dl.orangedox.com Open in urlscan Pro
52.39.32.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dl.orangedox.com/FamilyFeud
Submission: On October 13 via manual (October 13th 2022, 11:34:04 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 64 HTTP transactions. The main IP is 52.39.32.138, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is dl.orangedox.com.
TLS certificate: Issued by Amazon on September 20th 2022. Valid for: a year.

This is the only time dl.orangedox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	52.39.32.138 52.39.32.138	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
64	14

23 52.39.32.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-32-138.us-west-2.compute.amazonaws.com

dl.orangedox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	orangedox.com dl.orangedox.com	564 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	310 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	54 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	43 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2668	365 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	2 KB
1	gstatic.com www.gstatic.com	14 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	47 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	646 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	74 KB
64	12

	Domain	Requested by
23	dl.orangedox.com	dl.orangedox.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	dl.orangedox.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	cdnjs.cloudflare.com	dl.orangedox.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com dl.orangedox.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	fonts.googleapis.com	dl.orangedox.com googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	dl.orangedox.com
64	14

This site contains links to these domains. Also see Links.

Domain
www.orangedox.com

Subject Issuer	Validity	Valid
*.orangedox.com Amazon	`2022-09-20` - `2023-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://dl.orangedox.com/FamilyFeud
Frame ID: CEF7DE16B72C5D05DE95876F4B8C1305
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20190131/zrt_lookup.html
Frame ID: C852DE5C7BBA36B2B80FB2E780C06117
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1034717561530911&output=html&adk=1812271804&adf=3025194257&lmt=1665660838&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdl.orangedox.com%2FFamilyFeud&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665660838683&bpp=2&bdt=1195&idt=95&shv=r20221011&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4337512658997&frm=20&pv=2&ga_vid=948572042.1665660839&ga_sid=1665660839&ga_hid=1721240974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773613%2C31070209%2C21065724%2C31068921&oid=2&pvsid=812274406780908&tmod=1196875680&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110
Frame ID: E4B32A965E1D8D02A908A5CD519E0970
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 80BA4C1AFE79BEC925F953A4629E9507
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js
Frame ID: 81433B722960200C9682EA9540B75261
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 45A5B950B49813FA16ABCA31548089AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE049F1AA6938CBFF0E7866A6270A01B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FamilyFeud6.6.pptm - Orangedox

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

100 %
HTTPS

92 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

1111 kB
Transfer

2171 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.orangedox.com/publish/?c=viewer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request FamilyFeud Show response
dl.orangedox.com/ 8 KB
8 KB 1150ms
529ms Document
text/html 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: 58e961f89ccb6bdf30ce733b0ce0e004a020622ca95ebd64667e0c5ee8a28e78

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-control: no-cache="set-cookie"
Connection: keep-alive
Content-Length: 7770
content-type: text/html
date: Thu, 13 Oct 2022 11:33:57 GMT
x-powered-by: Express

GET
H2 200 css
fonts.googleapis.com/ 2 KB
917 B 64ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 11:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 10:48:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Oct 2022 11:33:57 GMT

GET
H/1.1 200
OK fontawesome.min.css
dl.orangedox.com/a/css/font-awesome/css/ 89 KB
89 KB 187ms
183ms Stylesheet
text/css 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/css/font-awesome/css/fontawesome.min.css
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 6a779d23916e28decbabcb7a01acd0842d0532823c63c95934b7772ef2d9c41d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
last-modified: Sat, 06 Aug 2022 19:05:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "dfba27b9ff39a40841f6d74021267b74"
x-powered-by: Express
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 91088

GET
H/1.1 200
OK regular.min.css
dl.orangedox.com/a/css/font-awesome/css/ 632 B
991 B 190ms
185ms Stylesheet
text/css 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/css/font-awesome/css/regular.min.css
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 7accee75e0a023ce7d08f70cedc4d0cdd6cd2caac5f5ab90b281c32ea2e6f3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
last-modified: Sat, 06 Aug 2022 19:05:07 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "a80ed755e46c3cfe903bab5a50c1c2ce"
x-powered-by: Express
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 632

