGQjHHQv8wQ73-2A40aXWe3u6IbqANxaVoiW54mBGsncMST4cgipks-UqceNftj7rZeBaRSssEiF0W7-TW2gfrIr0oMK0leLBq_gjdmAX0RPaUMX-WNS3uo2ShlmhJ3twbAC4K3XLl472C3VrL_m1pjMW7thBxtPdl9LB-hE9OILdzaM9

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF3F 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=3495137589013993&bg=!xcalxoLNAAY6OBv_Ojg7ACkAdvg8WoZkaeEWFTXfuRpTxRH9O5Dt2sXmsr-3Y7haBHDBsIa947EeuAIAAAEBUgAAAAJoAQeZAw4EEpHbDLqLQRHItjWUvYjesXlG4Wndw8GK0TgihsJo-pABCAWgWTkrSVcuI1ISbUFBdI8Gbjt5_EAfFXCt15zv3TZfa_OCRnNYCynkKR9Joj6YE72O9v-EzaevZZ6BDCDXWhWtptXkuGRe1ch5aqxMlRFkQwaWzZdLfiiO_Ovt6JzViW2nWQBZ9ZX6zP9bkj0NOChB22ZVcRrKj1myo5YNqSaqq5o9L-O8OzJ4Nq4oNyFmkjkAtIP6YvyvkK_o5NHpVA1x35osKyFnJQaiqWHw6nU75NxbjlTm01_iL-_0-GdNBm0eXFMrhuYyBtZxNQ2oJgJuR6FnIbOOoR7pfjLnCf4Cjnsg_ux7gKeFR5ev378_LNmQMGc2fStwYXYKvlNy451fnX1BEIttiKoRaM9RuJL_Vc1GRJYLWZyPBNUF2cA50WrONccSdIoXK0buNIq-nhwx7IM023Tn6OQlqn-WVnIvuuvewMKgbd53DX8SwAE3sDgQvD3amblr8bKSVWkbVqOZOm8BylFfGVtO9SxGI7YT4PsAVaX-7D0Ac5PEZgi65VJTO5E4V8bYlWMjnSZngUGTxupzqKwqHpZp7zH-bpfJqkB31b0k_xt0t3jTP0CvKQRcd01dDnjiFWzrMNJ3dgPVOe030r_3N9qw7yuQ-c0VEHp792iAqkXK09VJ3vT8wd3uWV7FUfgVDBzCfz3dyWlLO_n5Fx-aE_MPHCIvomZRS5k0hE39meh59K1x5Qg-GDS7d87s1OE0wN0ijZhGNEW5gMAw75LYo8z-ajOfTkoku7wpDy9WFMyvN8daR7dw3f88ICwa2JeA7USDxdOMQLcxbAKK_aABlZMjqkZ3EIN0-IM4G_ZHXqqsEPlnxz2qquMpnPp17BAhoXXuWeXq5NC8SJzdl8bBn9xgFAr4JU0rEIgU5YSYVUhMqkF9vIRHi29xaF8jmP-viotaDHnwPHTX_bhoChHq9qFXyqP1d7IIVC9uLUliiyyK2j6ujqFuieDfN7LaZUDgL64eplanqsDaaezTfaRsO3hU2g

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 3896 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A66F 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=1545968005273559&bg=!VValVhLNAAY6OBv_Ojg7ACkAdvg8Wh8hIldFYEG5taaMzd2AUPdSi7kEmxPDVts16dKjqYwEpRhn-gIAAABuUgAAAANoAQcKAAKqVpkC8su3P4eJXhMDOVPu3qNAytAY7p-bkGAq627jVjlUiTCnNgI9uND5kGut2XLlIlv9Dw5ISQlUNZpiV7iA_GhGYW9bzFMhQvT37didb3PdFqjaq1ohYka0jvsdU-QnMeGIAXprBIYVhwzMQJbQl4pSsnrgmkwZASTBWuXOUEjjuRTz4PzXS7nrRi_DTlZJ--_4vV4LbgQn3bNddmXMeIJe5jglWSC-Kja__4MeXl-W53uEIp_-N_nOXn8a-GTKJCcJYM1tO9yHCk4EtrsQxyqt6FTY4tu07PxIRPgmi6HFw8vzTQSd0eVtd_v9zFMiy7r-bHNJmOrWZGFEJWm-28n2bb14O1o_p0TMLDYzmph6G5Xz8C5SrWVThNKCIO4PoKT_hLudI1KLv-KUdwaIVOnLK7YtxxDHsoShGR5vpCIntGqv6nw5iLO8gAHXar8DW5YA5HTHHUXqZ6Nuq7GyLAmN5Sfc7zulx250qW2Oh8mlUMrJi0_qKTiSwDqLLidT-tTOR669Xu5B9zp8Ip5wXbAADXoRaLwL-YhWKt_dbAz-rZolKS2KMDgmoLi1MsxnK9BA2LrSNOwF7gCbRnNUWvsiv8b5sRbN25ch6zvAY3edSTlObkT44FBuEct3b_uWNFZVtIqLZvNs6f3h7afn-7BZYg8wHg8rG8Per4waa0MF9TwqplIiJ5I-Tc3eg4fgW-10gP9fxLpO9mJNEl8yQr1nuE8x14rmHkt2XJzC4VhTKuUmEBECzoqg6jFvAcwtw9-hSjH4MWXKDID1cZqkO8BP2Gz6Spje-xrfTx4b7iVInCQ2l4_vy_Qj_lSX4zSfb4fHEYcnN4QumKY45xU9BjpmnDN0Yr6p1LhTDSMA4JtigCzl_OozkxOdNyfodDP7Xm3975OOdE37R-uLv-Uv870wkKJGF2RIa3Pcf6_DqoNY5bqnwEn3ULiLuLAqFoyc3HUchyPoEzgixLNVYzJHH_VbBGIO1aNrI5WF1X5EhB7mb8BnFLk

