dfiles.eu Open in urlscan Pro
94.242.236.49  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

• https://adsbb.dfiles.eu//ad.php?z=56&c=NL HTTP 303
• https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

Request Chain 22

• https://adsbb.dfiles.eu//ad.php?z=58&c=NL&g=gateway HTTP 303
• https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

Request Chain 23

• https://sw.wpu.sh/ps/natpsdk.js HTTP 302
• https://sw.swwpush.com/npc/sdk/wpu/fpush.js

Request Chain 100

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 133

• https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
• https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
• https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6e6631a7-800d-4806-8029-f456b01be9ac HTTP 302
• https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6e6631a7-800d-4806-8029-f456b01be9ac&tbid=75ab7515-419e-443d-9a57-b830b8ac0b1f-tuct763b557&query=taboola_hm%3D6e6631a7-800d-4806-8029-f456b01be9ac&isDirect=0

Request Chain 135

• https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
• https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=VoBJXyroXnfC&ev=1&orig=trc&pid=562107

Request Chain 137

• https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
• https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKTbOatSTSL3x1lYdfp7SDI&google_cver=1

Request Chain 139

• https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=75ab7515-419e-443d-9a57-b830b8ac0b1f-tuct763b557

Request Chain 140

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
• https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=36174443-1bf9-49f7-99f8-b932ac6682ab

Request Chain 141

• https://ce.lijit.com/merge?pid=42&3pid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
• https://ce.lijit.com/merge?pid=42&3pid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 146

• https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
• https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f9d772d6-5895-4a00-85ba-a8874402c59a

Request Chain 147

• https://id5-sync.com/s/464/9.gif?puid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
• https://id5-sync.com/c/464/464/7/1.gif?puid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&gdpr=1&gdpr_consent= HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOILLmwh9vhbF4F9gcumXnztjMejCCymq0NgiDgA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOILLmwh9vhbF4F9gcumXnztjMejCCymq0NgiDgA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/cq/464/124/6/2.gif?puid=201deec2-f4f8-41b0-8a4c-75e44c8ddc4d&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
• https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
• https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
• https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
• https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEGqUogOG1VKoEAiBPmwJrzQ&google_cver=1 HTTP 303
• https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGqUogOG1VKoEAiBPmwJrzQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEGqUogOG1VKoEAiBPmwJrzQ%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
• https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=451859191129143089&opid=apx&ops=&utidl=tech:goo:CAESEGqUogOG1VKoEAiBPmwJrzQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
• https://id5-sync.com/qp/18.gif?puid=vec%3A16707669626&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
• https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/464/19/4/4.gif?puid=fa04af9608c27b20c382abbf91a99e4a&gdpr=1&gdpr_consent= HTTP 302
• https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/464/101/3/5.gif?puid=69f1587b-b390-4795-8652-4fd0569d74b4&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 148

• https://s.c.appier.net/taboola HTTP 302
• https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Br-awSMfDmewXqPY1y9qYA

Request Chain 151

• https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
• https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola HTTP 302
• https://x.bidswitch.net/sync?dsp_id=119&user_id=2159827869997527847&expires=30&ssp=taboola HTTP 302
• https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a82d666d-1e64-492b-b8c7-117c0fe33107

Request Chain 152

• https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTAyREZBMEMtNzMwRS00N0YzLUE2MTUtRTBDOTQwMzM3NjRC&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 153

• https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOqM2LhatQOXkir4TKs418U&google_cver=1