GET
H/1.1 200
OK solid.min.css
dl.orangedox.com/a/css/font-awesome/css/ 624 B
983 B 373ms
183ms Stylesheet
text/css 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/css/font-awesome/css/solid.min.css
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 0ae4eb2a13046f28af8d13d707ca1616bb236b0fd00d0784b14b423ad55950f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
last-modified: Sat, 06 Aug 2022 19:05:07 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "ae6d5e1ee5483c00145805a48ea81573"
x-powered-by: Express
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 624

GET
H/1.1 200
OK brands.min.css
dl.orangedox.com/a/css/font-awesome/css/ 632 B
991 B 510ms
170ms Stylesheet
text/css 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/css/font-awesome/css/brands.min.css
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: c38354a04ff57716714e9c23080d41bb29ee8b89a18dc4c78e587270596e6920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
last-modified: Sat, 06 Aug 2022 19:05:04 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "326321d2cbee63e93cb4c5d2821316a3"
x-powered-by: Express
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 632

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 50ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6106055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3058uK4SnaWWUJvSCs8n01nw233DCnX2cSaA%2BXxxSYH7wOcRuWY9Suky9Qj%2FbJBl05D%2FLATKUHAM4lD16Y5eG8HG%2FwjwAJ%2FpLssJIN5gynUc1k1p6ODEbEHyOQCff8o015JFxV6gDzXR9AoFdaB9d7i"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7597c36a7c669bfa-FRA
expires: Tue, 03 Oct 2023 11:33:57 GMT

GET
H2 200 json2html.min.js Show response
cdnjs.cloudflare.com/ajax/libs/json2html/2.2.2/ 7 KB
3 KB 48ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/json2html/2.2.2/json2html.min.js

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef230eff897a6b97ec7c28925e6f37aa870b11b3f00eb5dc988cf282753c04ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7488425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2333
last-modified: Fri, 08 Apr 2022 23:06:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6250c000-91d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0e59ozzANKiz1vpMzQg4cDCkYt9nbudCnIAw71s4I%2BKEat5CWurSQ26wA66gHDe1zUghNvDAJM3%2BjBJqX9d0aMlW%2Bbf7GAkqPRCvgg4q4TRAWrNr0wRMvOZjoepeQlBMD90Y3XWaiKdZsMTD1hrGrOh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7597c36a7c6d9bfa-FRA
expires: Tue, 03 Oct 2023 11:33:57 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/ 57 KB
17 KB 46ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2041427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16919
last-modified: Tue, 06 Oct 2020 12:01:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7c5ca4-e5ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2PRWrMagYqU%2F25PJPhe7NquA2blnwXojgQQGNGt30j3dj%2B6Q%2BuQEpqyVJzyl5JcgUjlc0vVcV%2F6k68SJRJ4QGTbG0k1ZGNjq9laAOPyalopjY1dZOca4a6KzvPIxgQYLAMx0K0SK5f5l6%2Fb8lGSdurU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7597c36a7c6e9bfa-FRA
expires: Tue, 03 Oct 2023 11:33:57 GMT

GET
H2 200 featherlight.min.js Show response
cdnjs.cloudflare.com/ajax/libs/featherlight/1.7.13/ 9 KB
3 KB 53ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/featherlight/1.7.13/featherlight.min.js

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd21104dc97db6fc980c0f12ba157f3cc9fddac84dde4367f02f6f9db05c13d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2046135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3183
last-modified: Mon, 04 May 2020 16:10:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e59-2404"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNxK62vwdCtfaAwdVRZdabhMHyAyOuwbV6MOsoQ7ZX5VUF3Q0%2FkMPGYoTVY6%2BLxt5zrzQDaaQgOfcDdxkLkxT5vrJ03N8x8BJD5wTwfXWBRL4oWhXjCOCvBqbwbLJhJ8QZn2ubUfHCGx1Ku2Zxr42w5M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7597c36a7c719bfa-FRA
expires: Tue, 03 Oct 2023 11:33:57 GMT

GET
H2 200 featherlight.min.css
cdnjs.cloudflare.com/ajax/libs/featherlight/1.7.13/ 2 KB
1 KB 44ms
22ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/featherlight/1.7.13/featherlight.min.css