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF3F 42 B
64 B 70ms
69ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxz2DN9c75_gJGAQMQS4ct-fDYvmGrrDpWDZmlebN7_MTJ3yjUGDt9lbYFEdTH6eA07BuryMiG6rXMcrvICaZScee1nR7MSvvfCVF_9PjmPn0ph9BT&sig=Cg0ArKJSzP6XGjJR6PzCEAE&id=lidar2&mcvt=1000&p=217,315,467,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=4225142424&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643376545657&rpt=636&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5E54 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutjoCVnSxoN8j7beKc9gFCMZHenOXCKqdKzBGWMdWoMJV66YMkZ4M3I3-Br6S9IiYy5n4RAGfy26n8G_rbCeHd8LnsTpOajS4PwJLQAFuKqYxaxdvp&sig=Cg0ArKJSzNAJ79ivjoksEAE&id=lidar2&mcvt=1001&p=573,315,663,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1333508004&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643376545660&rpt=659&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A66F 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssW4ybH4rURHr5qD8PzyW-zNk2xh27IABc7DK4616k7l6evzR0vIBBsGTLKWSUbbItqRN1D6PFe34tPEozrkdC9PuHtiJBWlM-v1HDDCZ4QKexN25f-&sig=Cg0ArKJSzNQ5RH2ovxZYEAE&id=lidar2&mcvt=1000&p=1141,315,1231,1285&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=0.66&if=1&app=0&itpl=19&adk=3773986693&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643376545663&rpt=702&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 352A 0
735 B 55ms
54ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 13:29:07 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 69dbc63b-5dcb-4ad7-95a3-06ceffdcb82f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 87053707 Show response
mc.yandex.com/webvisor/ 43 B
247 B 306ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87053707?wmode=0&wv-part=1&wv-hit=931952479&page-url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&rn=403928490&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1643376548%3Aw%3A1600x1200%3Av%3A741%3Az%3A0%3Ai%3A20220128132907%3Au%3A1643376545693577960%3Avf%3A7oivoclvcqev9drxhj3%3Awe%3A1%3Ast%3A1643376548&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:08 GMT
last-modified: Fri, 28-Jan-2022 13:29:08 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.sharing.wtf
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 13:29:08 GMT

POST
H2 200 87053707 Show response
mc.yandex.com/webvisor/ 43 B
85 B 31ms
31ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87053707?wmode=0&wv-part=1&wv-hit=931952479&page-url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&rn=450358701&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1643376548%3Aw%3A1600x1200%3Av%3A741%3Az%3A0%3Ai%3A20220128132908%3Au%3A1643376545693577960%3Avf%3A7oivoclvcqev9drxhj3%3Awe%3A1%3Ast%3A1643376548&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:08 GMT
last-modified: Fri, 28-Jan-2022 13:29:08 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.sharing.wtf
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 13:29:08 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 78ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sharing.wtf%2F&domain=www.sharing.wtf&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sharing.wtf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.sharing.wtf
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1570
date: Fri, 28 Jan 2022 13:29:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sharing.wtf%2F&domain=www.sharing.wtf&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=WJmYWXxFRkZkK1dGYnFkYy8vdWRCZFNDMkxoNlVYNGFJb050NkZtampFZWg2RWU2N1o0R0c1QjhkSWNIZTE3MDdJbmZnSjJ6SkwvTnB4L0Q3YjNpcFA2ZVNocERFTUVmazdHRmpLaXVjTFRUQWg1cTB1bW1UNGlyY1BiUX...

358 B
620 B

46ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=WJmYWXxFRkZkK1dGYnFkYy8vdWRCZFNDMkxoNlVYNGFJb050NkZtampFZWg2RWU2N1o0R0c1QjhkSWNIZTE3MDdJbmZnSjJ6SkwvTnB4L0Q3YjNpcFA2ZVNocERFTUVmazdHRmpLaXVjTFRUQWg1cTB1bW1UNGlyY1BiUXI0VXl5MlhhWlZZWlg3aERybnpJNHorVHRNZnFBMThtWGFTa0JwSkpHaGkrY2YzdnpVUXVHYTNYY3NnVk1LbWh1bGVMam1qS3BFeXBpSmlzL1NlWFhzOEttUHZUd3ZmQTFSTDdoSXJaWlBNZVZ5cEdRQXJvPXw&cppv=2

Requested by

Host: www.sharing.wtf
URL: https://www.sharing.wtf/add59dc0f1bb3f17

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2688ac58d937ca646a28fbe551f8c9ab0529d14dc90941ad56183cfb69a641bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sharing.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:08 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2430
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 13:29:08 GMT
location: https://mug.criteo.com/sid?cpp=WJmYWXxFRkZkK1dGYnFkYy8vdWRCZFNDMkxoNlVYNGFJb050NkZtampFZWg2RWU2N1o0R0c1QjhkSWNIZTE3MDdJbmZnSjJ6SkwvTnB4L0Q3YjNpcFA2ZVNocERFTUVmazdHRmpLaXVjTFRUQWg1cTB1bW1UNGlyY1BiUXI0VXl5MlhhWlZZWlg3aERybnpJNHorVHRNZnFBMThtWGFTa0JwSkpHaGkrY2YzdnpVUXVHYTNYY3NnVk1LbWh1bGVMam1qS3BFeXBpSmlzL1NlWFhzOEttUHZUd3ZmQTFSTDdoSXJaWlBNZVZ5cEdRQXJvPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sharing.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1742
content-length: 482
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
533 B 39ms
7ms XHR
application/json 51.89.7.202
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456493/hb_483572_13220.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p37.id5-sync.com

Software

Resource Hash

c38b1b8ee8cf8b9321d49726d014f0f49c34f580d8fd1bd69b44a8ecd52a7826

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sharing.wtf/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.sharing.wtf
Date: Fri, 28 Jan 2022 13:29:07 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 58ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1033
date: Fri, 28 Jan 2022 13:29:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: asset.pagefair.com
URL: https://asset.pagefair.com/measure.min.js

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D

Domain: udmserve.net
URL: https://udmserve.net/udm/img.fetch?tid=1&dt=10&sid=16890&sizes=970x250%2C1x1%2C970x90%2C1x1%2C970x90%2C1x1%2C728x90%2C1x1&version=3.5V