Request Chain 155

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set uie3ad9wi Show response dfiles.eu/files/	20 KB 7 KB	8005ms 7922ms	Document text/html	94.242.236.49 ROOT
General Check archive.org Show headers Download Go to Full URL https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.49 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-49.server.lu Software nginx / Resource Hash b6fc5b2541c54b7cfd70f59a099135cddf508859081cbb2cf02e40f3bb42b38b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Host dfiles.eu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server nginx Date Sun, 04 Apr 2021 21:29:55 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Set-Cookie uprand=786aa50f8917fb9bb9ecb4be67a1fb9f; path=/; domain=.dfiles.eu last_file=uie3ad9wi; path=/; domain=.dfiles.eu lang_current=en; expires=Mon, 04-Apr-2022 21:29:54 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache X-Frame-Options SAMEORIGIN Content-Encoding gzip
GET H/1.1	200 OK	main.css static.depositfiles.com/css/	189 KB 46 KB	140ms 48ms	Stylesheet text/css	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/css/main.css Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash 986fc56c0db64bb554a42246e0e4bb0955c511a97c8cd3668dcb59686c49fbfa Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Content-Encoding gzip Last-Modified Tue, 05 Jan 2021 11:36:44 GMT Server nginx ETag W/"5ff44f4c-2f5c8" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=300 Connection keep-alive Expires Sun, 04 Apr 2021 21:34:55 GMT
GET H/1.1	200 OK	base2.js Show response static.depositfiles.com/js/	390 KB 390 KB	141ms 48ms	Script application/javascript	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/js/base2.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 01 Apr 2019 16:12:10 GMT Server nginx ETag "5ca2385a-6164f" Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Accept-Ranges bytes Content-Length 398927 Expires Sun, 04 Apr 2021 21:34:55 GMT
GET H/1.1	200 OK	jquery.validate.js Show response static.depositfiles.com/js/	37 KB 38 KB	141ms 49ms	Script application/javascript	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/js/jquery.validate.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash 95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-957d" Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Accept-Ranges bytes Content-Length 38269 Expires Sun, 04 Apr 2021 21:34:55 GMT
GET H/1.1	200 OK	function.js Show response static.depositfiles.com/js/	34 KB 34 KB	141ms 49ms	Script application/javascript	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/js/function.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash 51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Sun, 29 Apr 2018 18:38:58 GMT Server nginx ETag "5ae61142-8863" Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Accept-Ranges bytes Content-Length 34915 Expires Sun, 04 Apr 2021 21:34:55 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 736 B	14ms 14ms	Script text/javascript	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:55 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 555 x-xss-protection 1; mode=block expires Sun, 04 Apr 2021 21:29:55 GMT
GET H/1.1	403 Forbidden	224ad4a14b4b15c1726ff705ec672ea6.js distinctleftmargaret.com/22/4a/d4/	0 0	331ms 100ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://distinctleftmargaret.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 04 Apr 2021 21:29:55 GMT Server nginx/1.17.9 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	download_utils.js Show response static.depositfiles.com/js/	13 KB 13 KB	142ms 50ms	Script application/javascript	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/js/download_utils.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash 16f1515b9938fc7de086c504fe214484d97e237647a5d7fa2cb742a93f00c1ea Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 05 Nov 2018 20:56:05 GMT Server nginx ETag "5be0ae65-3447" Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Accept-Ranges bytes Content-Length 13383 Expires Sun, 04 Apr 2021 21:34:55 GMT
GET H/1.1	200 OK	gold_offer.js Show response static.depositfiles.com/js/	10 KB 10 KB	131ms 39ms	Script application/javascript	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/js/gold_offer.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash a86d8d81e5c254822628c578c40d2d62956ab3060632d1884b5080093365b97b Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-269f" Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Accept-Ranges bytes Content-Length 9887 Expires Sun, 04 Apr 2021 21:34:55 GMT
GET H/1.1	200 OK	speed_small_gold.gif static.depositfiles.com/images/	14 KB 14 KB	26ms 25ms	Image image/gif	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/speed_small_gold.gif Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash 13678b229b6c4224bcb9578a2f29bc3686958f4bea73af7645eb39af4246e6a9 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-389c" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 14492 Expires Fri, 09 Apr 2021 21:29:55 GMT
GET H/1.1	200 OK	speed_small.gif static.depositfiles.com/images/	23 KB 24 KB	27ms 26ms	Image image/gif	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/speed_small.gif Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash 01edcbb65e514def555b1e999d3a72f118f67e572f628293b91893b3758c6991 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-5dac" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 23980 Expires Fri, 09 Apr 2021 21:29:55 GMT
GET H/1.1	200 OK	no.png static.depositfiles.com/images/	3 KB 3 KB	30ms 27ms	Image image/png	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/no.png Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash 9b95b8f24b2b0808d611f4fd9bf5f3c548b352ae6100ab7b298b99a86905db79 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-c4a" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3146
GET H/1.1	200 OK	yes.png static.depositfiles.com/images/	3 KB 3 KB	30ms 27ms	Image image/png	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/yes.png Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash b325d6cb153b02050e59230e2abfb01e05f4bda708ad54bd8f6d9693fa9c2dac Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-ccb" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3275
GET H2	200	main.js Show response pw.wpu.sh/script/	76 KB 26 KB	49ms 15ms	Script application/javascript	213.174.135.25 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pw.wpu.sh/script/main.js?promo=22321&tcid=411&src=1926257466 Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / Resource Hash e616d7845c979aea81925ab5abce47640f385fc189ac57d29357a818e289c422 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:55 GMT content-encoding gzip server nginx/1.16.1 content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 04 Apr 2021 22:29:55 GMT cache-control max-age=3600 x-proxy-cache HIT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/	332 KB 130 KB	29ms 6ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://dfiles.eu Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 03 Apr 2021 14:00:02 GMT content-encoding gzip x-content-type-options nosniff age 113393 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 132755 x-xss-protection 0 last-modified Mon, 22 Mar 2021 04:06:11 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 03 Apr 2022 14:00:02 GMT
GET H/1.1	200 OK	logo.png static.depositfiles.com/images/	4 KB 4 KB	27ms 26ms	Image image/png	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/logo.png Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash 7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0 Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-e27" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3623
GET H/1.1	200 OK	sprite.png static.depositfiles.com/images/	36 KB 36 KB	30ms 29ms	Image image/png	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/sprite.png Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0 Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-8fc2" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 36802
GET H/1.1	200 OK	member_menu_bg.gif static.depositfiles.com/images/	78 B 378 B	26ms 26ms	Image image/gif	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/member_menu_bg.gif Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash 6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-4e" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 78 Expires Fri, 09 Apr 2021 21:29:55 GMT
GET H/1.1	200 OK	sprite64.png static.depositfiles.com/images/	28 KB 28 KB	38ms 38ms	Image image/png	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/sprite64.png Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash a9ed59ab3bbcfdf66224664aeb14fa0f0e8f034d8472a58dadcf65cfff17685d Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-704b" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 28747
GET H/1.1	200 OK	upload_btn_bg.gif static.depositfiles.com/images/	9 KB 9 KB	28ms 27ms	Image image/gif	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/upload_btn_bg.gif Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash c667d75c7f916bf8b140b0e1f7ab0c996f76d4642faed85bd9fef3c738f0912b Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-2332" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 9010 Expires Fri, 09 Apr 2021 21:29:55 GMT
GET H/1.1	200 OK	lang24.png static.depositfiles.com/images/flags/	9 KB 9 KB	28ms 27ms	Image image/png	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/flags/lang24.png Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Thu, 14 May 2020 09:52:24 GMT Server nginx ETag "5ebd14d8-23d4" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 9172
GET H/1.1	200 OK	sprite16.png static.depositfiles.com/images/	28 KB 28 KB	27ms 27ms	Image image/png	94.242.227.220 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/sprite16.png Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.220 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-220.server.lu Software nginx / Resource Hash 604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1 Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:55 GMT Last-Modified Mon, 30 Oct 2017 14:47:26 GMT Server nginx ETag "59f73b7e-6f55" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 28501
GET H/1.1	200 OK	ad27352941d759d0.htm Show response adsbb.dfiles.eu/upload/2005/ Frame AC89 Redirect Chain https://adsbb.dfiles.eu//ad.php?z=56&c=NL https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	1 KB 904 B	93ms 43ms	Document text/html	94.242.227.151 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/js/base2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.151 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-151.server.lu Software nginx / Resource Hash 06afb44ae56870123b05e04438d0c3f8722ff9cff297c2a10fb7208b308b1989 Request headers Host adsbb.dfiles.eu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://dfiles.eu/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie uprand=786aa50f8917fb9bb9ecb4be67a1fb9f; last_file=uie3ad9wi; lang_current=en; _nf58=1; _nf56=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer about:blank Response headers Server nginx Date Sun, 04 Apr 2021 21:29:55 GMT Content-Type text/html Transfer-Encoding chunked Connection close Last-Modified Sun, 04 Apr 2021 21:25:01 GMT Content-Encoding gzip Redirect headers Server nginx Date Sun, 04 Apr 2021 21:29:55 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close X-Powered-By PHP/5.6.30-0+deb8u1 Set-Cookie _nf56=1; expires=Mon, 05-Apr-2021 21:29:55 GMT; Max-Age=86400 Location /upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
GET H/1.1	200 OK	ad274029466c5257.htm Show response adsbb.dfiles.eu/upload/2006/ Frame E211 Redirect Chain https://adsbb.dfiles.eu//ad.php?z=58&c=NL&g=gateway https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	2 KB 1 KB	92ms 43ms	Document text/html	94.242.227.151 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/js/base2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.151 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-151.server.lu Software nginx / Resource Hash f71f1e6655b798901c78d6383f2a4c1937a8c1a34d2cf0cc47a08c1f801af25e Request headers Host adsbb.dfiles.eu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://dfiles.eu/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie uprand=786aa50f8917fb9bb9ecb4be67a1fb9f; last_file=uie3ad9wi; lang_current=en; _nf58=1; _nf56=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer about:blank Response headers Server nginx Date Sun, 04 Apr 2021 21:29:55 GMT Content-Type text/html Transfer-Encoding chunked Connection close Last-Modified Sun, 04 Apr 2021 21:25:01 GMT Content-Encoding gzip Redirect headers Server nginx Date Sun, 04 Apr 2021 21:29:55 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close X-Powered-By PHP/5.6.30-0+deb8u1 Set-Cookie _nf58=1; expires=Mon, 05-Apr-2021 21:29:55 GMT; Max-Age=86400 Location /upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
GET H2	200	fpush.js Show response sw.swwpush.com/npc/sdk/wpu/ Redirect Chain https://sw.wpu.sh/ps/natpsdk.js https://sw.swwpush.com/npc/sdk/wpu/fpush.js	81 KB 28 KB	46ms 15ms	Script application/javascript	213.174.135.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://sw.swwpush.com/npc/sdk/wpu/fpush.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / PHP/7.1.28 Resource Hash 743dd598dd336cac94f981dd4359c94a6f6f85e5f4efab39986eb4cb92d6e5dc Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:55 GMT content-encoding gzip server nginx/1.16.1 x-powered-by PHP/7.1.28 content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 04 Apr 2021 22:29:55 GMT cache-control max-age=3600 x-proxy-cache HIT Redirect headers date Sun, 04 Apr 2021 21:29:55 GMT server nginx/1.16.1 location https://sw.swwpush.com/npc/sdk/wpu/fpush.js access-control-allow-origin * cache-control max-age=3600 x-proxy-cache HIT content-length 0 expires Sun, 04 Apr 2021 22:29:55 GMT
GET H2	200	411.php Show response vasgenerete.site/npc/anpc/	4 B 198 B	49ms 17ms	XHR text/html	213.174.135.25 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://vasgenerete.site/npc/anpc/411.php Requested by Host: sw.wpu.sh URL: https://sw.wpu.sh/ps/natpsdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / PHP/7.1.28 Resource Hash d7793d4cf596bc12fd217b5ab3e8a9e7d0266c65c7a1154bd22cebf405ffb582 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:55 GMT server nginx/1.16.1 x-powered-by PHP/7.1.28 content-type text/html; charset=UTF-8 access-control-allow-origin * expires Sun, 04 Apr 2021 22:29:55 GMT cache-control max-age=3600 content-length 4 x-proxy-cache HIT