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 724179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 599
last-modified: Mon, 04 May 2020 16:10:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e59-74c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkNF5mtkqR%2BwTbsPkU%2FHM1arTN1U4dsk2LUEEdYBZiU%2BUxMtDy1GEsZ8kvDGV6OHxftwOHsezdS9FR200y2NB33jR%2B8WSvR3f%2Bp7JwiO0Dp%2Fr7c4G%2B%2BQ8JRn1Oc3GX1SpDoEbuafF1BSakdQtp6LJQ3f"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7597c36a7c619bfa-FRA
expires: Tue, 03 Oct 2023 11:33:57 GMT

GET
H2 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/ 5 KB
2 KB 58ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/toastr.min.js

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1778763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1885
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-15a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fznMY3BPV2SzVrcm8ojtM71bDkE6bY5C0DtlZDsRTdZsZPlZuG3b2xsHW%2F%2BcCvAYlimKXFnJ7pjPPdhCz36DHOurBx%2BqEqcdRUG6z3S4oPHw5QS7ZPXm7Qlmmx5kl6iMODkmFzjWhqre20xP3mgoOH57"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7597c36a7c7c9bfa-FRA
expires: Tue, 03 Oct 2023 11:33:57 GMT

GET
H/1.1 200
OK date.js Show response
dl.orangedox.com/a/js/ 595 B
968 B 541ms
181ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/js/date.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 116cdbcc467d2a3e050b50705474d09668c0f5332d7144fa5704baa8a92498e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
last-modified: Sat, 06 Aug 2022 19:05:18 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "fda06938ef7d15cf59227fa82a542aa9"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 595

GET
H/1.1 200
OK modal.js Show response
dl.orangedox.com/a/js/ 937 B
1 KB 557ms
184ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/js/modal.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 70be498b48b32a22cfb42215dcf7319379ee56038005d2d1206f96422d130302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
last-modified: Sat, 06 Aug 2022 19:05:19 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "8efd1d643d0fb053c97be81c569fbff1"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 937

GET
H/1.1 200
OK notify.js Show response
dl.orangedox.com/a/js/ 528 B
901 B 680ms
170ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/js/notify.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 211315c5db020bce013003184286e80edf10dfeb13f62e29be162b442a994724

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:05:19 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6bc39344da7c6fb35d4ccfaeb48b8ec8"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 528

GET
H/1.1 200
OK tailwind.css
dl.orangedox.com/a/css/ 45 KB
45 KB 698ms
349ms Stylesheet
text/css 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/css/tailwind.css?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: c7c2db7e03933e70364bdfcaa8d8ed1788b81757a414063b7a3fd0071f357426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
last-modified: Sat, 06 Aug 2022 19:05:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "c74f455c06ec0d031c1d2588478cd130"
x-powered-by: Express
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 46047

GET
H/1.1 200
OK twui.js Show response
dl.orangedox.com/a/js/tailwind/ 4 KB
5 KB 724ms
183ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/js/tailwind/twui.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 570fa7b966be70ad8dfda058e614597b6e1d8b16adfa9b74fa016de097041989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:05:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "863e0a604713d5315cc76e67c6835a2b"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 4509

GET
H/1.1 200
OK twui.modal.js Show response
dl.orangedox.com/a/js/tailwind/ 3 KB
4 KB 723ms
180ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/js/tailwind/twui.modal.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: d7500ce9a4534ae23e65ea9a119bd9eba3261e86abc8ec50ee265c5c49f83946

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:05:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "bd8ad67fe0ee959fb44c146c4bbc8679"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 3578

GET
H/1.1 200
OK tw.window.js Show response
dl.orangedox.com/a/js/tailwind/ 1 KB
2 KB 740ms
183ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/js/tailwind/tw.window.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: fe89f02f669cd301907f30395d8258a10857501de620bec4ae6a334c3b0b28a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:05:21 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "bf9989db0956bf5cc78c59a85aa68ebe"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1502

GET
H/1.1 200
OK socket.io.js Show response
dl.orangedox.com/io/ 105 KB
24 KB 852ms
172ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/io/socket.io.js
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
cache-control: public, max-age=0
content-encoding: gzip
Connection: keep-alive
etag: "4.4.1"
transfer-encoding: chunked
content-type: application/javascript

GET
H/1.1 200
OK base.js Show response
dl.orangedox.com/a/component/header/canopy/ 420 B
793 B 877ms
176ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/component/header/canopy/base.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 20004c1a91d6c639e446042abe9a56b4004bc528e064f76329eeed056aa8146d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:05:01 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "d43f48423c09297682ab386d5e4942f3"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 420