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?r6k3_w

Verdicts & Comments Add Verdict or Comment

311 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sharing.wtf/	1970-01-20 02:53:36	Name: filehosting Value: g488miifvp5mkfq6qp3i7gpde2
www.sharing.wtf/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 0a5a58aa-a032-48b0-816d-0628326a010a
.dtscout.com/	1970-01-20 00:29:41	Name: m Value: 1
.dtscout.com/	1970-01-20 00:29:54	Name: b Value: 1
.dtscout.com/	1970-01-20 00:29:50	Name: oa Value: 1
.dtscout.com/	1970-01-20 02:53:36	Name: df Value: 1643376544
.sharing.wtf/	1970-01-20 18:00:48	Name: _ga Value: GA1.2.85046236.1643376544
.sharing.wtf/	1970-01-20 00:31:02	Name: _gid Value: GA1.2.649586026.1643376544
.sharing.wtf/	1970-01-20 00:29:36	Name: _gat Value: 1
.sharing.wtf/	1970-01-20 00:29:36	Name: _gat_gtag_UA_6843703_13 Value: 1
.quantserve.com/	1970-01-20 09:59:50	Name: mc Value: 61f3efa0-602b5-11253-0c85d
.sharing.wtf/	1970-01-20 09:54:05	Name: __qca Value: P0-201589705-1643376544350
.adtelligent.com/	1970-01-20 02:43:31	Name: vmuid Value: 9809ff5c72b42e0b
.infolinks.com/	1970-01-20 18:00:48	Name: cuid Value: 37764c15-78cd-4789-990f-d1ca4c079df3
.yahoo.com/	1970-01-20 09:15:34	Name: A3 Value: d=AQABBKDv82ECEN8YMb9C_tP12ogQD9-i5lMFEgEBAQFB9WH9YQAAAAAA_eMAAA&S=AQAAAghlG2uAK4yWnHa3jxKIYl0
.casalemedia.com/	1970-01-20 09:15:12	Name: CMID Value: YfPvoJsZWiVRQjrxszxMMQAA
.casalemedia.com/	1970-01-20 02:39:12	Name: CMPS Value: 3276
.adnxs.com/	1970-01-20 02:39:12	Name: uuid2 Value: 7422828097157295699
.pubmatic.com/	1970-01-20 00:31:02	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 02:39:12	Name: CMPRO Value: 1116
.casalemedia.com/	1970-01-20 00:31:02	Name: CMST Value: YfPvoGHz76AA
.pubmatic.com/	1970-01-20 02:39:12	Name: SyncRTB3 Value: 1644537600%3A220
.pubmatic.com/	1970-01-20 02:39:12	Name: KADUSERCOOKIE Value: C1557ACB-64D5-45E5-90CE-183E15D1D3D2
.360yield.com/	1970-01-20 02:39:12	Name: tuuid Value: 4a1e42c2-362a-4dab-90ad-9fbb714158c7
.360yield.com/	1970-01-20 02:39:12	Name: tuuid_lu Value: 1643376544
.advertising.com/	1970-01-20 09:16:38	Name: APID Value: UP433929bf-803e-11ec-93aa-064c62b4fd54
www.sharing.wtf/	1970-01-20 01:12:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.sharing.wtf/	1970-01-20 09:15:12	Name: _pubcid Value: d18e2bba-3e99-40c7-bf5e-2bbb6a7f0328
.turn.com/	1970-01-20 04:48:48	Name: uid Value: 2955104588892394069
.analytics.yahoo.com/	1970-01-20 09:16:38	Name: IDSYNC Value: "192u~22x1:18xp~22x1"
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UP433929bf-803e-11ec-93aa-064c62b4fd54
.yahoo.com/	1970-01-20 00:31:02	Name: APIDTS Value: 1643376544
www.sharing.wtf/	1970-01-20 00:29:40	Name: _gauges_unique_hour Value: 1
www.sharing.wtf/	1970-01-20 00:31:02	Name: _gauges_unique_day Value: 1
www.sharing.wtf/	1970-01-20 01:14:14	Name: _gauges_unique_month Value: 1
www.sharing.wtf/	1970-01-20 09:15:12	Name: _gauges_unique_year Value: 1
www.sharing.wtf/	1970-01-20 09:15:12	Name: _gauges_unique Value: 1
.adsrvr.org/	1970-01-20 09:15:12	Name: TDID Value: 5ea1bb03-98b3-4cdb-afcc-0b5b1da817e5
.infolinks.com/	1970-01-20 02:39:12	Name: ANUSERCOOKIE Value: 7422828097157295699
.cpx.to/	1970-01-20 09:15:12	Name: cpSess Value: 987e188821d4e88
.cpx.to/	1970-01-20 09:15:12	Name: dsp_app_nexus Value: 7422828097157295699#1643376544695
.infolinks.com/	1970-01-20 00:31:02	Name: IXUSERCOOKIE Value: YfPvoJsZWiVRQjrxszxMMQAA&1116
.adsrvr.org/	1970-01-20 09:15:12	Name: TDCPM Value: CAEYBSABKAIyCwjgmfepnJuxOhAFOAE.
.yandex.ru/	1970-01-20 09:15:12	Name: yandexuid Value: 9851751031643376544
.yandex.ru/	1970-01-20 09:15:12	Name: yuidss Value: 9851751031643376544
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2090693351643376544
.yandex.ru/	1970-01-23 16:05:36	Name: i Value: u7NcoWKfQ0AUAGwgj7K6Iu96quOjUsYf+bVAKh6TV93yFdbEShYmm9cMFBDvO4ZJtEma77Nnhp9iBrS1Jl7WuzNaI04=
.yandex.ru/	1970-01-20 09:15:12	Name: ymex Value: 1674912544.yrts.1643376544#1674912544.yrtsi.1643376544
.sharing.wtf/	1970-01-20 00:29:36	Name: _gat_gtag_UA_182103897_1 Value: 1
.1rx.io/	1970-01-20 09:15:12	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ffe35f99-d972-4e4b-98b5-a63be27db230-003%22%2C%22nxtrdr%22%3Afalse%7D
.doubleclick.net/	1970-01-20 09:51:12	Name: IDE Value: AHWqTUk_rAuuhqSx9F1gEYt6N3jlVROasNVSxWBN01ZXNEgecSK24jb5aFoGlwMwric
.sharing.wtf/	1970-01-20 09:15:12	Name: _ym_uid Value: 1643376545693577960
.sharing.wtf/	1970-01-20 09:15:12	Name: _ym_d Value: 1643376545
.infolinks.com/	1970-01-20 00:29:40	Name: IMDUSERCOOKIE Value: 4a1e42c2-362a-4dab-90ad-9fbb714158c7