GET H2	200	csub.js Show response sw.swwpush.com/npc/sdk/wpu/	6 KB 3 KB	16ms 15ms	Script application/javascript	213.174.135.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://sw.swwpush.com/npc/sdk/wpu/csub.js Requested by Host: sw.wpu.sh URL: https://sw.wpu.sh/ps/natpsdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / PHP/7.1.28 Resource Hash f027eacbd3700b0f54821c2d08e829a054930626a495bea56484074c29290dd7 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:55 GMT content-encoding gzip server nginx/1.16.1 x-powered-by PHP/7.1.28 content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 04 Apr 2021 22:29:55 GMT cache-control max-age=3600 x-proxy-cache HIT
GET H/1.1	200 OK	jquery-1.5.1.min.js Show response adsbb.dfiles.eu/static/js/ Frame E211	83 KB 84 KB	93ms 43ms	Script application/javascript	94.242.227.151 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.151 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-151.server.lu Software nginx / Resource Hash 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b Request headers Referer https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:29:55 GMT Server nginx Content-Type application/javascript Cache-Control no-cache, private, no-cache, no-store, must-revalidate Connection close Accept-Ranges bytes Content-Length 85260 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	dfiles.ru.828725.js Show response jsc.adskeeper.co.uk/d/f/ Frame AC89	268 KB 68 KB	93ms 59ms	Script text/javascript	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.adskeeper.co.uk/d/f/dfiles.ru.828725.js Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47ce3b8a4b4b824137b1310925c1179f5251bddb96f1c00581b130fa2fa032c5 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:55 GMT content-encoding br cf-cache-status HIT age 727 cf-polished origSize=274758 last-modified Thu, 01 Apr 2021 10:37:32 GMT alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id RNMYVMDPYMF44KGS x-amz-id-2 RZKxJySFFEkRLc0rSp9JKYzxDciFSxPQ0D8ke50N5WERwngeeqoKh/ZoixcO0UD1JiSgjGTYAYo= cf-bgj minify server cloudflare etag W/"dcb38155948244534b32783e76b4526f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=14400 cf-request-id 094063eaeb0000c78db43b5000000001 cf-ray 63ada28b1b1dc78d-AMS expires Mon, 05 Apr 2021 01:29:55 GMT
GET H/1.1	200 OK	jquery-1.5.1.min.js Show response adsbb.dfiles.eu/static/js/ Frame AC89	83 KB 84 KB	92ms 42ms	Script application/javascript	94.242.227.151 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.151 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-151.server.lu Software nginx / Resource Hash 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b Request headers Referer https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:29:55 GMT Server nginx Content-Type application/javascript Cache-Control no-cache, private, no-cache, no-store, must-revalidate Connection close Accept-Ranges bytes Content-Length 85260 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	t.js Show response adpatrof.com/ Frame E211	18 KB 18 KB	94ms 46ms	Script application/javascript	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash b7f6430a153adcaaa99b20be693937290ecc10f3e27b946924d0947e15b358ff Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:55 GMT via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id 7Vom2ufMoDvXnE8Uit7E_ghi0UF5nTiyT7eD7Vd7Lf00kCprRII-qw== x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8
GET H/1.1	200 OK	view.gif Show response adsbb.dfiles.eu/ Frame E211	43 B 344 B	93ms 43ms	XHR image/gif	94.242.227.151 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/view.gif?c=2946&z=58&b=2740&u=606a2ead44c987874476765562375 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.151 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-151.server.lu Software nginx / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Accept */* Referer https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:29:55 GMT Server nginx Content-Type image/gif Cache-Control no-cache, private, no-cache, no-store, must-revalidate Connection close Accept-Ranges bytes Content-Length 43 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	view.gif Show response adsbb.dfiles.eu/ Frame AC89	43 B 344 B	92ms 43ms	XHR image/gif	94.242.227.151 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/view.gif?c=2941&z=56&b=2735&u=606a2ead5e1ad7130315773864233 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.151 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-151.server.lu Software nginx / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Accept */* Referer https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:29:55 GMT Server nginx Content-Type image/gif Cache-Control no-cache, private, no-cache, no-store, must-revalidate Connection close Accept-Ranges bytes Content-Length 43 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	/ Show response c.adskeeper.co.uk/pv/ Frame AC89	0 157 B	135ms 127ms	Script text/plain	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adskeeper.co.uk/pv/?pv=5&cbuster=16175717958811903703&uniqId=133de&childs=828731&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fuie3ad9wi&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fuie3ad9wi&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fuie3ad9wi&pageView=1&site=544656&pvid=1789ecad3aa96e015ee&implVersion=11&dpr=1 Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.828725.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:56 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 63ada28c5d74c78d-AMS alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 094063ebbc0000c78d272b0000000001
GET DATA	200 OK	truncated / Frame AC89	138 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a5351cc5fcd84ca5f24714cbc76e6b8f4fbf9a73fb9f7491bec0b523d073987e Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 7894	58 KB 20 KB	82ms 31ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software sffe / Resource Hash 6ef267192a6cbea929234680ba6509d59a66aa7a743542da98b07ab045c689a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:55 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "833 / 883 of 1000 / last-modified: 1617401775" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19752 x-xss-protection 0 expires Sun, 04 Apr 2021 21:29:55 GMT
GET H2	200	counter Show response adpatrof.com/ Frame CFBD	9 KB 9 KB	64ms 63ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/counter?i=luc8kp3c2wcmn47n3xzj&a=a0263fa3a4f61542225ac0b6b8c02d8d7&cb=0758191617571795922 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /counter?i=luc8kp3c2wcmn47n3xzj&a=a0263fa3a4f61542225ac0b6b8c02d8d7&cb=0758191617571795922 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id HVO3ZHJhcAtcTPzE6M_CWctZeD5m1guTw90orEf_uU0Je4mk9DmqyA==
GET H2	200	stat Show response adpatrof.com/ Frame AFBD	9 KB 9 KB	76ms 76ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=e3f04e69b934b789e64d7c2ee082f8487&cb=7056161617571795923 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /stat?i=luc8kp3c2wcmn47n3xzj&a=e3f04e69b934b789e64d7c2ee082f8487&cb=7056161617571795923 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id cl3XkI-eZdvh4vUtrDYSFdqQQOxHK-oWU4Sc6mKQtphNPxA3i20Kiw==
GET H2	200	counter Show response adpatrof.com/ Frame 0D43	9 KB 9 KB	64ms 64ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/counter?i=luc8kp3c2wcmn47n3xzj&a=785004b5f802e037d6f7b54b2cdb12615&cb=5327561617571795924 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /counter?i=luc8kp3c2wcmn47n3xzj&a=785004b5f802e037d6f7b54b2cdb12615&cb=5327561617571795924 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id KWB4An0zz09BSWnctR8cqyouRX9wP0WdRAnTeX12Nl_8TfROYl2wQA==
GET H2	200	stats Show response adpatrof.com/ Frame 6DC1	9 KB 9 KB	79ms 79ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/stats?i=luc8kp3c2wcmn47n3xzj&a=49b153cef8ead8890d0c6e1e11c9cc871&cb=9305801617571795925 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /stats?i=luc8kp3c2wcmn47n3xzj&a=49b153cef8ead8890d0c6e1e11c9cc871&cb=9305801617571795925 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id PtRr0hyLNgYpZdjlSY31mztjxCtP_jOg4B_kxnf2glXee5Mvehb9-g==
GET H2	200	usync Show response adpatrof.com/ Frame F5B4	2 KB 1 KB	75ms 74ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/usync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39437&cb=0254171617571795925 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash 0b1bee87d6dcefc534bd612d150fe9d9c2edcc8b93b93904ceba8f670286a8ca Request headers :method GET :authority adpatrof.com :scheme https :path /usync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39437&cb=0254171617571795925 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 vary Accept-Encoding date Sun, 04 Apr 2021 21:29:55 GMT content-encoding gzip x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id LJfLLP73YqAKwTwYqRzJpJNVed34dpdC6Ab6la6eIs8omw94qhoyQw==
GET H2	200	stat Show response adpatrof.com/ Frame 4584	9 KB 9 KB	63ms 63ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=beed3467d583ef6b23a17b2869140b135&cb=3054411617571795926 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /stat?i=luc8kp3c2wcmn47n3xzj&a=beed3467d583ef6b23a17b2869140b135&cb=3054411617571795926 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id dxmhUOz0rjzUiGPdfsUnVDJmelPB4vHFOTjgFlxyhInxIVWHZIFQBg==
GET H2	200	stat Show response adpatrof.com/ Frame 5830	9 KB 9 KB	81ms 81ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=57bc4dedf314665eb4f012448f0515681&cb=7545741617571795927 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /stat?i=luc8kp3c2wcmn47n3xzj&a=57bc4dedf314665eb4f012448f0515681&cb=7545741617571795927 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id A69LYPnvID5TAeY0fxuVbORwTr-K0A_cgTf01WGyVFSqnjFqGYzg8g==
GET H2	200	usersync Show response adpatrof.com/ Frame 69B1	9 KB 9 KB	78ms 76ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=a9c7a529e5b650b5788136bfa844a5287&cb=7451101617571795928 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /usersync?i=luc8kp3c2wcmn47n3xzj&a=a9c7a529e5b650b5788136bfa844a5287&cb=7451101617571795928 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id pA7DocAnJzCgL7jLynA__Naaui8b7Zay4MQ3pepxyWJiVr2KT2GP8w==
GET H2	200	async_usersync Show response adpatrof.com/ Frame 45EC	9 KB 9 KB	83ms 82ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/async_usersync?i=luc8kp3c2wcmn47n3xzj&a=300d3726af8e3134777cec4649cae0143&cb=0692201617571795929 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /async_usersync?i=luc8kp3c2wcmn47n3xzj&a=300d3726af8e3134777cec4649cae0143&cb=0692201617571795929 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id LlSV_v4QZ4VNgawIRBBOcuv2jl94kZ7bgxToPiNvjjAdR5rxJqJ2aQ==
GET H2	200	counter Show response adpatrof.com/ Frame 783D	9 KB 9 KB	74ms 73ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/counter?i=luc8kp3c2wcmn47n3xzj&a=aa1af7ce534252d7664743004bee3ec33&cb=2470691617571795930 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /counter?i=luc8kp3c2wcmn47n3xzj&a=aa1af7ce534252d7664743004bee3ec33&cb=2470691617571795930 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id phiQOPlKzFM2GuyGW7M9UyehbpsPyVrobzV7owFlw5U37XpHj0dLWw==
GET H2	200	sync Show response adpatrof.com/ Frame C215	2 KB 2 KB	83ms 83ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a9&cb=7617191617571795930 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash 65f3773dccbaa109200b9b555a5d00258e972afdefd913943748a096500bdb32 Request headers :method GET :authority adpatrof.com :scheme https :path /sync?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a9&cb=7617191617571795930 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 content-length 1874 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id 6jvQWIBSGrvsL6F2smlN0PwOlSLZqhNm3K0EwCOvqokzNny_ajE13Q==
GET H2	200	user Show response adpatrof.com/ Frame 8F50	9 KB 9 KB	85ms 85ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/user?i=luc8kp3c2wcmn47n3xzj&a=8419aa6ca0e8c1ada0519243360c8c453&cb=9358871617571795931 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /user?i=luc8kp3c2wcmn47n3xzj&a=8419aa6ca0e8c1ada0519243360c8c453&cb=9358871617571795931 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id -GzVAlMSbDYcCf2xaEA46ApQXAGjcE23SgJmDdhHgaE46XJNXRVlGg==
GET H2	200	usync Show response adpatrof.com/ Frame 837B	9 KB 9 KB	80ms 80ms	Document text/html	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/usync?i=luc8kp3c2wcmn47n3xzj&a=6395d78a5896547b07e53a1126b560013&cb=3772301617571795934 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=0652411617571795811 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash a9ecb8e6fcb981e7a426d5af7e377b2c38b4dc4f7945299a4bc32e14bd836769 Request headers :method GET :authority adpatrof.com :scheme https :path /usync?i=luc8kp3c2wcmn47n3xzj&a=6395d78a5896547b07e53a1126b560013&cb=3772301617571795934 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=56b2011f5dc7abe18e43d7491de9c1f374a15bfe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Sun, 04 Apr 2021 21:29:55 GMT x-cache Miss from cloudfront via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id mKdBSDxF3v6csgxo456yczv_c5Fjl-Jddi4tfsakJ-m28I61AmXNSg==
GET H2	200	1 Show response servicer.adskeeper.co.uk/828725/ Frame AC89	2 KB 1 KB	76ms 68ms	Script application/x-javascript	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.adskeeper.co.uk/828725/1?pv=5&cbuster=1617571795940668635343&uniqId=133de&childs=828731&niet=4g&nisd=false&w=240&h=738&cols=1&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fuie3ad9wi&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fuie3ad9wi&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fuie3ad9wi&pageView=1&pvid=1789ecad3e48d9d5696&implVersion=11&dpr=1 Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.828725.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97524962a70ce79e32fcef0b8973109b5534c2f97a7092106412e8ca4a15ca78 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/x-javascript; charset=utf-8 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 63ada28cbe0cc78d-AMS alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 094063ebf50000c78d24b04000000001