GET
H/1.1 200
OK blueimp-gallery.js Show response
dl.orangedox.com/a/js/external/ 31 KB
31 KB 906ms
182ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/js/external/blueimp-gallery.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 4bd20b4bb595465d93326372dc6c4b77ff7c8bcdf978d8a58f8f6242573c0238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:05:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "f43bcee1f2632190ba64e105bb5ec210"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 31564

GET
H/1.1 200
OK index.js Show response
dl.orangedox.com/a/component/images/lightbox/ 1 KB
2 KB 906ms
182ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/component/images/lightbox/index.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 1a366cec9896087beaa98a35d8be9156becd234e94b70cd96d6b99c33920b426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:05:02 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "b93ecfe7d2d4a3677e73c853b930ec92"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1510

GET
H/1.1 200
OK base.css
dl.orangedox.com/a/component/images/lightbox/ 13 KB
13 KB 700ms
352ms Stylesheet
text/css 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/component/images/lightbox/base.css?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 05369e765f99e649fc32b2e89181c5ce1c9bae1f429c622c5d7cf1abad3c01b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
last-modified: Sat, 06 Aug 2022 19:05:02 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "8878a14682df340cd422582a99ab90a6"
x-powered-by: Express
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 13124

GET
H/1.1 200
OK auth.js Show response
dl.orangedox.com/a/js/ 2 KB
2 KB 922ms
183ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/js/auth.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: c8efa1ba706d4b1f2e81cb713965a345d4ecde48663d2df0c3e19dc5080f350d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:05:18 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "d98bef9b7f4d0906f97ea1d8e4c77583"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 2082

GET
H/1.1 200
OK support.js Show response
dl.orangedox.com/a/js/ 2 KB
2 KB 1046ms
176ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/js/support.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 53aa81755ce910568f78735181f90f9ab2308007b23f564e762b2073ec89ce48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:05:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "fc09e78aefdb8ca7fe27108d704a4960"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1674

GET
H/1.1 200
OK base.js Show response
dl.orangedox.com/a/component/download/modal/ 3 KB
3 KB 1052ms
175ms Script
application/javascript 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/component/download/modal/base.js?f8551488ea573a191433f0d470adafc9
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: c9dcb17469a0019ce9f1d8704769c367a1307143b59f0d847784c35cb1c58b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:05:23 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "541a543dc30be719bb023c0fe41bb4ab"
x-powered-by: Express
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 2664

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 66ms
31ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TDHQGTTDB9

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76aafb189ac19e4e594d0614f3064ecd9c3793a456b6a3bd68f130604384a60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 13 Oct 2022 11:33:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
54 KB 106ms
71ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43df9d226317a2e8b653974f1f4e37d991e566ec5933b147b5de653b66397735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54618
x-xss-protection: 0
server: cafe
etag: 17598200877052596651
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 11:33:58 GMT

GET
H/1.1 200
OK image-nFv6JdZA417r.png
dl.orangedox.com/v/default-e/ 18 KB
18 KB 176ms
176ms Image
image/png 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.orangedox.com/v/default-e/image-nFv6JdZA417r.png
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: cbbb607fcf3dd24a8658ed88bd6479e190c95de5fba1b4af9fcd7043addc099a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/FamilyFeud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Tue, 19 Jul 2022 21:01:54 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "f1335e560448cdd7ec6a1b040f389f51"
x-powered-by: Express
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 18254

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 46ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TDHQGTTDB9&gtm=2oeaa0&_p=1721240974&cid=948572042.1665660839&ul=en-us&sr=1600x1200&_s=1&sid=1665660838&sct=1&seg=0&dl=https%3A%2F%2Fdl.orangedox.com%2FFamilyFeud&dt=FamilyFeud6.6.pptm%20-%20Orangedox&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TDHQGTTDB9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 11:33:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dl.orangedox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
dl.orangedox.com/a/css/font-awesome/webfonts/ 138 KB
138 KB 176ms
175ms Font
binary/octet-stream 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/css/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/a/css/font-awesome/css/solid.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 32a191572908746d2e318ba46d98d44ccb92ac9354ba06aad2fe3a47aa354753