.lijit.com/	1970-01-20 09:15:12	Name: ljt_reader Value: 53b284b48c0a37e4d1f462d2
.casalemedia.com/	1970-01-20 09:15:12	Name: CMRUM3 Value: 2d61f3efa02760CAESEJT4eydYXM7Bgx85hxSI35I&bc61f3efa005a00&1a61f3efa005a0&0461f3efa027602955104588892394069&f161f3efa005a0&e661f3efa02760&2761f3efa00b40&b061f3efa005a00
.mc.yandex.com/	1970-01-20 00:29:37	Name: sync_cookie_csrf Value: 2647468414fake
.sharing.wtf/	1970-01-20 00:30:48	Name: _ym_isad Value: 2
.infolinks.com/	1970-01-20 00:31:02	Name: VRUSERCOOKIE Value: y-5dG0rxhE2uEaHuUQe0RHbA7Ek4_z0tgICZFqR5U-~A
.targeting.unrulymedia.com/	1970-01-20 09:15:12	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ffe35f99-d972-4e4b-98b5-a63be27db230-003%22%7D
.mc.yandex.ru/	1970-01-20 00:29:37	Name: sync_cookie_csrf Value: 2522708035fake
.betweendigital.com/	1970-01-20 09:15:12	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 09:15:12	Name: tuuid Value: 97edbd2e-d724-511c-b571-16e5d482f945
.betweendigital.com/	1970-01-20 09:15:12	Name: ut Value: YfPvoAALtBiFwlQaNwophBQOcp5ythzIh11rbw==
.betweendigital.com/	1970-01-20 09:15:12	Name: ss Value: 1
.betweendigital.com/	1970-01-20 09:15:12	Name: unm Value: 1
.infolinks.com/	1970-01-20 00:31:02	Name: OUTHUSERCOOKIE Value: y-g9rraANE2uGLyvB5BPknAO8BJtXiOKfS~A~UP433929bf-803e-11ec-93aa-064c62b4fd54
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s859\|YfPvo
.yandex.com/	1970-01-20 09:15:12	Name: yandexuid Value: 9851751031643376544
.yandex.com/	1970-01-20 09:15:12	Name: yuidss Value: 9851751031643376544
.mc.yandex.com/	1970-01-20 00:31:02	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 325373541643376544
.yandex.com/	1970-01-23 16:05:36	Name: i Value: ZQKOiawV1nWBCQXdO50Nivdwxu4GoGhHlPHJH7Hq7XCIUOEoP1cf8JQsNWSruOE3TBKCBpGp7Go0Ti6QW8mHfFi05HA=
.yandex.com/	1970-01-20 09:15:12	Name: ymex Value: 1674912544.yrts.1643376544#1674912544.yrtsi.1643376544
.infolinks.com/	1970-01-20 00:31:02	Name: R1USERCOOKIE Value: RX-ffe35f99-d972-4e4b-98b5-a63be27db230-003
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjKxMDQ1MbQ0NxbiM9R1CvWoyiy3tKwq8PIBAKWHiUYlAAAA
.rfihub.com/	1970-01-20 09:51:12	Name: eud Value: H4sIAAAAAAAAAFslzmtoZmJsbG5mamJiaWoJAAFkCfsQAAAA
.rfihub.com/	1970-01-20 09:51:12	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjKxMDQ1MbQ0NxbiM9R1CvWoyiy3tKwq8PKR4jU0AyoxNzM1MbE0tQQAeXrEaDQAAAA
.sharing.wtf/	1970-01-20 00:29:38	Name: _ym_visorc Value: w
.infolinks.com/	1970-01-20 00:31:02	Name: SOVRNUSERCOOKIE Value: 53b284b48c0a37e4d1f462d2
.infolinks.com/	1970-01-20 00:31:02	Name: ZTUSERCOOKIE Value: 5107433822481541973
prebid.a-mo.net/	1970-01-20 09:15:12	Name: __amc Value: 1_1643376544_1643376544
.udmserve.net/	1970-01-20 09:15:12	Name: udmts Value: 1643376545.0
.udmserve.net/	1970-01-20 09:15:12	Name: dt Value: 855C9CB9-A138-3CD5-A49C-291DE9F5DE52
.rubiconproject.com/	1970-01-20 09:15:12	Name: khaos Value: KYYFYPQ1-24-M24P
.rubiconproject.com/	1970-01-20 09:15:12	Name: audit Value: 1\|vAET2ryzqEH7C4E21nNW7D5APvdogVCbaTd6KyMQnat7y9GyzaExIUvnyAHD9iwQTEJLASlHcx6SzbVYhuy+9CYbB5SW5XQ3vWRd+B4fy7Gma+WVcS1g3g==
.pubmatic.com/	1970-01-20 02:39:12	Name: PUBMDCID Value: 1
.pubmatic.com/	1970-01-20 00:31:02	Name: pi Value: 156872:3
.pubmatic.com/	1970-01-20 02:39:12	Name: chkChromeAb67Sec Value: 3
.infolinks.com/	1970-01-20 00:31:02	Name: KADUSERCOOKIE Value: C1557ACB-64D5-45E5-90CE-183E15D1D3D2~1643376631754
.sharing.wtf/	1970-01-20 09:51:12	Name: __gads Value: ID=9f548a3ca288acc2:T=1643376544:S=ALNI_MaGuiWaAb62C1TmUPiJQT8qFX6yLg
.infolinks.com/	1970-01-20 00:31:02	Name: PUBMUSERCOOKIE Value: C1557ACB-64D5-45E5-90CE-183E15D1D3D2
.sharing.wtf/	1970-01-20 09:15:12	Name: fc Value: %7B%22NDI0fjY0MDI4Ml82NDQyNzY%22%3A%221%3A1643376545449%22%2C%22NDI0fjY0MDI4Ml82NDQyNjQ%22%3A%221%3A1643376545759%22%7D
.sharing.wtf/	1970-01-20 09:15:12	Name: pv Value: %7B%22c%22%3A%221%3A1643376545450%22%2C%22d%22%3A%221%3A1643376545760%22%7D
.infolinks.com/	1970-01-20 00:30:43	Name: tv Value: \|NDI0fjY0MDI4Ml82NDQyNzY~1\|NDI0fjY0MDI4Ml82NDQyNjQ~1
.adnxs.com/	1970-01-20 02:39:12	Name: icu Value: ChgIzYVEEAoYASABKAEwot_PjwY4AUABSAEQot_PjwYYAA..
.sharing.wtf/	1970-01-20 09:51:12	Name: cto_bundle Value: NbNNfV83T1ZLelVZWWlVd3VwWTdyTE5mblZNSTR6cTZxZVFBa1U4SVR2N2ZXT2hpT2JRUEFzQURlbkw0cmRoUzd5ZHVraSUyRjhybG9BVFFmNEpJY0klMkZFM1QlMkJTbWlXaiUyQnZ6RGZwcmdkN3lPcm1HeFl2Mm5uJTJCd084eFVyVzlqejlQd1FVT0k
.sharing.wtf/	1970-01-20 09:51:12	Name: cto_bidid Value: 14HHd183QlBaRFl5YiUyQllsVXdOUCUyQldXRzZ4cEdWQWNPbGNmUmpGZkxhanhIclBDQWxNZUY3QUJCY0RjelFRTEE4TnFaQnclMkJvNk80JTJGbXYzJTJGbUVpdHBUYmw3cWclM0QlM0Q