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame CFBD	302 KB 88 KB	58ms 30ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/counter?i=luc8kp3c2wcmn47n3xzj&a=a0263fa3a4f61542225ac0b6b8c02d8d7&cb=0758191617571795922 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hPlLamY%2FipQzs8rQGDcs1gk35X6dY6VFRiQ%2F9uY%2Bx7RAdoGblUDzd4XlU6FOchDx%2F1bRNdqRoHgU%2Bt2J5smDtoFuTM9oZ0QgNQTrUgsxWQwWIk0QQ6gds529"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ec380000c29f11bbd000000001 cf-ray 63ada28d2e22c29f-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 0D43	302 KB 88 KB	58ms 38ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/counter?i=luc8kp3c2wcmn47n3xzj&a=785004b5f802e037d6f7b54b2cdb12615&cb=5327561617571795924 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2IVGZI3eUhrBJh0E9WgUnGex7yNdf2gAh2%2BzH3Y5QcI0TY1dulP%2BudmaNkOMK2s%2F3UwOQ7BPwl7vq%2BC0bWuKgxYV1Laui5SEqDPNNcPm4Cw612HqvZoLRKRt"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ec390000c29f9427c000000001 cf-ray 63ada28d2e23c29f-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 4584	302 KB 88 KB	54ms 37ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=beed3467d583ef6b23a17b2869140b135&cb=3054411617571795926 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O2pMmZPJcg7r7mkzYLar2NqoL8XWyEneX6sF9xBg0MvvZ1vRmJ9%2F0Vk4xoUK6ZIsIFjxD%2FiaRryplvZQ5BU%2BBZnyYDb8yZ49RW4SXbQWxwxS0UHmBEmmYN5T"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ec390000c29f069b7000000001 cf-ray 63ada28d2e24c29f-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame AFBD	302 KB 88 KB	45ms 38ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=e3f04e69b934b789e64d7c2ee082f8487&cb=7056161617571795923 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gtd%2BnTf1Wne9USV%2FfVtMobg2vL2sl6SRHTguHuoFavSXiBfK32zPvyrLz26YsV4uVzGVZELpaQCmNH%2FX01YGyYk7Eb26lSyk3W1cWKhohSzvTtIOQIpm8aQ0"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ec390000c29fbc2ea000000001 cf-ray 63ada28d2e25c29f-FRA
GET H2	200	/ Show response ads.projectagoraservices.com/ Frame F5B4	14 KB 4 KB	71ms 35ms	Script application/javascript	2a02:26f0:6c00::210:ba2a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.projectagoraservices.com/?id=10823&uref=https%3A%2F%2Fdfiles.eu%2F Requested by Host: adpatrof.com URL: https://adpatrof.com/usync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39437&cb=0254171617571795925 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash b8254e1f77a5850e147ce538643c8460a950a677ba2e2973f6562a22cd022050 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip vary Accept-Encoding content-type application/javascript cache-control private, no-cache, no-store, must-revalidate content-length 3694 expires Sun, 04 Apr 2021 21:29:56 GMT
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 6DC1	302 KB 88 KB	35ms 34ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/stats?i=luc8kp3c2wcmn47n3xzj&a=49b153cef8ead8890d0c6e1e11c9cc871&cb=9305801617571795925 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qJWhyoTnb5b4CxVXLa1uQBKRocfGPy46Im31roDy75FNRcb3HIhTSnW4RyergBmNlOEhZiZcWF0gwGXfb62EhsTrEZDR4ZBcL0AGsPHarzWxtDHGzwYY4oJG"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ec3b0000c29f32b32000000001 cf-ray 63ada28d2e28c29f-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 783D	302 KB 88 KB	32ms 32ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/counter?i=luc8kp3c2wcmn47n3xzj&a=aa1af7ce534252d7664743004bee3ec33&cb=2470691617571795930 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=25kpGaXEMkIbRys6gB2z0hLCnw%2FEj%2Bvr4asxzUnNOHNCQN62WvBLB4fFbNOYpXHWCzXLjS6%2F%2FDsavcnpFOB8dOSoojL%2BuCDnvGjvhqVVu6CyINaT4xqcNCG8"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ec3e0000c29fcb052000000001 cf-ray 63ada28d3e2dc29f-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 69B1	302 KB 88 KB	33ms 32ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=a9c7a529e5b650b5788136bfa844a5287&cb=7451101617571795928 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g3gnJ8qslPjyfRUcMike4c77WFPxBm7B%2FJfHwsLxZD8%2Fga%2Bu3o8dwfWXAZcSjCcN4Pp9chW40m1eI%2BdKBqSuf6%2BrflxSS3SmkitzdmtjhHG1rtjxvlrHpenY"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ec410000c29fc6bed000000001 cf-ray 63ada28d3e30c29f-FRA
GET H2	200	k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2 fonts.gstatic.com/s/opensans/v10/ Frame AC89	16 KB 16 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://adsbb.dfiles.eu Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 02 Apr 2021 10:03:37 GMT x-content-type-options nosniff last-modified Thu, 21 Aug 2014 18:08:16 GMT server sffe age 213979 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16224 x-xss-protection 0 expires Sat, 02 Apr 2022 10:03:37 GMT
GET H2	200	i.js Show response cm.adskeeper.co.uk/ Frame AC89	113 B 226 B	203ms 201ms	Script application/javascript	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.adskeeper.co.uk/i.js?&cbuster=1617571796051287901503 Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.828725.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e58d8bf4476a312b887d7583a81dba8330f097413d3c6e8397583d3aac7f062e Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status MISS x-mg-request-uuid bee89412-5337-478d-97b0-1260fa19c888 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 63ada28d6f2bc78d-AMS alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 094063ec5e0000c78dce0d6000000001 server cloudflare
GET H2	200	i-noref.js Show response cm.adskeeper.co.uk/ Frame 95EB	19 B 397 B	204ms 203ms	Script application/javascript	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.adskeeper.co.uk/i-noref.js?cbuster=1617571796056771329608 Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.828725.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status MISS x-mg-request-uuid a7c43ca6-fad1-4308-b2f4-29dacc7694f1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 63ada28d6f30c78d-AMS alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 094063ec620000c78d27b07000000001 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzVmMmU3MmQ2MWFmMTA4NmQ2MzFlMGZmNDlkNjg1NGUwLmpwZWc.webp s-img.adskeeper.co.uk/g/8164864/328x328/0x0x1022x1022/ Frame AC89	14 KB 14 KB	33ms 29ms	Image image/webp	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.adskeeper.co.uk/g/8164864/328x328/0x0x1022x1022/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzVmMmU3MmQ2MWFmMTA4NmQ2MzFlMGZmNDlkNjg1NGUwLmpwZWc.webp?v=1617571795-gDatLXoZ8vKHz43hyzMQuC-MKQhYMSuSdWVGNZrWz7U Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55e81b4ff2a75ef3ea44a88fda85b5c6ac7816321ab35551d275d9ef9a164d3d Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT cf-cache-status HIT x-mg-request-uuid cae923e1-3d56-480b-8cae-a3ab03a8ede8 age 4790051 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14240 cf-request-id 094063ec690000c78dc837b000000001 last-modified Mon, 08 Feb 2021 10:23:37 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 63ada28d7f4ac78d-AMS
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp s-img.adskeeper.co.uk/g/8164884/328x328/81x0x667x667/ Frame AC89	17 KB 17 KB	35ms 31ms	Image image/webp	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.adskeeper.co.uk/g/8164884/328x328/81x0x667x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1617571795-D-kF2a7w125kpPlbVwBY3Zm84KNlk0RkjgNGXtq4ae8 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82a27787438fb42a1d78db250abc9f4ca19b78ae63f548626d0bfc65bc641a04 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT cf-cache-status HIT x-mg-request-uuid b640f606-dad7-4ef3-9e82-e51d1c2e71b5 age 4791063 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17434 cf-request-id 094063ec6a0000c78dd031f000000001 last-modified Mon, 08 Feb 2021 10:20:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 63ada28d7f4bc78d-AMS
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp s-img.adskeeper.co.uk/g/8193525/328x328/0x293x684x684/ Frame AC89	12 KB 12 KB	36ms 32ms	Image image/webp	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.adskeeper.co.uk/g/8193525/328x328/0x293x684x684/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1617571795-ZdUTkpTSNDRoYDGxXe0sCZcs0xxwrzkKhCDHT6ZfmqU Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70d2a8216a20c4853474ad67da4bcc726c86e5d0ca361af12c9933c9a5b3bb1f Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT cf-cache-status HIT x-mg-request-uuid 6d019d40-b3da-4926-973b-3b864265db1a age 4629680 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12410 cf-request-id 094063ec6a0000c78d11064000000001 last-modified Wed, 10 Feb 2021 07:15:51 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 63ada28d7f48c78d-AMS
GET H2	200	int_exchange_wages_ad.svg cdn.adskeeper.co.uk/images/adskeeper/ Frame AC89	1 KB 885 B	30ms 27ms	Image image/svg+xml	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT age 2891 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 273604511F847DD4 x-amz-id-2 sQZUvRuqd/DUbnL0d14ZpMy/evU/mEb7zm+R6/2kr1Aka13NKv098wUmPlM4QLH5BMVjaulJwTU= last-modified Mon, 04 May 2020 12:16:42 GMT server cloudflare etag W/"37346cd2daeeec771e8ffe3a34ef43ea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-request-id 094063ec6a0000c78de1872000000001 cf-ray 63ada28d7f4dc78d-AMS expires Mon, 05 Apr 2021 01:29:56 GMT
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 5830	302 KB 88 KB	29ms 28ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=57bc4dedf314665eb4f012448f0515681&cb=7545741617571795927 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uKdUVIofk3dmfEjDiLAAlHTw32cVGuJuyAx5ZFTriPBboegeGpP8p8BHsE65lbuzpxnv%2B2LpXSJTmms%2BPfuuu4I%2BhtB86xiQqWHq%2BMygpSlWbPUMbmM5FekW"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ec640000c29fd821e000000001 cf-ray 63ada28d6e58c29f-FRA
GET H3-Q050	200	pubads_impl_2021040101.js Show response securepubads.g.doubleclick.net/gpt/ Frame 7894	286 KB 101 KB	72ms 44ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software sffe / Resource Hash 7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 01 Apr 2021 08:39:48 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 103004 x-xss-protection 0 expires Sun, 04 Apr 2021 21:29:56 GMT
GET H2	200	pxl.jpg adpatrof.com/ Frame E211	597 B 830 B	48ms 47ms	Image image/jpeg	13.226.159.9 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adpatrof.com/pxl.jpg?i=luc8kp3c2wcmn47n3xzj&s=782&p=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fuie3ad9wi&rstk=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fuie3ad9wi%24https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F2006%2Fad274029466c5257.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752&h=3291321617571796133 Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-9.dus51.r.cloudfront.net Software / Resource Hash af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT via 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 content-length 597 x-amz-cf-id CcdmVeivi72EHqtHNOlZ_JsmtiZS4YgQcMsNPDNh-4oXueUGaDYLDg== x-cache Miss from cloudfront content-type image/jpeg; charset=UTF-8
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 45EC	302 KB 88 KB	35ms 34ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/async_usersync?i=luc8kp3c2wcmn47n3xzj&a=300d3726af8e3134777cec4649cae0143&cb=0692201617571795929 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=STM9IV9zDJPSA3lPFInApd1q0yZ123E8WKNOE9GBE%2BlY9a5PgzCHr8uZew6OhcSRqVmSfjN96wdTv60vNBkhfx2srXRuecgUhlnAP6UBgrQfvTXgngZ9nu2Q"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ecb50000c29fb602a000000001 cf-ray 63ada28deebec29f-FRA
GET H2	200	prebid.3-25.js Show response projectagora.net/libs/prebidv3/ Frame F5B4	363 KB 104 KB	56ms 34ms	Script application/javascript	2606:4700:3032::ac43:9028 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagora.net/libs/prebidv3/prebid.3-25.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=10823&uref=https%3A%2F%2Fdfiles.eu%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13649e86c57b7a7d0c4c09829cd7d0f712150630f8269cae779e50cd6e650b90 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 1302 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 6D986B55663EEBF3 x-amz-id-2 ZhEiJOSoqiVZrX4wxw8sIKmhRs9/fBzKhQKpIUcozojKoLGYPxcreZbT4qPKiESDAw6Bn5s30vk= last-modified Mon, 25 Jan 2021 09:50:58 GMT server cloudflare etag W/"6d6061f12d5d98b0f63e4b52058a31b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OF34WAyXMQ57G0fn0GaG2n0vpm%2F4xTCS6t8iYMVewZAy%2B63SLt4BmfNoGPIpM1hUPBMAuDsFCLF87rf%2BYCD3KyhlQ6Ybx8A8LgzJ%2FylJfBQLBR0XfuWNefuKnD3P"}],"max_age":604800,"group":"cf-nel"} content-type application/javascript cache-control max-age=14400 cf-request-id 094063ecd00000c2dbcb359000000001 cf-ray 63ada28e1eabc2db-FRA
GET H2	200	async.js Show response cdn.adtrue.com/rtb/ Frame C215	7 KB 3 KB	39ms 13ms	Script application/x-javascript	2606:4700:10::6816:3181 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/rtb/async.js Requested by Host: adpatrof.com URL: https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a9&cb=7617191617571795930 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 16 Nov 2020 01:20:45 GMT server cloudflare age 12081214 etag W/"5fb1d3ed-1c9f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=31104000 cf-ray 63ada28e2b5c4e0d-FRA cf-request-id 094063ecd800004e0d51160000000001 expires Thu, 11 Nov 2021 01:36:22 GMT
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 837B	302 KB 88 KB	34ms 34ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/usync?i=luc8kp3c2wcmn47n3xzj&a=6395d78a5896547b07e53a1126b560013&cb=3772301617571795934 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GE2jQdwParxko7DpnFpzJJzxKXiUdovS64KHNBeXFGAlI1kpraH9mBI0c%2FZey%2B2WmUd1LAX5y7YmYa%2FAkfSE%2BizxZtywVYr0lL4DzW%2BikzW0GKQywd4HsxJO"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ecc20000c29f1fba1000000001 cf-ray 63ada28e0ed4c29f-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 8F50	302 KB 88 KB	29ms 29ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/user?i=luc8kp3c2wcmn47n3xzj&a=8419aa6ca0e8c1ada0519243360c8c453&cb=9358871617571795931 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2162 content-type application/javascript x-amz-request-id 9Y8FFSFYNCFVKG4W x-amz-id-2 ZIEnlR2uRhqCrkFfkAr1Rgkcn73IMsFPoWCmH30Bvz5uLUOlQgD6TL6xLO89pyRolHlo+CTzgIw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QTIpIyNwFuhif6HY4asv2%2BZAf8q0p1kLPDrWq5HSNhg%2FU%2B7M%2FWm6FrfgGmfzQk%2BJRnq4Wz2zZJCHkRxOENtNHD1vBeX4Bf1SQRuLMKAwkF97JSLjB707jU7Q"}],"max_age":604800} x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cache-control max-age=14400 cf-request-id 094063ecc50000c29f32b36000000001 cf-ray 63ada28e0edac29f-FRA