Request headers

Referer: https://dl.orangedox.com/a/css/font-awesome/css/solid.min.css
Origin: https://dl.orangedox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:04:58 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "43df9d1bc2c86cd9a2c5e7ee4937a45b"
x-powered-by: Express
x-cache: HIT
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 140868

GET
H/1.1 200
OK fa-regular-400.woff2
dl.orangedox.com/a/css/font-awesome/webfonts/ 170 KB
170 KB 171ms
170ms Font
binary/octet-stream 52.39.32.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.orangedox.com/a/css/font-awesome/webfonts/fa-regular-400.woff2
Requested by: Host: dl.orangedox.com
URL: https://dl.orangedox.com/a/css/font-awesome/css/regular.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.32.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-32-138.us-west-2.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 94f879482ca4d3703313c1fef1bd5428f16c61d2b185ac5d1fe150da207932d0

Request headers

Referer: https://dl.orangedox.com/a/css/font-awesome/css/regular.min.css
Origin: https://dl.orangedox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
last-modified: Sat, 06 Aug 2022 19:04:54 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "640500474866e5f6dfa0d4842e575f40"
x-powered-by: Express
x-cache: HIT
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: private
Connection: keep-alive
accept-ranges: bytes
Content-Length: 173580

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/ 352 KB
116 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034717561530911&plah=dl.orangedox.com&bust=31070209

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46eb2053688666a1c17a1e6e63a2516176f6752430afa9961f3dcdcd85fb156d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118403
x-xss-protection: 0
server: cafe
etag: 12345450060248744304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 11:33:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221011/r20190131/ Frame C852 10 KB
5 KB 79ms
23ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl.orangedox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:52:29 GMT
etag: 9671129459699598864
expires: Wed, 26 Oct 2022 17:52:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
646 B 58ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dl.orangedox.com&callback=_gfp_s_&client=ca-pub-1034717561530911

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034717561530911&plah=dl.orangedox.com&bust=31070209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbd696406c164ced213f8a83c48c78947843ea0a5431a9835be149f9a32423ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 68ms
26ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dl.orangedox.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 59ms
25ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dl.orangedox.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E4B3 106 KB
33 KB 865ms
814ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1034717561530911&output=html&adk=1812271804&adf=3025194257&lmt=1665660838&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdl.orangedox.com%2FFamilyFeud&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665660838683&bpp=2&bdt=1195&idt=95&shv=r20221011&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4337512658997&frm=20&pv=2&ga_vid=948572042.1665660839&ga_sid=1665660839&ga_hid=1721240974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773613%2C31070209%2C21065724%2C31068921&oid=2&pvsid=812274406780908&tmod=1196875680&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f5f6aebc732f2850e93d51fd54b3078a69f950bfe627d6068bb5a94a3c167e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl.orangedox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34174
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 11:33:59 GMT
expires: Thu, 13 Oct 2022 11:33:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/ 151 KB
54 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/reactive_library_fy2021.js?bust=31070209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

193da97151f2ccaef8593d5c21d7617890d9dbd46ef8113c6c3af0a45e611b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55066
x-xss-protection: 0
server: cafe
etag: 3484003253315376728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 11:33:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 52ms
24ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dl.orangedox.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 59ms
30ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dl.orangedox.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/ Frame 80BA 10 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl.orangedox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:42:11 GMT
etag: 9671129459699598864
expires: Wed, 26 Oct 2022 18:42:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 80BA 4 KB
621 B 73ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Oct 2022 11:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 11:04:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Oct 2022 11:33:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 80BA 2 KB
956 B 73ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 03:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 03:38:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 80BA 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMB_ipvdHY_SbNYaGgQfY15XQA-XgrKFr77fw150QsJAfEAEgprKmGmCVwqaCsAegAaK0qL8DyAEJqAMByAPLBKoE1gFP0Oujki7s_vD3LUuXJiYugAWdOkQvq-EaLrUhL_KVNKvgd_-dhZ_rfY8ea4Eatu3G0Z0lE-ymx_y0ZN9Rlz8ITQ_0yKGAqBuFBY0JwzJrlGnwrNGoB0ETgYuteEjC8UK5B6FXgyR-lJUp5ScpIVev9Bb2VzEo6t5FAO1oUKO6tci52voGxxVRLSyYZWbvb4bKQqKxyihLfvXrziAr8c7rL0wbwKApwD-Qf3C9nswViuE4F-_ofL55fu6rih7K0IK4UKLhfcFQB74ITalEbkTMM4lwpx0xwATo2JD-jgSSBQQIBBgBkgUECAUYBKAGLoAHxsvXQKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJ3KR9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMDM0NzE3NTYxNTMwOTExGAA&sigh=DT5B3E25fDE&uach_m=[UACH]&template_id=484