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.sharing.wtf/add59dc0f1bb3f17(Line 72) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network	error	URL: https://asset.pagefair.com/measure.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&adk=1812271804&adf=3025194257&lmt=1643376544&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544271&bpp=3&bdt=438&idt=203&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2661221419720&frm=20&pv=2&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=250&slotname=4212251255&adk=1915298160&adf=180725892&pi=t.ma~as.4212251255&w=300&lmt=1643376544&psa=0&format=300x250&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544275&bpp=1&bdt=442&idt=236&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2661221419720&frm=20&pv=1&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1057&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UfSG1qzyst&p=https%3A//www.sharing.wtf&dtd=239 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=8551670060&adk=2848899565&adf=2390466099&pi=t.ma~as.8551670060&w=970&lmt=1643376544&psa=0&format=970x90&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544275&bpp=1&bdt=443&idt=243&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=2661221419720&frm=20&pv=1&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ffisqc19Q0&p=https%3A//www.sharing.wtf&dtd=246 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=9968197390&adk=3830745838&adf=4191892778&pi=t.ma~as.9968197390&w=728&lmt=1643376544&psa=0&format=728x90&url=https%3A%2F%2Fwww.sharing.wtf%2Fadd59dc0f1bb3f17&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376544274&bpp=1&bdt=441&idt=221&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2661221419720&frm=20&pv=1&ga_vid=85046236.1643376544&ga_sid=1643376544&ga_hid=1026272061&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=243&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=1508229664283361&pem=222&tmod=833462900&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lqcC0M5GD3&p=https%3A//www.sharing.wtf&dtd=227 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://www.sharing.wtf/add59dc0f1bb3f17 Message: Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch?tid=1&dt=10&sid=16890&sizes=970x250%2C1x1%2C970x90%2C1x1%2C970x90%2C1x1%2C728x90%2C1x1&version=3.5V' from origin 'https://www.sharing.wtf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://udmserve.net/udm/img.fetch?tid=1&dt=10&sid=16890&sizes=970x250%2C1x1%2C970x90%2C1x1%2C970x90%2C1x1%2C728x90%2C1x1&version=3.5V Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=250&slotname=3546254966&adk=2426902379&adf=272530241&pi=t.ma~as.3546254966&w=970&url=https%3A%2F%2Fwww.sharing.wtf%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376545911&bpp=10&bdt=197&idt=204&shv=r20220126&mjsv=m202201200301&ptt=5&saldr=sa&correlator=6010198991580&frm=24&ife=3&pv=2&ga_vid=1179723932.1643376546&ga_sid=1643376546&ga_hid=550439547&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=4236235423&scr_x=-12245933&scr_y=-12245933&oid=2&pvsid=3495137589013993&pem=999&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uk51gz9qoppm&fsb=1&dtd=228 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=3546254966&adk=3041473798&adf=272530254&pi=t.ma~as.3546254966&w=970&url=https%3A%2F%2Fwww.sharing.wtf%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376545926&bpp=9&bdt=206&idt=245&shv=r20220126&mjsv=m202201200301&ptt=5&saldr=sa&correlator=4357060650104&frm=24&ife=3&pv=2&ga_vid=389439626.1643376546&ga_sid=1643376546&ga_hid=1780539547&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1548298141&scr_x=-12245933&scr_y=-12245933&eid=31064201&oid=2&pvsid=1113210353644179&pem=999&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.imzt2kadl8wn&fsb=1&dtd=264 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5945208862215231&output=html&h=90&slotname=3546254966&adk=2834947142&adf=272530252&pi=t.ma~as.3546254966&w=728&url=https%3A%2F%2Fwww.sharing.wtf%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643376545989&bpp=6&bdt=260&idt=221&shv=r20220126&mjsv=m202201200301&ptt=5&saldr=sa&correlator=74279130059&frm=24&ife=3&pv=2&ga_vid=567113236.1643376546&ga_sid=1643376546&ga_hid=1338826182&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1576167272&scr_x=-12245933&scr_y=-12245933&eid=44753656%2C31063221&oid=2&pvsid=1723598639359452&pem=999&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.8tqupiulh9yx&fsb=1&dtd=238 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a99e0051ac7551d76a227d9d6923929.safeframe.googlesyndication.com
acdn.adnxs.com
acdn.flickstree.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.remix.es
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
api.adinplay.com
app.dirrrtyremixes.com
app.dirrtyremixes.com
app.playstream.media
asset.pagefair.com
b1sync.zemanta.com
beatportmp3.com
c263c22cb645df46d77a2c2dac4270b5.safeframe.googlesyndication.com
cdn.jsdelivr.net
cdn.tynt.com
check.fraudscore.ai