GET H2	200	impress Show response exchange.adtrue.com/delivery/ Frame B496	4 KB 4 KB	564ms 183ms	Script application/javascript	34.218.167.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://exchange.adtrue.com/delivery/impress?pzoneid=19139&ref=https%3A%2F%2Fdfiles.eu%2F&cb=3937588534&timeZone=2&adWidth=728&adHeight=90&loc=https://dfiles.eu/ Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.218.167.58 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-218-167-58.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 31c4237cd2191b66addf7f15d38aa1ad2c0c2953bd27b72e49f2a4fcd0423b70 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT server nginx x-adtrue-instance java2 content-length 3635 content-type application/javascript
GET H2	200	/ cm.steepto.com/setmuidn/ Frame AC89	0 314 B	204ms 169ms	Image image/gif	104.19.137.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.steepto.com/setmuidn/?muidf=l34Tty4drgte Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif cf-ray 63ada28f0ba6d8b1-AMS content-length 0 cf-request-id 094063ed670000d8b1f1336000000001
GET H2	200	arj Show response projectagora-d.openx.net/w/1.0/ Frame F5B4	173 B 558 B	78ms 33ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fdfiles.eu%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.2&dddid=a71b6f5e-1f4f-4c2b-80a0-5db5325b1f37&nocache=1617571796327&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C100489%2C1%2C%2C%2C&aus=728x90&divIds=19604584_dfiles.eu_ros_728x90&auid=541155472 Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.205.50 / Resource Hash 51dbae83e4f0a6c437ef5bdc22dfa6c7ee9afdb9c94c348907b58a3d7bc1932f Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip server OXGW/16.205.50 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://adpatrof.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 164 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/ Frame F5B4	0 113 B	75ms 42ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://adpatrof.com date Sun, 04 Apr 2021 21:29:56 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/ Frame F5B4	0 320 B	167ms 62ms	XHR application/json	185.86.139.58 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:56 GMT p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://adpatrof.com cache-control no-cache,no-store access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame F5B4	19 B 709 B	72ms 27ms	XHR application/json	37.252.172.45 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:29:56 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.51:80 AN-X-Request-Uuid 8b71d0b2-144c-4bb0-9095-d606be2e5f53 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://adpatrof.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.nl/adsid/ Frame 7894	107 B 799 B	72ms 19ms	Script application/javascript	2a00:1450:400c:c0a::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.nl/adsid/integrator.js?domain=adsbb.dfiles.eu Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 7894	107 B 553 B	34ms 15ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=adsbb.dfiles.eu Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 7894	43 KB 11 KB	344ms 344ms	XHR text/plain	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=781155276147613&correlator=921814325856406&output=ldjh&impl=fifs&eid=31060550%2C31060583%2C31060686%2C31060010%2C44739387&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=21671350435%2C728x90-dfiles.eu&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&cdm=dfiles.eu&bc=31&abxe=1&lmt=1617571796&dt=1617571796347&dlt=1617571795919&idt=415&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=306&adys=145&adks=1478207589&ucis=ilzsh3og6l1w&ifi=1&ifk=773926631&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F2006%2Fad274029466c5257.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752&top=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fuie3ad9wi&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=603440258.1617571796&ga_sid=1617571796&ga_hid=237498917&ga_fc=false&fws=256&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 41512111123a68d06d115d7550c22193ffb9a55e0a8ed6f7cd4340c621911334 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10899 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsbb.dfiles.eu access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html c2bea10dda5aa8b33829d1aa17a82a12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7894	0 0	54ms 14ms	Other text/html	2a00:1450:400c:c08::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c2bea10dda5aa8b33829d1aa17a82a12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::84 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 7894	0 0	26ms 6ms	Other text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	pa_backupads_lib.js Show response projectagoralibs.com/libs/ Frame 8EE1	4 KB 2 KB	39ms 16ms	Script application/javascript	2606:4700:3034::6815:3d97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagoralibs.com/libs/pa_backupads_lib.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=10823&uref=https%3A%2F%2Fdfiles.eu%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:3d97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 1474 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 9DB6F29C93290A96 x-amz-id-2 smen8jySdsd4AujDn3B4ucWjVUiGc8ht7RHzxsFJTxwWckWkguL9DrRr9SztX81tRaS79iryEvE= last-modified Tue, 27 Oct 2020 14:01:47 GMT server cloudflare etag W/"388809d00c3186d72408292dde1dfc83" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=098nvc2GANR347NHzV5z3ADu229i4yEdRD9ZdqA8ZPzF7rpHtGdGDTSJt1H479Hc7pMzyzw1o5tZB1k7a%2Fk3eNVYhWrltWFz9jxbIuZa2cf9hmOC6mg3wA0wJqO0nMc4qg%3D%3D"}]} content-type application/javascript cache-control max-age=14400 cf-request-id 094063ee300000bee288bf6000000001 cf-ray 63ada2904c9abee2-FRA
GET H/1.1	204 No Content	/ projectagora-483829-hdb.adomik.com/ Frame F5B4	0 103 B	139ms 31ms	Image text/plain	52.213.157.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiOWY5MThlMzAtM2QxNC00ODc4LTlhYzgtODE1Y2NiNDYxNDk0IiwiaG9zdG5hbWUiOiJhZHBhdHJvZi5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiT1BFTlgifSx7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=9f918e30-3d14-4878-9ac8-815ccb461494&part=0&on=0 Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.157.17 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-157-17.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Connection keep-alive Date Sun, 04 Apr 2021 21:29:56 GMT Server nginx
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/ Frame 8EE1	71 KB 19 KB	68ms 22ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js Requested by Host: adpatrof.com URL: https://adpatrof.com/usync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39437&cb=0254171617571795925 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4a867046006fe94ac327a5f94679484209ac77cc363f92718866c462bab9ff00 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 0jDkMzB9.5OmknKU8mGe3IQ7ICm4oSt4 content-encoding gzip etag "7db23ad2c0c7a7447bc003d2324314f4" age 5535 x-cache HIT content-length 19266 x-amz-id-2 Anf8XzOI3q1hBZq2XFfJ0eg3SjqpURwzFwmBVq9N6TaC7VjdIyG61/e/tICtYD/uuqDyFmQT0N4= x-served-by cache-fra19130-FRA last-modified Sun, 04 Apr 2021 08:37:01 GMT server AmazonS3 x-timer S1617571797.601537,VS0,VE0 date Sun, 04 Apr 2021 21:29:56 GMT vary Accept-Encoding x-amz-request-id PPXD524WKPC4SXMX via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 69 x-cache-hits 2
GET H2	200	impl.20210403-1-RELEASE.js Show response cdn.taboola.com/libtrc/ Frame 8EE1	471 KB 109 KB	22ms 22ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20210403-1-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3-br / Resource Hash 0ae93f672633f77e203677c8528d794b55d3ee66c42617ced3891d86f5e21398 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id qokYuYWinVJ.lB_cmLNv8lP.XqNh7J7d content-encoding br etag "c9df172987c16ea14b7176a2ea585ca3" age 17925 x-cache HIT content-length 110846 x-amz-id-2 GY1SckagYVYYCxVwEzWBQZ6JpDYRKMLLI88gWng0ajuaabMeDwgOYaIL+3TsZ/V4akMnj7Rg/nw= x-served-by cache-fra19130-FRA last-modified Sun, 04 Apr 2021 08:27:16 GMT server AmazonS3-br x-timer S1617571797.642495,VS0,VE0 date Sun, 04 Apr 2021 21:29:56 GMT vary Accept-Encoding x-amz-request-id XPBCSEPBR4KG5GBD via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript abp 94 x-cache-hits 79173
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012103020108001/ Frame F2F6	190 KB 55 KB	31ms 6ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 210461 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55046 x-xss-protection 0 server sffe date Fri, 02 Apr 2021 11:02:15 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "aeaf363b1ad89b36" accept-ranges bytes timing-allow-origin * expires Sat, 02 Apr 2022 11:02:15 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012103020108001/v0/ Frame F2F6	12 KB 5 KB	40ms 16ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 210461 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4548 x-xss-protection 0 server sffe date Fri, 02 Apr 2021 11:02:15 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "4eb73d471ab4cb2c" accept-ranges bytes timing-allow-origin * expires Sat, 02 Apr 2022 11:02:15 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012103020108001/v0/ Frame F2F6	87 KB 27 KB	43ms 18ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 210461 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27208 x-xss-protection 0 server sffe date Fri, 02 Apr 2021 11:02:15 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "22950e05e749846e" accept-ranges bytes timing-allow-origin * expires Sat, 02 Apr 2022 11:02:15 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012103020108001/v0/ Frame F2F6	27 KB 9 KB	40ms 16ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 210461 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9587 x-xss-protection 0 server sffe date Fri, 02 Apr 2021 11:02:15 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "739644f32ad1483f" accept-ranges bytes timing-allow-origin * expires Sat, 02 Apr 2022 11:02:15 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012103020108001/v0/ Frame F2F6	40 KB 13 KB	41ms 16ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 210461 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12827 x-xss-protection 0 server sffe date Fri, 02 Apr 2021 11:02:15 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "5cc8dcc2368726c7" accept-ranges bytes timing-allow-origin * expires Sat, 02 Apr 2022 11:02:15 GMT
GET DATA	200 OK	truncated / Frame F2F6	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 767acda5aad91e8be3e13217008c57cca927003c1953615115971e114bc63e95 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-Q050	200	12567136805527423466 tpc.googlesyndication.com/simgad/ Frame F2F6	39 KB 39 KB	29ms 14ms	Image image/png	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12567136805527423466?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnmVmolq4EUumcLzM7QGQnyK1XKTA Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f80c163d730fe4c9135b479b4c8b4f5e9054714e71f3328eaa8b172c9a1857ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 03 Apr 2021 18:35:46 GMT x-content-type-options nosniff last-modified Sat, 03 Apr 2021 16:22:52 GMT server sffe age 96850 content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39972 x-xss-protection 0 expires Sun, 03 Apr 2022 18:35:46 GMT
GET H3-Q050	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame F2F6	2 KB 3 KB	28ms 14ms	Image image/png	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 04 Apr 2021 08:22:57 GMT x-content-type-options nosniff server cafe age 47219 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Mon, 05 Apr 2021 08:22:57 GMT
GET H3-Q050	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame F2F6	295 B 748 B	28ms 13ms	Image image/png	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sat, 03 Apr 2021 23:24:51 GMT x-content-type-options nosniff server cafe age 79505 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sun, 04 Apr 2021 23:24:51 GMT
GET H3-Q050	204	l www.google.com/ads/measurement/ Frame F2F6	0 0	47ms 27ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdFR8q8y_heacvLLTUskqZ6TaHv4a0bhMzix2Kdcu2SsGQSJthL8Ue1kdykPfAIZtGI4hU Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-Q050	200	adview securepubads.g.doubleclick.net/pagead/ Frame F2F6	0 0	57ms 56ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CmnHM1C9qYO7uF82Q3gP23rz4Bbf_rZJigMHV4PMNsJAfEAEg1ubFWGCRhJOF_BegAdPIq_kDyAEC4AIAqAMByAMIqgTfAU_Q7NOq0FqkvoNTkX1qkfYVgF-wRkCMvA0_-5jyqOprVQdhyy1TFUXmgC1qJRwrJT2gS6IEt5_I8nasajIUGwQhXs1w6hXPjdvFTzhq-1DKNzi6QxwgpM7NT6BphonnZ1tMzfqtAtQdVK1qyucP0z6IdLxPAeASX1gG3SCTsMZCUYmJi0HUCE4h2vQduZrz7nh4Zu0zMrZ-c9OAKA0dA1qYrmXfPk3SHSGp3wejAjCCHIEqpGPXB2vrIZFLm24C5G2aHhque7OzA4TbJEwMH6EqRynh_e3oeYU3OZsG6ArABOXx0Ke6A-AEAaAGAoAHlbfUBqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDX0w_SCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTM2ODY5MDY1MjU2NjE2ODSACgPICwHYEwOyFxoKGAgAEhRwdWItMjEyODc1NzE2NzgxMjY2Mw&sigh=442yz5fYXSw&tpd=AGWhJmu4vAmJRh3ZNCcTi1oQcK-em46OkrSb4cVhmru49GlUKQ Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 7894	8 KB 7 KB	38ms 18ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 13a2e571fdd19c69eb24aabde1aa4f27de9d72e4e3221e1e2fd422dbb0fcb070 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6575 x-xss-protection 0
GET H3-Q050	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 7894	17 KB 6 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060686 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Sun, 04 Apr 2021 21:29:56 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame F2F6 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	14ms 14ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers date Sun, 04 Apr 2021 21:29:56 GMT x-content-type-options nosniff server safe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 246 x-xss-protection 0