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 13 Oct 2022 11:33:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Oct 2022 11:33:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/ Frame 80BA 23 KB
10 KB 66ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 03:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 03:38:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 80BA 3 KB
1 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 11:17:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 80BA 17 KB
7 KB 67ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 03:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 03:38:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80BA 152 KB
47 KB 81ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 11:33:59 GMT

GET
H2 200 fed584b8ce81e04d8838584f2ea59ee6.js Show response
www.gstatic.com/mysidia/ Frame 80BA 33 KB
14 KB 63ms
13ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fed584b8ce81e04d8838584f2ea59ee6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 00:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13787
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 23:46:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 Jan 2023 00:06:26 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/10229606639567544301/ Frame 80BA 10 KB
11 KB 71ms
24ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10229606639567544301/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44078a3120a5757825ef7b22f37d0d4fef1d10b7bb63318525bbac0614dd2fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 18:31:40 GMT
x-content-type-options: nosniff
age: 147739
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10717
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 13:00:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Oct 2023 18:31:40 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12170484971983623987/ Frame 80BA 2 KB
2 KB 75ms
28ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12170484971983623987/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8cb41aac5cd81c57056789b3f0fabf152bf2bd063d45a4b309f7cfd573ac6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 14:49:58 GMT
x-content-type-options: nosniff
age: 420241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1833
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 19:17:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Oct 2023 14:49:58 GMT

GET
DATA 200
OK truncated
/ Frame 80BA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32fc3dbcc4b84a1b9d41eeeb0dbc8b90f57dc775e8cbc7b9552d2c5d79028ed7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 56ms
28ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37950f4843c268eb58decc0c45cc81cb6b64e4fbdf25a3c1bf94dff68e8f450b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11281
x-xss-protection: 0

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 8143 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Host: dl.orangedox.com
URL: https://dl.orangedox.com/FamilyFeud

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 12:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 12:10:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Oct 2022 11:34:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 45A5 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dl.orangedox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 11:19:27 GMT
expires: Fri, 13 Oct 2023 11:19:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CE04 783 B
1 KB 62ms
26ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec63f3b6686d8c96013b713b317ac31283d2f9a6df8e8a1e0f6bfb314f5f4473