cm.g.doubleclick.net
cpm.adsolut.in
de.tynt.com
dirrty.remix.es
djpool.net
dm.hybrid.ai
dmx.districtm.io
dsp.adkernel.com
dsum-sec.casalemedia.com
edmfresh.com
fastlane.rubiconproject.com
foremedianative.com
freshremix.net
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
ic.tynt.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
mc.yandex.com
mc.yandex.ru
mp.4dex.io
mug.criteo.com
node222.impressionssl.adshop.infolinks.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel.advertising.com
pixel.quantserve.com
platform.foremedia.net
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
pubads.g.doubleclick.net
resources.infolinks.com
router.infolinks.com
rt3016.infolinks.com
rtb.adentifi.com
rtb.adxpremium.services
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s0.2mdn.net
s7.addthis.com
scenedl.org
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync.1rx.io
sync.adtelligent.com
sync.go.sonobi.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.dtscout.com
tpc.googlesyndication.com
track.gaug.es
traxsourcemp3.com
u.openx.net
udmserve.net
ups.analytics.yahoo.com
waust.at
whos.amung.us
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.sharing.wtf
z.moatads.com
asset.pagefair.com
sync.adtelligent.com
tpc.googlesyndication.com
udmserve.net
104.16.190.66
104.18.29.199
104.36.113.17
104.36.113.24
135.125.163.79
141.226.228.48
142.250.186.130
142.250.186.98
147.75.61.140
15.197.193.217
169.197.150.8
172.66.42.247
172.67.166.245
172.67.218.209
174.137.133.49
178.250.2.146
18.157.252.145
184.30.24.121
185.184.8.65
185.33.221.53
188.42.29.166
193.0.160.129
198.47.127.18
199.212.255.244
2.18.232.130
2.18.234.21
2.18.235.40
2001:678:cb4:bbbb::11
209.54.180.144
213.19.147.44
2600:9000:2156:2e00:6:44e3:f8c0:93a1
2600:9000:224a:8600:8:3ed5:e880:93a1
2602:803:c001::200:194
2606:4700:20::ac43:4739
2606:4700:20::ac43:4bf1
2606:4700:3030::ac43:d9ad
2606:4700:3031::6815:dbb
2606:4700:3033::ac43:959f
2606:4700:3035::6815:14df
2606:4700:3036::6815:5164
2606:4700:3036::6815:5ca8
2606:4700:3036::ac43:deda
2606:4700:3037::6815:3471
2606:4700:3037::ac43:ce2d
2606:4700:3037::ac43:cf77
2606:4700:3108::ac42:2b42
2606:4700::6810:5514
2606:4700::6812:372
2606:4700::6812:acf
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9a
2a02:2638::1c
2a02:6b8::1:119
2a06:98c1:3120::7
2a0c:5c81:5142::2
3.126.56.137
3.251.21.8
34.98.64.218
37.157.4.40
37.18.16.22
38.27.122.101
45.133.44.3
5.178.65.246
50.31.142.31
51.38.120.206
51.89.24.69
51.89.7.202
54.196.80.103
54.228.102.236
54.84.55.94
67.202.105.23
67.202.105.33
67.202.105.34
67.202.114.214
69.166.1.10
72.251.249.9
75.2.4.128
77.245.57.72
78.46.217.123
88.99.215.229
00cc4b8ae6453104d22d9565039968cc2783db8fab51849c34897c21462dd8e8
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e888c04b8bc98d0fb7eb7861f42ca72db696d137f05f05c5ae454d1bdf3c3b
01a2818bad367d74f0e4ae4450445816dcd212911c888331d75f9edc3f4ddc70
0373cfa5cce3be91364a2dd7e643f84369704b4b8bebf06cb8d4b68b5d882832
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0598dd3e4f64e38ef01882d8f3d8e1956e4bbb52c5a7fc02fdb6a5d9d1791956
070d79e27bc70b05b1059445da1d1cd16d2b14c21676312c31604404a847b112
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0f4fdf9f78a6678207ffa7eabc4f2a2eac3cd756b3aa69c6ad75b4dc81ce1d36
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
10815e9b5addf60315886f7216b0530fd58fa8580ca6a81687f14ffee517c619
126f0de97cfcba019f4e8d55dba5189e721cdaf9b62fe23f25aa5494d3f7d19c
13e568e8d8a410012d90bc0eb9a6807cdefd7978cdf06c72cb0929236c79abad
14fbd94cbc204ce4a730c765b0aa050d038555551e7c98bf4efb28db087d4529
15479ef5a4c3308a3c3acbdb1841035df455d9b7e6f2acec6d29ec9aa1df246e
165edab02224e989f70df304bec51017f29c55aa9309fb2d136fcdd3a1fb7c7a
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
16e2160edd23e7985f423751d9d261f8593c0d71f89fa012c3cf0e3b47e652be
192e4e1e6fdab2d62997b5dc6b6db5f625e8b869843f17714b2cd84344668f40
1b07df7275d5ca2bf972ecd5f217a7caf1e55f93ac32d26454a6a11a9078be71
1b79c991df0552998e0cb890f6de7b47e74b3e01f208a566ee90db1ea2f8c0a8
1b87009e8f8dbf0c8fcf578961f7292e78d19960eb513624c6cc4503f24dfd2c
1e862362b97bbf331176142e8102ead2463aabf19ccf249ea30907f4902b0cb6
1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b
217bffe44b964e10fe120949b9a143b665a8c03a57ab348713de7d8b2878345e
233a048b5eab2ecc75e2f72bf9a65de6ac06e697746156ade5b144305d76ca3a
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
2688ac58d937ca646a28fbe551f8c9ab0529d14dc90941ad56183cfb69a641bf
282cad9f87f0679d70cb4a8e31d8b294d0caadfc7442717538572f5b1aa31cba
288eecb154bbc708dbeabb9ae90e2d04c420f5b0b7c2f7baa52564650829df34
28e8848a7288d1bd5064b6e5deb78cf39627f627c683c19327679421495c0906
2bb4b6318510e8591ad23a2c2a5dc2b3bf1c9a7f0dc31ae70c62377a17877dd7
2d6f1126fbf381ae50f1264f82d5d2c55c400067557abf21387ab4c72af624cf
2d9574ce1b6890bd6ccf1ef3d04fe1328f35c5bbced7b6b331459119ef4fe480
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f040bf83eb349e3cdccb65c43000e2ecd4928348e3c82cfb5c9f4e9b94babac