GET H3-Q050	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2FC6	12 KB 5 KB	7ms 6ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsbb.dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://adsbb.dfiles.eu/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Sun, 04 Apr 2021 18:12:41 GMT expires Mon, 04 Apr 2022 18:12:41 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 11835 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response pagead2.googlesyndication.com/bg/ Frame 2FC6	14 KB 6 KB	27ms 13ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 03 Apr 2021 15:18:41 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 24 Mar 2021 17:18:00 GMT server sffe age 108675 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5698 x-xss-protection 0 expires Sun, 03 Apr 2022 15:18:41 GMT
GET H2	200	prebid.js Show response cdn.adtrue.com/pb/ Frame B496	257 KB 82 KB	22ms 21ms	Script application/x-javascript	2606:4700:10::6816:3181 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/pb/prebid.js Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/delivery/impress?pzoneid=19139&ref=https%3A%2F%2Fdfiles.eu%2F&cb=3937588534&timeZone=2&adWidth=728&adHeight=90&loc=https://dfiles.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 21 Aug 2020 05:31:13 GMT server cloudflare age 4108911 etag W/"5f3f5c21-405dd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=31104000 cf-ray 63ada29259894e0d-FRA cf-request-id 094063ef7900004e0d711f5000000001 expires Fri, 11 Feb 2022 08:08:05 GMT
GET H2	200	request Show response track.adtrue.com/track/ Frame 1781	52 B 145 B	557ms 180ms	Document text/html	35.166.115.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.adtrue.com/track/request?pzoneid=19139&domain=dfiles.eu&ref=https%3A%2F%2Fdfiles.eu%2F&loc=https%3A%2F%2Fdfiles.eu%2F Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/delivery/impress?pzoneid=19139&ref=https%3A%2F%2Fdfiles.eu%2F&cb=3937588534&timeZone=2&adWidth=728&adHeight=90&loc=https://dfiles.eu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.166.115.131 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-166-115-131.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 5f6ef7df0303120469606d9f1046c0bf277731cc04239c80dfba0ea1cc341c10 Request headers :method GET :authority track.adtrue.com :scheme https :path /track/request?pzoneid=19139&domain=dfiles.eu&ref=https%3A%2F%2Fdfiles.eu%2F&loc=https%3A%2F%2Fdfiles.eu%2F pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adpatrof.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://adpatrof.com/ Response headers date Sun, 04 Apr 2021 21:29:57 GMT content-type text/html content-length 52 server nginx x-host-name java4
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame B496	19 B 709 B	33ms 33ms	XHR application/json	37.252.172.45 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:29:56 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.12:80 AN-X-Request-Uuid 63a4bfe1-02f0-48ce-8a18-8700cd1fdf33 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://adpatrof.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	passback.js Show response cdn.adtrue.com/rtb/ Frame 5C1F	753 B 578 B	11ms 11ms	Script application/x-javascript	2606:4700:10::6816:3181 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/rtb/passback.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:56 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 28 Oct 2020 03:26:52 GMT server cloudflare age 13194655 etag W/"5f98e4fc-2f1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=31104000 cf-ray 63ada292ea474e0d-FRA cf-request-id 094063efd300004e0d4c83e000000001 expires Fri, 29 Oct 2021 04:19:01 GMT
GET H2	200	passback Show response exchange.adtrue.com/tag/ Frame 5C1F	553 B 743 B	184ms 184ms	Script application/javascript	34.218.167.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=19139&divid=1064591269&ref=undefined Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/rtb/passback.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.218.167.58 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-218-167-58.us-west-2.compute.amazonaws.com Software nginx / Resource Hash ccd442559cbf2ce8593193fe8d98c222381da419d86a272b17e39f4c957eb751 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:57 GMT server nginx content-length 553 content-type application/javascript
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7894	0 224 B	40ms 40ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=781155276147613&bg=!wcKlwobNAAY56aLOOek7ACkAdvg8Wu7SUhyNembZgnMJylUdbHyuDMoZq-MdTOVEA_Jllsho8p9v-QIAAAB9UgAAAAtoAQcKACjS-j_cBVBZiwSELtMZo61AhaQx5W1hr4GieQbZbQECaS76xU1MWHaPmQIN7xXWQvnZLMhT62jna-pimwddbstCNderJV724tw_88Sxsj0ERCao9r7tzUEMuuUYLM_Fgmx24T0bqbJGP7UFmTeJx2ePhyO6CoZ_rP26uQjKfvpOv8OVNsM6-ZIjXK5Oxvz-sbYJRpD7DtSPzwnyPlvvPvzhXmLvYWLNYj_J5RpbIHZZDhDE3X5vYiWaq_gd7sEnSfYt2RBRpE5JtUvUoIOj07Ti4MV4jKuMjjztCsQQepB5zgW5DN8bqH8FV415ezXbDdfvBa-frhV_8xWsAJjC2xZuVfgKxfRU2tguvk92ZowD2olbohi5OgjgovGvKPt4huUxQh14zBwNyTuJLSfq7I2Tq935ZHkBRl-WAdY-ZUy1nVbGfXsWe6GKxoPPV7nJa_Pk_GaNhLSpG6lGVvMub7475BCsMQP_BIiqqSi5TrOaA5W-3NLrmrUUPx7YhTATsvv8uy1hNCdmsKolxG3q70EsqHlJtlFWdmMoC52gpMd-MriQIHDlDmBxPUrcMbRc1NA49G_eKZzV1jroMJoE6_ayg8TDiNdYuxtaAWSwIIcCZwNql6uvQwP4HTUOM-l3KRzWVJHfBG3l-iSUOJeNF1zgDpVDd97ACGlU7fY0BGaFa-ZDuk86OKop6M7rRNM4UrzO2NvIfcCxS4_3YlY-cJYqqB6NCznk5on4meO08zjqhcsn6U3c5WmT Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	passback Show response track.adtrue.com/track/ Frame 38FB	0 64 B	263ms 181ms	Document text/plain	35.166.115.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.adtrue.com/track/passback?pzoneid=19139 Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=19139&divid=1064591269&ref=undefined Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.166.115.131 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-166-115-131.us-west-2.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :method GET :authority track.adtrue.com :scheme https :path /track/passback?pzoneid=19139 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adpatrof.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://adpatrof.com/ Response headers date Sun, 04 Apr 2021 21:29:57 GMT content-length 0 server nginx x-host-name java1
GET H2	200	world-health-day.gif cdn-adtrue.com/statics/images/psa/ Frame 5C1F	26 KB 27 KB	34ms 13ms	Image image/gif	2606:4700:e2::ac40:860e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-adtrue.com/statics/images/psa/world-health-day.gif Requested by Host: adpatrof.com URL: https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a9&cb=7617191617571795930 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:860e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53bfa8917121f9afec4c3c0a3ff270c81a8d90116c720adc7dcbfc9c7fc497ae Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:57 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 12932587 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26616 cf-request-id 094063f0b100004dbe562be000000001 last-modified Thu, 25 Jun 2020 02:50:22 GMT server cloudflare etag "5ef410ee-67f8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U5hf5uhh5NJJCgmR0oGyjnijEoSih6noqnswheDmZVmcOKzaxw%2F7Fwu6jymAtB1RvWmh3WtH8D8%2F7%2BxC56hTffrPDLnQlDjNW5k0MN%2F2CcQ47Oh481LE9X5a1Q%3D%3D"}],"max_age":604800} content-type image/gif cache-control max-age=31104000 accept-ranges bytes cf-ray 63ada2944f814dbe-FRA expires Mon, 01 Nov 2021 05:06:50 GMT
GET H2	200	json Show response trc.taboola.com/dfiles728x90gr-r19604584/trc/3/ Frame 8EE1	8 KB 4 KB	152ms 105ms	XHR application/javascript	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/dfiles728x90gr-r19604584/trc/3/json?tim=23%3A29%3A57.205&lti=deflated&data=%7B%22id%22%3A246%2C%22ii%22%3A%22%2Fusync%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1617525417892%2C%22vi%22%3A1617571797203%2C%22cv%22%3A%2220210403-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fadpatrof.com%2Fusync%3Fi%3Dluc8kp3c2wcmn47n3xzj%26a%3D715abbf33c9d0e6ddb68a766cd2d39437%26cb%3D0254171617571795925%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22qs%22%3A%22%3Fi%3Dluc8kp3c2wcmn47n3xzj%26a%3D715abbf33c9d0e6ddb68a766cd2d39437%26cb%3D0254171617571795925%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2219604584%22%2C%22orig_uip%22%3A%2219604584%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210403-1-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 40e5b9a84db6ee251d6d70313c0a3505c87ae63643f90d82274dab567fa797a0 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers x-vcl-time-ms 84 date Sun, 04 Apr 2021 21:29:57 GMT content-encoding gzip server nginx x-timer S1617571797.264899,VS0,VE84 x-served-by cache-hhn11531-HHN vary Accept-Encoding x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://adpatrof.com access-control-allow-credentials true accept-ranges bytes content-type application/javascript; charset=utf-8 via 1.1 varnish x-cache-hits 0
GET H2	200	c c.adskeeper.co.uk/ Frame AC89	43 B 450 B	106ms 106ms	Image image/gif	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.adskeeper.co.uk/c?f=1&pv=3&v=240|240|12|Yn9vAvBkO2ibs6rylPIkkO2cc5vtIcAOjS64ym-eUdJw2Ic03ObYeJrL-yBJuRzw&fw=1&extjs=66044&v=240|240|12|Yn9vAvBkO2ibs6rylPIkkPMXtzDu5cPWAy7M2s03K2kgckJVWPtO0LCxnY2DqPlN&v=240|240|12|Yn9vAvBkO2ibs6rylPIkkAyTLjJM0opF7GHR6N70-LQgYZYMm-puUxNYmvmoMcCS&cid=828725&h2=tmW5e_Mo1OmtR0hcrE3R1p0E8tuL9qrv4pLwBcxucfc*&rid=e67d1200-958c-11eb-bafe-d094662f8ab5&tt=Direct&iv=11&pageImp=1&cbuster=1617571797355444220185&tpl=0 Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:57 GMT cf-cache-status DYNAMIC x-mg-request-uuid ffe4a87d-87d1-4d30-b942-de97f6c391c1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 63ada2958b62c78d-AMS alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 094063f1750000c78de4bd4000000001 server cloudflare
GET H2	200	cta-branding.js Show response cdn.taboola.com/demand-formats/cta-branding/ Frame 8EE1	13 KB 5 KB	23ms 22ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210403-1-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 368f4c343722bcd0da3077d1e117f5462335c5c21066ac5472810f224e07718b Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 78aES2K9e_BQ1VejaFN0QXuuayHCrT6B content-encoding gzip etag "1da06556d096c84420c24cf4a174b8a5" age 13541 x-cache HIT x-amz-replication-status PENDING content-length 4389 x-amz-id-2 A6oFNJBTuAIg0W4OW+iYyDmCfnDWBJCiyuPOXsgsx0oD8GygdRI1oQQQr2Ef9a18FqtOUyoZadE= x-served-by cache-fra19130-FRA last-modified Wed, 31 Mar 2021 09:42:57 GMT server AmazonS3 x-timer S1617571797.376108,VS0,VE0 date Sun, 04 Apr 2021 21:29:57 GMT vary Accept-Encoding x-amz-request-id 341Z0AMRAM6ZJZ2G via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript abp 94 x-cache-hits 108185
GET H2	200	cta-branding.css cdn.taboola.com/demand-formats/cta-branding/ Frame 8EE1	3 KB 1 KB	22ms 22ms	Stylesheet text/css	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210403-1-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id FyU75WazRsiEew8mV1P.ejYIF3IEfCEj content-encoding gzip etag "fa3c5d1be5ff23d2bbc39878e37cc0ec" age 860 x-cache HIT x-amz-replication-status PENDING content-length 749 x-amz-id-2 1I/L+AiRXIfkyPP3JvgAzpIOn2hbxJyWkgGqk2v091V9V0QDWMmo3vnbV9T/UJGaDerlVZftXN4= x-served-by cache-fra19130-FRA last-modified Wed, 17 Mar 2021 13:13:46 GMT server AmazonS3 x-timer S1617571797.376070,VS0,VE0 date Sun, 04 Apr 2021 21:29:57 GMT vary Accept-Encoding x-amz-request-id S947MPC9C9C9NDWK via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type text/css abp 94 x-cache-hits 6440
GET H2	200	tfa-eid.20210403-1-RELEASE.es6.js Show response cdn.taboola.com/libtrc/ Frame 8EE1	13 KB 5 KB	23ms 23ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/tfa-eid.20210403-1-RELEASE.es6.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5cd627b679ea6a2c9d4fa9ea837421fc6479af0b5af05746428c75fb721a1bcb Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id yUv7ASC7xO.idwoatLhJ0uqF2OYJEJ_5 content-encoding gzip etag "bc4a311ac142ce3bb681a8b118d718bc" age 25776 x-cache HIT x-amz-replication-status PENDING content-length 4856 x-amz-id-2 j9dT+qC5/UJ12x7Hv3LS8bVuXe/QbXkdgHzkhQKHymc6yofhZOR7Pxzb4HuLNAjC4DCAmKSAyA8= x-served-by cache-fra19130-FRA last-modified Sun, 04 Apr 2021 14:20:18 GMT server AmazonS3 x-timer S1617571797.377374,VS0,VE0 date Sun, 04 Apr 2021 21:29:57 GMT vary Accept-Encoding x-amz-request-id JM1KM7RXFZ140P7C via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 94 x-cache-hits 284883
GET H2	200	sha256.20210403-1-RELEASE.es6.js Show response cdn.taboola.com/libtrc/ Frame 8EE1	6 KB 3 KB	23ms 23ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/sha256.20210403-1-RELEASE.es6.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 28e8b7b75a5569e08856e49d480a2204ffd4766edbf2cd4a704bdc6cd646d909 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id dCrFqV0wKYCbpknxfcIkICZD8sMcNckd content-encoding gzip etag "7840f50989432a74f89f5f62cdc2efe8" age 25767 x-cache HIT x-amz-replication-status PENDING content-length 2595 x-amz-id-2 HJUICTJccJerC6L4jEhGP2Ioonvbi70mLwBidOd12Pp6puslFx9H9hQXAqBw9NKy7eTkvCnIIes= x-served-by cache-fra19130-FRA last-modified Sun, 04 Apr 2021 14:20:27 GMT server AmazonS3 x-timer S1617571797.377493,VS0,VE0 date Sun, 04 Apr 2021 21:29:57 GMT vary Accept-Encoding x-amz-request-id GHJHDSV49DNAZJMX via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 94 x-cache-hits 265156
GET H2	200	userx.20210403-1-RELEASE.es6.js Show response cdn.taboola.com/libtrc/ Frame 8EE1	23 KB 8 KB	23ms 23ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/userx.20210403-1-RELEASE.es6.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e421ac705fe0fc449546502efa3727f46ac8ba01bd120347732c98133a012d85 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id K3lYOJj9MyzP1IQMe8uq8yuGkQa68WiE content-encoding gzip etag "99b0db700db8973ac300d7fb87fdfdb3" age 25664 x-cache HIT x-amz-replication-status COMPLETED content-length 7855 x-amz-id-2 3JiDnf5JocRh+f4pj28GWuCMYxX+Ys0k/NmQNLWHZWa9G5TgFKx7gFEzeK6M4xWT+6tfchyA5os= x-served-by cache-fra19130-FRA last-modified Sun, 04 Apr 2021 14:20:13 GMT server AmazonS3 x-timer S1617571797.388105,VS0,VE0 date Sun, 04 Apr 2021 21:29:57 GMT vary Accept-Encoding x-amz-request-id EPCRBZDFX8Z71W4N via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 94 x-cache-hits 74350