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xyUevCbqOPzAZQU1hyc5TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dl.orangedox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-xyUevCbqOPzAZQU1hyc5TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 11:34:00 GMT
expires: Thu, 13 Oct 2022 11:34:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 45A5 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 12:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 12:10:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CE04 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221011&jk=812274406780908&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 45A5 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KueMNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 11:34:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221011&jk=812274406780908&bg=!mJulm9_NAAYqRg79CkY7ACkAdvg8WkvxLWybkN8RF0tyz3hBkBZTKK0FGpTZ5SiemuiSjY0SlSCG1AIAAABVUgAAAAJoAQcKAC4W3oyKnGGrpDTireizasTyUVepf5ILcBj36it6fLWu6ZCIn9hkqqJLIwk5AZmwmQKoF34tNlYVT23MMPOwGmfD7FcijgEv9qOaeaCvgtMycFMvbcd6RJ69wePEob-D_xc2ybCXprpx1sCBF6EkFdZvwMYjnXFIzr1QCt8SkSzalyDYEm1rLGtdjxS2aEcaIb8U4M1dv2PMKkOIgxY4n_uswVc9ifiMevhxKuXHW1NNmqD7G2hqcF_yikNFl7S_Twft7Mi6ILv7eMKgioz_Jz1MSo8O_0FFSMiKTjqzhQRFLBFeog8ExFrvF6cFzL6pH9LFXwyrfoEERBgcNZ2y0UzbhrSpbTcs50MP-nYycegP9nKsQiOHO1IHc-x3f1zTzQCLAH2Znx6LCVgHD2xge6pwM_MFD9i1Bd4ag9i33rCHkOsbWi58t3PnZ0UePN2WnW19lyMPATlqhRcvzb1ec0Xu47CQgzuBtZSjllmxTGxIJwpcHoldLZddHZxoGp_eThBSizQCA1nD0WRc146pKlLEsr1bE4W5RgMoaPrZ-z_b0-eihqUV-ix2j67Cdr0ISXI_4FTGiSS9ou64V4UwZ8m-3tkNzwnLOAfr0aI_Fp1_JWTAdiUQSHtfnsrmF_VhG1H70q0rL-pdvlC3Q38_bBHzUSCaGC72fvNXiCZaoi_rP29tnUUo1aBTFAxJ1e0Q0tmq64qGZNp5wOZZ7c0sqHq1fJrtHUDnXIppJTH7DPbIYz_5NwIxsxeoH-ojcRKrO6LokhXHNB1we9bhy3JlAjTd2sOq4vUvbMWXHuXUSqshGKDoemfIShy0xCtxQSanG0oIalkFDT4FjnXHIVTOGDCPhZ0qV02oKNwBcsZ4-69PtyoNj9mhD8IdxGAMkE1I5pX9db13Hkng31lnDUUlz0tqhCJqISDzlNu9F4gP3vdS2JzIeSfFGNzUn8vKqkNYSI3FV_hgP6MIsbk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 80BA 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssh4gXYxTvwSCXVUQ8MtMKSPc_gCte6lEo1KjWaf-4mhmuiITsqVv__a6XbY0tjJwMtlaMcNlN5qhcSCtVg6KBtfUDSU-U5AApfC5ezLfqilNbbAV-nZbfZd40MMM6NoB3Hprxxag&sai=AMfl-YSK_ql-ayTsAlnWmLyA6OkrvOWunco5EZSp7Onygo3Ob0TAv-lfvhV835Tt2jec-JSLrVrGcnKvINN4Vgs&sig=Cg0ArKJSzMeAg9qyZCekEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=94,777,1000,1127,1232&tos=94,683,223,127,105&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665660839746&rpt=177&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 11:34:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 85ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TDHQGTTDB9&gtm=2oeaa0&_p=1721240974&cid=948572042.1665660839&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1665660838&sct=1&seg=0&dl=https%3A%2F%2Fdl.orangedox.com%2FFamilyFeud&dt=FamilyFeud6.6.pptm%20-%20Orangedox&en=scroll&epn.percent_scrolled=90&_et=18
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TDHQGTTDB9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dl.orangedox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Oct 2022 11:34:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dl.orangedox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.orangedox.com/	1970-01-20 16:17:00	Name: __odxs Value: TLnSZV3C4aCKr2DGAgr43RtgMg8Zn6gVhJJA
dl.orangedox.com/	1969-12-31 23:59:59	Name: AWSELB Value: 15356BFD1A8A1AFE3F08278A7C8C0B8DD362B6F80D07B60075A7B8265D1159B2AABD0563FBBC8B524DF2DF2197FB2B1AEFFD612CD4B44F9F46ED2BF4B1D8C97D539B8CE021
dl.orangedox.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 15356BFD1A8A1AFE3F08278A7C8C0B8DD362B6F80D07B60075A7B8265D1159B2AABD0563FBBC8B524DF2DF2197FB2B1AEFFD612CD4B44F9F46ED2BF4B1D8C97D539B8CE021
.orangedox.com/	1970-01-20 16:17:00	Name: _ga_TDHQGTTDB9 Value: GS1.1.1665660838.1.0.1665660838.0.0.0
.orangedox.com/	1970-01-20 16:17:00	Name: _ga Value: GA1.1.948572042.1665660839
.orangedox.com/	1970-01-20 16:02:36	Name: __gads Value: ID=ab3f1d1bef303f46-22980bf342ce0003:T=1665660838:RT=1665660838:S=ALNI_MYBmIpSBYeOHjfWSgogmALImebE7Q
.doubleclick.net/	1970-01-20 16:02:36	Name: IDE Value: AHWqTUlPCVkCutZEbw3-vivzwf_FhPxQJeSZc7XyOlczd2Lyd9tf8G9XvMqqCdCzbTM