2f2bcb0b842f3ed514ec601e5e72386ad0ed0c348a3ad505a0846ccacbc34834
31cf1db69eaf84cb88cd1efd33c7346f8257bfea088837a62ccdefa96efff7d0
33439b0e4aaf1a05e869609e0b43eed3173ac103afac8a4376a1f3c55bf56678
338a6aa64adcedd95491fa3834f0c37e924cddaa65f42f6956a125a582b143e6
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37be654a36cfd07acf97729e3ab480317dc2644c152bfbebd36376ead8dbde47
383218cb294a8a07fefa67740d966d1bef0e356d01e9fc63f4b2dc136c31f863
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3a837873b3c174524e190a4c9a9bf52379cac4d2822bb5e524c60df2d9d15abd
3ca419a1c3a0a256fd1c875eafb2e94ef162e2f0920596a831eb6f23d3795b44
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dea43c9b2452e3fedc3cf41878835f46ab48e52e9038d2bceb2443c5dc7b98e
4169826fbd9498dd3ae10be5ecf126833055b3a2b4e224ae22a81139cc14bd2e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b2acd28a4bf0aedf47d73bbc69804d3ffe45c504eff20a5c11c4a26582e4a4
474156ec01bbea960ae3eda4515b79d33ea19f1aa7a585b6a0162ec03d5e2d51
476a15ddf507973fa5f641d6fb1b9b37b9c630a502fc43e74544cff4f7c72135
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3f67c68965b4076cc7bc531f648c3a15aa30c1b9cede0486afd4eb4353f8c1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56232ab3283e454489f0e3fe503cc511856b765c5566d5210aadacf81ba3fffb
569de589d8cef183783583db15262ecd761dc4ca47abd2645b2b475116fdb47b
56ae4a1f40523a959737a8f65dc36713ae7c7470c6273b2e357a182bed964449
57145af5e5b17fb3195d77a245a1b01c4dbdf1f7d9772967c5a6055a336dc82e
5ba99699e18309fa14c4963932307d90edcff6940afb5e99c9267f9c4856ec04
5d4a5378ed9f8bf68dbfb6246761e6d44e2b11fa626d8b4f8d1d6a779f037cd2
5eb35b0f3ef71b4f225145faa254ac5357eea3ab2657e24f589e40a408947c22
60ac8d682d62301186cc293d7d8261fd655b8b112a36a433209b6c8c35ed509a
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626a9fc0d4904d184d5de01f639caf95e1cb07f3dd287f3bc40aec20ac88263b
64604a28402fdf655fd995a7e9593171374f67e3f05ee2a92bc7d0c3909f69d9
64f908e2ffe891cb7649bf3036f8987d0a297352da146961f58212830887c456
6509182c223425566a7f4f3af7309442c2f8608e16046f6c53dd1f25a23daa08
65ca07333aae7a3e59fbb77cf883f58356fb5cd7ec1fd98894a2292a8f207c4a
6b80cc6bd4159ee9d40e84386c005b9042cb60f6c4dda34ed7d9df99d8a93013
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
703d8134b250ac28b8778fbf5855f56fde1878b9be631357735de689474c4440
71856c43c19b9468c42505f7acbe8a4e12bacb3c3c078dcc2d212cf7aa26a639
743b919a337dfbb6d1e8648d0793532d47f8af48059e17f7e32ae8738c7614a7
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c
755d33022faa2a301317f57104f9e3b27138fef9f84a3e285e07a1265ac702ad
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79db41bb706b2799a7d4ab3769fa0eeeddf32c504a5054be9b00f30622a9efe6
7c7be8510a4e0bbac1434c68594640e78798244126a2e5e57ca1fe25c1ff7beb
7ceea477adb1f1ce1a719a8f281e65e5cdd7ac2f37f2709a880c47336681d063
7e2d0277201932ca63537359ba595328cfee5eb8a2e3c39c1eef8f65c07f8032
7f87ee70e373d8752ac6ccdeded28ef1f9a3c9eda90ed5c480fb2e3034b47255
8109d839c097816638bda57ab12be8ba9451cdb88d64c5bf6426fd326151f3ce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8362e39aba607c86620ec90e80362d94156610ceb0bb506b390952d1ac903534
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
84cc1b50e5e6f2984ad3e75988b1edf5a32e8020f746e0c36c5135c3605f9e8b
84da0acc29d0afd860c0cf50301a2b5e31ead305d5d57761729feeab036f1980
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
86d06f0e5f9de695408914746ded8bc3455d103eeedcc157750273d2d3ab6c0a
86d0ae5ece3f8698ae121611ce572c19516a37840350f93a8862a2381300e607
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4
894fd647f2a17bdf254524c692f3a1dd41a6bce24f4349a9b76e4ffa9f9115df
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4a269d0a2178b485f9a4428eb0f49f942e583ca6e24a4926a86744633d5d7d
8fa669071ed5fb03e9954ba360885e7ba95fb77ae5448dfc313c3c01202b46aa
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
9509c1e67bedbaded059d0aa8d5cee65cee3c9e3f43a5952a7a233cbc10810ae
96685c626a38c1f3d67f960ea5df55804239ffd14dd20e4f07e1e6b3616f234f
9885d288a75dd98489c1c64d899fee8551928f80c259c4f88d4d7f6d3ef51940
9898b7091f5cfef072855ea4916faa22ae29041ee5bbf211f752e53e2d20a15c
9930043ffb4753c135a12f6be97e24ef56fdfd5aaf1af6a204d99937a7ba8ef2
9a6e94bd20712d563b536fbbeed0ec51909ef97a6e79a690cf830fa3c6aad074
9b36949876f75f2961b55a066b1f9695ec8c3772771d700e951736b1fba45cbe
9c9f251d98edd1208a6c45aee90ff4011ed964e87e8bb622ae7a45249f1dae43
9cfdf6a69d74950eb08e57c2fefa04a709935443156455cf4d96c640974d38f6
9df5999aa7a1d1cd7de83699ba024b9fdfa69caa982d27fc067bee7a24c0e94f
a0a9d7833775e69429b74f5998f2bc54b0d366217d9b65c609b20eb0e6137fed
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10d5f8325553e96dc757de567977c5c5a6d53197cf2985080da090de90d8956
a13ef8fb367cf3402ee10ae08364d3213444b74c16e0f5f58ccb06aa0f06a610
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a66e1f116f7a1960caa2ca0e0fe9a1c83541cda6b61bcc44fc7d2fed8841907c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79813d0ddba46deaac5a38d7a50f838d4999422e5d60fec3a5888c9394c9be2