GET H2	200	125058ef790b32530cec26facd888612.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8EE1	2 KB 2 KB	26ms 24ms	Image image/jpeg	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/125058ef790b32530cec26facd888612.jpg Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash 10d83eeb30d3a8a4e2f8159c0016c0e8aec9e55b60ffde64d9cc9a63a3eae25b Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 1 date Sun, 04 Apr 2021 21:29:57 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 951973 edge-cache-tag 558582940518588916159690723169360561113,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache MISS, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/125058ef790b32530cec26facd888612.jpg content-length 1750 x-request-id 32c99d4926e41471e198e94ccb1aa1b5 x-backend-name CLOUDINARY:fastlyshield--shield_cache_dca17776_DCA last-modified Wed, 24 Mar 2021 14:22:19 GMT server cloudinary x-timer S1617571797.400520,VS0,VE1 etag "593f27070c43058bbc67a34ea35bf029" x-served-by cache-wdc5538-WDC, cache-dca17776-DCA, cache-fra19130-FRA vary ImageFormat content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 1, 1
GET H2	200	1005345632__NmK8RESZ.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/ Frame 8EE1	1 KB 2 KB	25ms 23ms	Image image/jpeg	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/1005345632__NmK8RESZ.jpg Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash 6b1ab4c82e3c87a487725c2c2822edc2ee56f7189065e062ab4850e2a7ef3e1a Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 1 date Sun, 04 Apr 2021 21:29:57 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 3236707 edge-cache-tag 456925399359866088034905605077071228128,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 expiration expiry-date="Sat, 27 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache HIT, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/1005345632__NmK8RESZ.jpg content-length 1253 x-served-by cache-dca17729-DCA, cache-dca12921-DCA, cache-fra19130-FRA x-backend-name fastlyshield--shield_cache_dca12921_DCA last-modified Wed, 27 Jan 2021 17:15:42 GMT server cloudinary x-timer S1617571797.400477,VS0,VE1 etag "6061ecd8b6d4f864027e85c149e52bee" content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 1, 1, 1
GET H2	200	095db29276df005e6a62ff2359bba5e7.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8EE1	6 KB 6 KB	25ms 24ms	Image image/jpeg	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095db29276df005e6a62ff2359bba5e7.jpg Requested by Host: dfiles.eu URL: https://dfiles.eu/files/uie3ad9wi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash aadb8511bcec56d51bb14312a4c8c1c38512faa1a542238f80ebf1c40b5f13cb Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 1 date Sun, 04 Apr 2021 21:29:57 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 2917729 edge-cache-tag 455988511637011803145539331977134396297,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 expiration expiry-date="Sun, 21 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache MISS, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095db29276df005e6a62ff2359bba5e7.jpg content-length 5689 x-served-by cache-dca17778-DCA, cache-dca17722-DCA, cache-fra19130-FRA x-backend-name fastlyshield--shield_cache_dca17722_DCA last-modified Thu, 18 Feb 2021 09:27:08 GMT server cloudinary x-timer S1617571797.400466,VS0,VE1 etag "90c352af0f9d215dc1a7eb0796352e1f" content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 1, 1
GET H2	200	ga.js Show response cdn-adtrue.com/track/ Frame 1781	502 B 725 B	11ms 11ms	Script application/x-javascript	2606:4700:e2::ac40:860e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-adtrue.com/track/ga.js Requested by Host: track.adtrue.com URL: https://track.adtrue.com/track/request?pzoneid=19139&domain=dfiles.eu&ref=https%3A%2F%2Fdfiles.eu%2F&loc=https%3A%2F%2Fdfiles.eu%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:860e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff Request headers Referer https://track.adtrue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:57 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 210393 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 094063f1a700004dbe73362000000001 last-modified Fri, 02 Apr 2021 11:02:09 GMT server cloudflare etag W/"6066f9b1-1f6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rghxNd31wEzMXlThMI%2F%2BmazKx%2Fkh54fC5OOtSn%2FeF459A2cljXtYitm0ICpRmZau4xrVNvoyuZIt8VLhprTdwvl%2BGZpJZT0R8gCrgoeirZ4imqFruL7RiuHM7w%3D%3D"}],"max_age":604800} content-type application/x-javascript cache-control max-age=31104000 cf-ray 63ada295d9934dbe-FRA expires Mon, 28 Mar 2022 11:03:24 GMT
GET H2	200	125058ef790b32530cec26facd888612.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8EE1	1 KB 2 KB	24ms 23ms	Image image/webp	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/125058ef790b32530cec26facd888612.jpg Requested by Host: adpatrof.com URL: https://adpatrof.com/usync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39437&cb=0254171617571795925 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 870b5b49ca0f6ccc4ebc1fd105b5930415db2ae8b98913450c62ac6c51ad3ac3 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 1 date Sun, 04 Apr 2021 21:29:57 GMT via 1.1 varnish, 1.1 varnish age 288466 edge-cache-tag 558582940518588916159690723169360561113,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-ratelimit-remaining 100 x-cache HIT, MISS, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/125058ef790b32530cec26facd888612.jpg content-length 1146 x-request-id b6647a97e5a474449febb02a66521e38 x-backend-name CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801 last-modified Wed, 24 Mar 2021 21:03:45 GMT server nginx x-timer S1617571797.430678,VS0,VE1 etag "593f27070c43058bbc67a34ea35bf029" x-served-by cache-wdc5545-WDC, cache-dca17775-DCA, cache-fra19130-FRA vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 1, 0, 1
GET H2	200	1005345632__NmK8RESZ.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/ Frame 8EE1	1 KB 2 KB	22ms 21ms	Image image/jpeg	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/1005345632__NmK8RESZ.jpg Requested by Host: adpatrof.com URL: https://adpatrof.com/usync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39437&cb=0254171617571795925 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash 6b1ab4c82e3c87a487725c2c2822edc2ee56f7189065e062ab4850e2a7ef3e1a Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 0 date Sun, 04 Apr 2021 21:29:57 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 3236707 edge-cache-tag 456925399359866088034905605077071228128,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 expiration expiry-date="Sat, 27 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache HIT, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/EYM/1005345632__NmK8RESZ.jpg content-length 1253 x-served-by cache-dca17729-DCA, cache-dca12921-DCA, cache-fra19130-FRA x-backend-name fastlyshield--shield_cache_dca12921_DCA last-modified Wed, 27 Jan 2021 17:15:42 GMT server cloudinary x-timer S1617571797.430834,VS0,VE0 etag "6061ecd8b6d4f864027e85c149e52bee" content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 1, 1, 2
GET H2	200	095db29276df005e6a62ff2359bba5e7.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8EE1	6 KB 6 KB	22ms 22ms	Image image/jpeg	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095db29276df005e6a62ff2359bba5e7.jpg Requested by Host: adpatrof.com URL: https://adpatrof.com/usync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39437&cb=0254171617571795925 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash aadb8511bcec56d51bb14312a4c8c1c38512faa1a542238f80ebf1c40b5f13cb Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 0 date Sun, 04 Apr 2021 21:29:57 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 2917729 edge-cache-tag 455988511637011803145539331977134396297,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 expiration expiry-date="Sun, 21 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache MISS, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095db29276df005e6a62ff2359bba5e7.jpg content-length 5689 x-served-by cache-dca17778-DCA, cache-dca17722-DCA, cache-fra19130-FRA x-backend-name fastlyshield--shield_cache_dca17722_DCA last-modified Thu, 18 Feb 2021 09:27:08 GMT server cloudinary x-timer S1617571797.430905,VS0,VE0 etag "90c352af0f9d215dc1a7eb0796352e1f" content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 1, 2
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 1781	82 KB 32 KB	15ms 14ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST Requested by Host: cdn-adtrue.com URL: https://cdn-adtrue.com/track/ga.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 506611d8c12a0b6d65a87f03589db3ef20074d64bca67b5b02a51763b184357d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://track.adtrue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:57 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32654 x-xss-protection 0 last-modified Sun, 04 Apr 2021 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 04 Apr 2021 21:29:57 GMT
GET H3-Q050	200	js Show response www.googletagmanager.com/gtag/ Frame 1781	128 KB 50 KB	42ms 28ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f838ea58b74e14f1fb89249e9381be144e6d3efb4985beddee5b8b9e73f07ca0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://track.adtrue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:57 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50302 x-xss-protection 0 expires Sun, 04 Apr 2021 21:29:57 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 1781	48 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://track.adtrue.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 19 Mar 2021 19:22:18 GMT server Golfe2 age 4732 date Sun, 04 Apr 2021 20:11:05 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19463 expires Sun, 04 Apr 2021 22:11:05 GMT
GET H3-Q050	200	adview securepubads.g.doubleclick.net/pagead/ Frame F2F6	0 0	56ms 56ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C4NNO1C9qYO7uF82Q3gP23rz4Bbf_rZJigMHV4PMNsJAfEAEg1ubFWGCRhJOF_BegAdPIq_kDyAEC4AIAqAMBqgTfAU_Q7NOq0FqkvoNTkX1qkfYVgF-wRkCMvA0_-5jyqOprVQdhyy1TFUXmgC1qJRwrJT2gS6IEt5_I8nasajIUGwQhXs1w6hXPjdvFTzhq-1DKNzi6QxwgpM7NT6BphonnZ1tMzfqtAtQdVK1qyucP0z6IdLxPAeASX1gG3SCTsMZCUYmJi0HUCE4h2vQduZrz7nh4Zu0zMrZ-c9OAKA0dA1qYrmXfPk3SHSGp3wejAjCCHIEqpGPXB2vrIZFLm24C5G2aHhque7OzA4TbJEwMH6EqRynh_e3oeYU3OZsG6ArABOXx0Ke6A-AEAaAGAoAHlbfUBqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDX0w_SCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTM2ODY5MDY1MjU2NjE2ODSACgPICwHYEwOyFxoKGAgAEhRwdWItMjEyODc1NzE2NzgxMjY2Mw&sigh=R58ZGHJ7Pco&vt=1 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-Q050	200	activeview pagead2.googlesyndication.com/pcs/ Frame F2F6	42 B 71 B	41ms 40ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstr1muypy7zOrCi-RzGdsCi2lpqfGojFXKOfWTREY4WOerJZGPnmPuNoJ9IuWdeCngQiiV27tXepCgzFImvfeHeZLK8ivmvLOZ-F7PwHXkXgggt5unDEw8h3n5A1Q&sai=AMfl-YQyuuijknLackNuw_BunptEY89ZBTqVKggogVDNDwEjeJcswg4SI3yozCiPndGFbTsdOD7p6Inr9HjofN8nc2LYVcxYyaGDevSjgr_8QWxIo7Y2qAulTTW26oPBgVhr&sig=Cg0ArKJSzPL2F-9aJ0yNEAE&cid=CAASPeRoN2nxAxbor2JWaiBcweq_3dZIpo8jbMgZ_A3-WtJAwtfQ7m2q9gkgXB_7_GAOEAOxHSiVPZZWCwCBuvQ&id=ampim&o=306,145&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=150&tls=1151&g=100&h=100&tt=1151&r=v&avms=ampa&adk=1478207589 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	bulk Show response trc.taboola.com/dfiles728x90gr-r19604584/log/3/ Frame 8EE1	0 111 B	32ms 31ms	XHR image/gif	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/dfiles728x90gr-r19604584/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1 Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210403-1-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-vcl-time-ms 9 pragma no-cache date Sun, 04 Apr 2021 21:29:58 GMT via 1.1 varnish server nginx x-timer S1617571798.397699,VS0,VE9 x-served-by cache-hhn11531-HHN x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://adpatrof.com cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
POST H2	204	visible Show response trc.taboola.com/dfiles728x90gr-r19604584/log/3/ Frame 8EE1	0 56 B	34ms 34ms	XHR image/gif	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/dfiles728x90gr-r19604584/log/3/visible?route=AM%3AAM%3AV&lti=deflated Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210403-1-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-vcl-time-ms 9 pragma no-cache date Sun, 04 Apr 2021 21:29:58 GMT via 1.1 varnish server nginx x-timer S1617571798.399661,VS0,VE9 x-served-by cache-hhn11531-HHN x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://adpatrof.com cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
GET H2	200	f539211219b796ffbb49949997c764f0.png cdn.taboola.com/libtrc/static/thumbnails/ Frame 8EE1	254 B 754 B	22ms 21ms	Image image/png	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png Requested by Host: adpatrof.com URL: https://adpatrof.com/usync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39437&cb=0254171617571795925 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC via 1.1 varnish etag "dfa7b52c86e56bd67fa4002f6ed19854" age 5516 x-cache HIT x-amz-replication-status COMPLETED content-length 254 x-amz-id-2 Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4= x-served-by cache-fra19130-FRA last-modified Wed, 24 Jun 2015 07:14:11 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567 x-timer S1617571798.418285,VS0,VE0 date Sun, 04 Apr 2021 21:29:58 GMT x-amz-request-id F6D91014AAA6CDC4 cache-control private,max-age=31536000 accept-ranges bytes content-type image/png abp 94 x-cache-hits 3524
GET H2	200	rtb-h match.taboola.com/sg/mediaforcebidder-network/1/ Frame 113A Redirect Chain https://rtb.mfadsrvr.com/sync?ssp=taboola https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6e6631a7-800d-4806-8029-f456b01be9ac https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6e6631a7-800d-4806-8029-f456b01be9ac&tbid=75ab7515-419e-443d-9a57-b830b8ac0b1f-tuct763b557&query=taboola_hm%3D6e6631a7-800d-...	0 90 B	35ms 32ms	Image text/plain	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6e6631a7-800d-4806-8029-f456b01be9ac&tbid=75ab7515-419e-443d-9a57-b830b8ac0b1f-tuct763b557&query=taboola_hm%3D6e6631a7-800d-4806-8029-f456b01be9ac&isDirect=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:59 GMT via 1.1 varnish server nginx x-timer S1617571800.525325,VS0,VE9 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-fra19130-FRA Redirect headers location https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6e6631a7-800d-4806-8029-f456b01be9ac&tbid=75ab7515-419e-443d-9a57-b830b8ac0b1f-tuct763b557&query=taboola_hm%3D6e6631a7-800d-4806-8029-f456b01be9ac&isDirect=0 tbl-x-upstream 10.41.34.222:10213 date Sun, 04 Apr 2021 21:29:59 GMT server nginx x-fastly-to-nlb-rtt 1991