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221011/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-1034717561530911&fa=1&ifi=2&uci=a!2&xpc=iuXQ79MAvg&p=https%3A//dl.orangedox.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
dl.orangedox.com
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
2001:4860:4802:32::36
2606:4700::6811:190e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
52.39.32.138
05369e765f99e649fc32b2e89181c5ce1c9bae1f429c622c5d7cf1abad3c01b6
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0ae4eb2a13046f28af8d13d707ca1616bb236b0fd00d0784b14b423ad55950f9
116cdbcc467d2a3e050b50705474d09668c0f5332d7144fa5704baa8a92498e2
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
193da97151f2ccaef8593d5c21d7617890d9dbd46ef8113c6c3af0a45e611b93
1a366cec9896087beaa98a35d8be9156becd234e94b70cd96d6b99c33920b426
1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79
20004c1a91d6c639e446042abe9a56b4004bc528e064f76329eeed056aa8146d
211315c5db020bce013003184286e80edf10dfeb13f62e29be162b442a994724
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
32a191572908746d2e318ba46d98d44ccb92ac9354ba06aad2fe3a47aa354753
32fc3dbcc4b84a1b9d41eeeb0dbc8b90f57dc775e8cbc7b9552d2c5d79028ed7
37950f4843c268eb58decc0c45cc81cb6b64e4fbdf25a3c1bf94dff68e8f450b
43df9d226317a2e8b653974f1f4e37d991e566ec5933b147b5de653b66397735
44078a3120a5757825ef7b22f37d0d4fef1d10b7bb63318525bbac0614dd2fad
46eb2053688666a1c17a1e6e63a2516176f6752430afa9961f3dcdcd85fb156d
4bd20b4bb595465d93326372dc6c4b77ff7c8bcdf978d8a58f8f6242573c0238
53aa81755ce910568f78735181f90f9ab2308007b23f564e762b2073ec89ce48
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570fa7b966be70ad8dfda058e614597b6e1d8b16adfa9b74fa016de097041989
58e961f89ccb6bdf30ce733b0ce0e004a020622ca95ebd64667e0c5ee8a28e78
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a779d23916e28decbabcb7a01acd0842d0532823c63c95934b7772ef2d9c41d
70be498b48b32a22cfb42215dcf7319379ee56038005d2d1206f96422d130302
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
76aafb189ac19e4e594d0614f3064ecd9c3793a456b6a3bd68f130604384a60a
78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4
7accee75e0a023ce7d08f70cedc4d0cdd6cd2caac5f5ab90b281c32ea2e6f3de
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
94f879482ca4d3703313c1fef1bd5428f16c61d2b185ac5d1fe150da207932d0
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34
c38354a04ff57716714e9c23080d41bb29ee8b89a18dc4c78e587270596e6920
c7c2db7e03933e70364bdfcaa8d8ed1788b81757a414063b7a3fd0071f357426
c8efa1ba706d4b1f2e81cb713965a345d4ecde48663d2df0c3e19dc5080f350d
c9dcb17469a0019ce9f1d8704769c367a1307143b59f0d847784c35cb1c58b41
cbbb607fcf3dd24a8658ed88bd6479e190c95de5fba1b4af9fcd7043addc099a
d7500ce9a4534ae23e65ea9a119bd9eba3261e86abc8ec50ee265c5c49f83946
dbd696406c164ced213f8a83c48c78947843ea0a5431a9835be149f9a32423ab
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cb41aac5cd81c57056789b3f0fabf152bf2bd063d45a4b309f7cfd573ac6b4
e9f5f6aebc732f2850e93d51fd54b3078a69f950bfe627d6068bb5a94a3c167e
ec63f3b6686d8c96013b713b317ac31283d2f9a6df8e8a1e0f6bfb314f5f4473
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef230eff897a6b97ec7c28925e6f37aa870b11b3f00eb5dc988cf282753c04ac
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fd21104dc97db6fc980c0f12ba157f3cc9fddac84dde4367f02f6f9db05c13d6
fe89f02f669cd301907f30395d8258a10857501de620bec4ae6a334c3b0b28a8
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

dl.orangedox.com Open in urlscan Pro 52.39.32.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

92 %IPv6

12 Domains

14 Subdomains

14 IPs

2 Countries

1111 kBTransfer

2171 kBSize

7 Cookies

1 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dl.orangedox.com Open in urlscan Pro
52.39.32.138 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

92 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

1111 kB
Transfer

2171 kB
Size

7
Cookies

64 HTTP transactions
1 data transactions