a7bd1334f301c24ce594782077437f378992fa2d2608275a1e9bcfdcc9c9aea1
a813da18118eee96970a992296ba4f3487c9e8b80b25d9812775dd5debf1b80b
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad56337270c6fd9a8e1eb1dfc162878e6b571c79cd9ea55d08ba8bcd0dc97ac6
ae167e7a780a2e610ee670604e522a8b11a40139c56a491e6eacbae1a4e25bec
ae6dd1a5a95983fa63ac01d5922fe25718afd7ba31989914dabb49091f07ce28
afff7cdd8f6f0ca43b26573840f5ec5d3302dc1fc2b2209a1163e3978c9d012c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b49885ee9e161e5595dfe428642255234d8d557c85699bb8bba72499717498c5
b53910d40ba2801ce5faee60b42204543b8c12dd569079aacfd6cd7c375d3a81
b9e2cfdc48e6588f31ae5677f5c2e7e23aaffb861ad27499f8a247771535ed30
ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c
ba03cc685ee113c6a8bde68f5e37f74e8285d0da7bf3d50f916acec186e93edb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc28f4decaffac8127cbc295059a013c2e6017bb67226aafc132e0fb74ca7d1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c38b1b8ee8cf8b9321d49726d014f0f49c34f580d8fd1bd69b44a8ecd52a7826
c3d7e2388a1674492150a562d765710b7b189fbe00fe39d47c487ed82758789d
c3e51a32765a46a8bad6e474e93598a9673c13666080775d75444fc8f8c3da8d
c54dd84d49646c6fc88a5858160d2d4fb6b6b2a7896702eb7d0b9d370d121e21
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
c61f114d3bcd037a92e53efc4229540bce30752ae1895b158fbf11ad8109a97d
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c7fe89a030ea54a29616f0a473366e07d109dfb775f2afa050c2de82e3606fba
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cabaabab26a777959cb28bc1460c059ba210a37745cb57bdc3ddca2f28955c6c
cd018678d18af536476cf3ad07220604bb7d9ad7cc6d8ba7fbd743591802bf9b
cd60311b7f862c00d9e8355287503804d66b0143f1245cfb51785f6839e6480b
cd87cf36d9f35db800b433d20f5159731da93c14c68354058acdc51cb1a0bd58
cdaa1fa87ad83129b5cf578e4fa086ecf9af58ab1fb61cef96c1d432db239a63
cf42d4b9292667bd95276b66405d68ba67d30c91946724f10525579548cacac1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10d44d4a92b0e7019f127423dd660872a353e6dc5d9510c52706c709202f85d
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d334a1ed69f6d7b3308c0b95360ba399e877d8823aa210ac19672372296ad254
d3ffd57030c01c60c74807bc7891a20b752e1811d0a600a2045458a20c919558
d4b7b3386203ea7d49946c321ec9e297009d94ed1d49253cca2a0195cd1fca1e
d71599238e25608faec1d4fb7286e308dcf8322a66ec45f32a9c0a8ec808ba5b
d72616e59f2ba832c54a0e734cdf0a79cb8730f81a07b5de43864c15a240e221
d962d20dea200a9de2ff7539c2bb262c474a734888ddb19bb607e1c0dff9a20c
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
db17b8f931ce15c9ac70dae0f4ca9729e46c316bac58f96786b3edc73774fbac
dd451f4c6497debe481c082c5df0f6abd7aeadab1c3f96ec75b69f738edcdd53
de474c28c58934d333709003c8490c1ff3a5bdeab6d791c0b0ce64b61fa487f0
df0f530b4fc796956827f8dfcc834d99c51152f2dd8fcbccc5cc5e1c70083d32
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
e04b7ddd992665c7257119c8cba87e383065d43e0072a777f46c405e7caf1b6a
e0fe5c88f296a605e17568d042762fbe8917d47cbff944f6e0b7beb12fa6dabe
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1df256eecdc5410c5b7e6cfc2195ffc2c6434eb01f67ec31059c9a4b6af39a7
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e354fc3b46b8e628749737188716e04705feca86feb0fd6d6768d15bbd16048e
e385aab54e8bbd8b5c33a8a02cca77054752ee4afc1acab435d449ca3d5e09c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
e519487292cc8f7d22fc2ab346cabc47f3fe32f4cf73f3b2ac8933d246d98d7c
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
e9e72552a737ec5c82a320b2157f862ec401baa25f731d3fd1441297eb5e9cf3
ebf4e570b96d611fa540bb8745ba518a1005d50c4589a2c2cf3a60a97151a184
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06c0fff066adf545fea59e2370d816365dc0fcd293988611a43ae4d74bc3b47
f4b5fa539234afc2f04a8916f13a3ab973a82d4def74d62e46cbff04621255ba
f527d2ab3efc153a4408204447a221c269511593d05595f3ef28678663bdbffb
f62ddd1bda63fd5d45d1a23067b24c84dcd061fff8b58ebb0c9da60d5a80267b
f6626568ee243b737cdfc12efc464eb97d786bdcce590a0326427e11f360293f
f809de94a782db6c7c5bc85db8bc8f6b05b1a473f736080b3ea8377fd6ed35cc
fa77538239ff2758ff9fa8ef646cad3e9ca818dd13fbf15ff3ca8a8bee173c69
fb4a353f40732e4dd64d44525c2a22393cba70808417ce8e547f321544526f10
fb67b3893508d7a5e285d49bcbba927d3bc2b1afc44e95863559a70bada2f6df
fd8cc656a0db56dab25f34b2fb4ef4a06f1a86037843c84d868482c725fe08cc
fda80a344f493a216c0242e0b2c0e1ad9381c6124236e69d700d249b3b899098
fe7d59cd861fd1a20919f7373021f3f8c241343db5e5275669778df7b67bd1ba

www.sharing.wtf Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

324 Requests

92 %HTTPS

42 %IPv6

81 Domains

106 Subdomains

84 IPs

12 Countries

4020 kBTransfer

11136 kBSize

98 Cookies

22 Outgoing links

Redirected requests

324 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sharing.wtf Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

324
Requests

92 %
HTTPS

42 %
IPv6

81
Domains

106
Subdomains

84
IPs

12
Countries

4020 kB
Transfer

11136 kB
Size

98
Cookies

324 HTTP transactions
4 data transactions