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/ Frame 113A	0 239 B	93ms 22ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=16698 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 66ef90d06496cfd000aab8206f2b6221 Content-Type image/gif
GET H2	204	/ sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 113A Redirect Chain https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=VoBJXyroXnfC&ev=1&orig=trc&pid=562107	0 217 B	15ms 15ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=VoBJXyroXnfC&ev=1&orig=trc&pid=562107 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers tbl-x-upstream 10.40.0.175:10213 date Sun, 04 Apr 2021 21:29:59 GMT server nginx x-fastly-to-nlb-rtt 1989 Redirect headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" content-language en-US location https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=VoBJXyroXnfC&ev=1&orig=trc&pid=562107 cache-control private, max-age=0, no-cache, no-store cw-server bh-deployment-7c488d4f5b-hlpqn expires -1
GET H/1.1	200 OK	getuidnb ib.adnxs.com/ Frame 113A	43 B 692 B	25ms 21ms	Image image/gif	37.252.172.45 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:29:59 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.54:80 AN-X-Request-Uuid 5c21527f-7e2a-4db0-983a-d44e7c3b21c6 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ trc.taboola.com/sg/google-network/1/rtb-h/ Frame 113A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKTbOatSTSL3x1lYdfp7SDI&google_cver=1	0 205 B	30ms 30ms	Image text/plain	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKTbOatSTSL3x1lYdfp7SDI&google_cver=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 8 date Sun, 04 Apr 2021 21:29:59 GMT via 1.1 varnish server nginx x-timer S1617571799.465488,VS0,VE8 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-hhn11531-HHN Redirect headers pragma no-cache date Sun, 04 Apr 2021 21:29:59 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKTbOatSTSL3x1lYdfp7SDI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 304 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Pug simage2.pubmatic.com/AdServer/ Frame 113A	42 B 805 B	93ms 22ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555:$UID Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:59 GMT X-lat lhrpug015:0:858 Server nginx P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif; charset=utf-8 Content-Length 42
GET H2	200	pixel cm.g.doubleclick.net/ Frame 113A Redirect Chain https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=75ab7515-419e-443d-9a57-b830b8ac0b1f-tuct763b557	170 B 243 B	30ms 30ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=75ab7515-419e-443d-9a57-b830b8ac0b1f-tuct763b557 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:59 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=75ab7515-419e-443d-9a57-b830b8ac0b1f-tuct763b557 tbl-x-upstream 10.40.0.175:10213 date Sun, 04 Apr 2021 21:29:59 GMT server nginx x-fastly-to-nlb-rtt 1992
GET H2	200	/ trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 113A Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=36174443-1bf9-49f7-99f8-b932ac6682ab	0 55 B	30ms 30ms	Image text/plain	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=36174443-1bf9-49f7-99f8-b932ac6682ab Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 9 date Sun, 04 Apr 2021 21:29:59 GMT via 1.1 varnish server nginx x-timer S1617571800.515778,VS0,VE9 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-hhn11531-HHN Redirect headers pragma no-cache date Sun, 04 Apr 2021 21:29:59 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=36174443-1bf9-49f7-99f8-b932ac6682ab cache-control private,no-cache, must-revalidate content-type text/html content-length 239
GET H/1.1	204 No Content	merge ce.lijit.com/ Frame 113A Redirect Chain https://ce.lijit.com/merge?pid=42&3pid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&us_privacy=&gdpr=0&gdpr_consent= https://ce.lijit.com/merge?pid=42&3pid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&us_privacy=&gdpr=0&gdpr_consent=&dnr=1	0 433 B	17ms 17ms	Image text/plain	72.251.249.14 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=42&3pid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&us_privacy=&gdpr=0&gdpr_consent=&dnr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software nginx / raptor Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:29:59 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap1ams1 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 04 Apr 2021 21:29:59 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Location https://ce.lijit.com/merge?pid=42&3pid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&us_privacy=&gdpr=0&gdpr_consent=&dnr=1 Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap1ams1 Content-Length 0 Expires Fri, 20 Mar 2009 00:00:00 GMT
GET H2	200	rtset bh.contextweb.com/bh/ Frame 113A	49 B 406 B	297ms 97ms	Image image/gif	198.148.27.140 PULSEPOINT
General Check archive.org Show headers Download Go to Show image Full URL https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software Jetty(9.4.14.v20181114) / Resource Hash d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) content-language en-US p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" cache-control private, max-age=0, no-cache, no-store content-type image/gif;charset=iso-8859-1 cw-server bh-deployment-7c488d4f5b-vrh5b expires -1
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame 113A	43 B 697 B	134ms 83ms	Image image/gif	185.86.138.144 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:58 GMT cache-control no-cache,no-store content-type image/gif transfer-encoding chunked p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H/1.1	200 OK	sync dsp.adkernel.com/ Frame 113A	42 B 233 B	291ms 96ms	Image image/gif	174.137.133.49 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Show image Full URL https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:29:59 GMT Server nginx Age 0 Content-Type image/gif Cache-Control no-store Connection keep-alive Content-Length 42
GET H2	204	put e1.emxdgt.com/ Frame 113A	0 59 B	128ms 36ms	Image text/html	18.195.155.181 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://e1.emxdgt.com/put?d=d41&uid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Apr 2021 21:29:59 GMT content-length 0 content-type text/html
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 113A Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f9d772d6-5895-4a00-85ba-a8874402c59a	0 226 B	17ms 15ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f9d772d6-5895-4a00-85ba-a8874402c59a Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers tbl-x-upstream 10.40.0.175:10213 date Sun, 04 Apr 2021 21:29:59 GMT server nginx x-fastly-to-nlb-rtt 1992 Redirect headers pragma no-cache x-errorlevel 0 server Microsoft-IIS/10.0 date Sun, 04 Apr 2021 21:29:59 GMT p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=f9d772d6-5895-4a00-85ba-a8874402c59a cache-control no-cache server-processing-duration-in-ticks 3108 content-type text/html; charset=utf-8 content-length 222 expires Sun, 04 Apr 2021 00:00:00 GMT
GET		check pixel.tapad.com/idsync/ex/push/ Frame 113A Redirect Chain https://id5-sync.com/s/464/9.gif?puid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D... https://id5-sync.com/c/464/464/7/1.gif?puid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&gdpr=1&gdpr_consent= https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOILLmwh9vhbF4F9gcumXnztjMejCCymq0NgiDgA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D... https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOILLmwh9vhbF4F9gcumXnztjMejCCymq0NgiDgA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp... https://id5-sync.com/cq/464/124/6/2.gif?puid=201deec2-f4f8-41b0-8a4c-75e44c8ddc4d&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi... https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103... https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGqUogOG1VKoEAiBPmwJrzQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv... https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEGqUogOG1VKoEAiBPmwJr... https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=451859191129143089&opid=apx&ops=&utidl=tech:goo:CAESEGqUogOG1VKoEAiBPmwJrzQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aW... https://id5-sync.com/qp/18.gif?puid=vec%3A16707669626&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://id5-sync.com/c/464/19/4/4.gif?puid=fa04af9608c27b20c382abbf91a99e4a&gdpr=1&gdpr_consent= https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/464/101/3/5.gif?puid=69f1587b-b390-4795-8652-4fd0569d74b4&gdpr=1&gdpr_consent= https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...	0 0
GET H2	204	rtb-h sync.taboola.com/sg/appierrtb-network/1/ Frame 113A Redirect Chain https://s.c.appier.net/taboola https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Br-awSMfDmewXqPY1y9qYA	0 217 B	18ms 18ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Br-awSMfDmewXqPY1y9qYA Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers tbl-x-upstream 10.40.0.195:10213 date Sun, 04 Apr 2021 21:30:00 GMT server nginx x-fastly-to-nlb-rtt 1993 Redirect headers location https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Br-awSMfDmewXqPY1y9qYA date Sun, 04 Apr 2021 21:29:59 GMT cache-control no-store server nginx content-type text/html; charset=utf-8 content-length 110 p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
GET H/1.1	200 OK	cookiesync bttrack.com/pixel/ Frame 113A	35 B 380 B	393ms 99ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-ServerName Track002-dc3 Pragma no-cache Date Sun, 04 Apr 2021 21:29:21 GMT X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 P3P CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" Cache-Control private,no-cache Content-Type image/gif Content-Length 35 Expires -1
GET H/1.1	204 No Content	/ cds.taboola.com/ Frame 113A	0 155 B	265ms 87ms	Image text/plain	141.226.224.32 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cds.taboola.com/?uid=251bbe3f-425c-4c3b-9408-a29094b93b97-tuct763b555&_r=272463 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 04 Apr 2021 21:29:59 GMT Cache-Control no-store Server nginx Connection close
GET H2	200	rtb-h sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 113A Redirect Chain https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola https://x.bidswitch.net/sync?dsp_id=119&user_id=2159827869997527847&expires=30&ssp=taboola https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a82d666d-1e64-492b-b8c7-117c0fe33107	0 226 B	15ms 15ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a82d666d-1e64-492b-b8c7-117c0fe33107 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers tbl-x-upstream 10.40.0.175:10213 date Sun, 04 Apr 2021 21:29:59 GMT server nginx x-fastly-to-nlb-rtt 1990 Redirect headers location //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a82d666d-1e64-492b-b8c7-117c0fe33107 date Sun, 04 Apr 2021 21:29:59 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	204 No Content	ImgSync image8.pubmatic.com/AdServer/ Frame F5B4 Redirect Chain https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTAyREZBMEMtNzMwRS00N0YzLUE2MTUtRTBDOTQwMzM3NjRC&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=	0 507 B	15ms 14ms	Image text/plain	185.64.189.216 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 04 Apr 2021 21:29:57 GMT P3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Sun, 04 Apr 2021 21:29:59 GMT X-lat lhrpug019:0:383 Server nginx Transfer-Encoding chunked P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Location https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= Cache-Control no-store, no-cache, private Connection keep-alive
GET H2	200	sd us-u.openx.net/w/1.0/ Frame F5B4 Redirect Chain https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOqM2LhatQOXkir4TKs418U&google_cver=1	43 B 114 B	22ms 21ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOqM2LhatQOXkir4TKs418U&google_cver=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.205.50 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 04 Apr 2021 21:29:59 GMT via 1.1 google server OXGW/16.205.50 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Sun, 04 Apr 2021 21:29:59 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOqM2LhatQOXkir4TKs418U&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame C959	52 KB 17 KB	78ms 32ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://adpatrof.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://adpatrof.com/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.13.10 Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Sun, 04 Apr 2021 05:51:42 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Sun, 04 Apr 2021 21:30:00 GMT Age 56298 X-Served-By cache-lga21943-LGA, cache-fra19172-FRA X-Cache HIT, HIT X-Cache-Hits 1, 419027 X-Timer S1617571800.005996,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	bounce Show response ib.adnxs.com/ Frame C959 Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 819 B	41ms 21ms	Script text/html	37.252.172.45 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:30:00 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.156:80 AN-X-Request-Uuid f2f7c417-c865-45ae-a5a1-3e26b3051f95 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Sun, 04 Apr 2021 21:30:00 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.102:80 AN-X-Request-Uuid bab62647-b4ea-43a5-8433-52b86f424135 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame C959	0 747 B	22ms 21ms	Script text/html	37.252.172.45 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 04 Apr 2021 21:30:01 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.144:80 AN-X-Request-Uuid 2b6d2e4a-4817-4e43-b250-6bf29adca183 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pixel.tapad.com

URL

https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=