up-load.io Open in urlscan Pro
2606:4700:3031::ac43:8a52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://up-load.io/ivahv4i9bnny
Effective URL:
https://up-load.io/download.html12
Submission Tags: falconsandbox
Submission: On May 01 via api (May 1st 2021, 5:13:02 am UTC) from US

Summary HTTP 112 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 112 HTTP transactions. The main IP is 2606:4700:3031::ac43:8a52, located in United States and belongs to CLOUDFLARENET, US. The main domain is up-load.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2020. Valid for: a year.

This is the only time up-load.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2606:4700:303... 2606:4700:3031::ac43:8a52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
9	139.45.196.143 139.45.196.143	9002 (RETN-AS) (RETN-AS)
8	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	37.48.65.182 37.48.65.182	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
24	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80d::2003	15169 (GOOGLE) (GOOGLE)
112	19

21 2606:4700:3031::ac43:8a52 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

up-load.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.196.143 (United Kingdom)

ASN9002 (RETN-AS, GB)

coaphauk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.65.182 (Vinkeveen, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

extreme-ip-lookup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.betgorebysson.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80d::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	381 KB
21	up-load.io 1 redirects up-load.io	160 KB
15	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	119 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	199 KB
9	coaphauk.net coaphauk.net	47 KB
5	googletagservices.com www.googletagservices.com	168 KB
3	google.com 2 redirects adservice.google.com www.google.com	667 B
3	google-analytics.com www.google-analytics.com	19 KB
3	googleapis.com fonts.googleapis.com	2 KB
1	betgorebysson.club cdn.betgorebysson.club	989 B
1	extreme-ip-lookup.com extreme-ip-lookup.com	631 B
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	639 B
1	fontawesome.com use.fontawesome.com	455 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
112	15

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	up-load.io	1 redirects up-load.io
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	up-load.io pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	coaphauk.net	up-load.io coaphauk.net
8	fonts.gstatic.com	up-load.io fonts.googleapis.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com up-load.io
3	fonts.googleapis.com	up-load.io googleads.g.doubleclick.net
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	2 redirects
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	cdn.betgorebysson.club	coaphauk.net
1	extreme-ip-lookup.com	up-load.io
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	use.fontawesome.com	up-load.io
1	www.googletagmanager.com	up-load.io
112	20

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-07` - `2021-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
coaphauk.net R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
t1.extreme-dm.com R3	`2021-04-01` - `2021-06-30`	3 months	crt.sh
betgorebysson.club R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://up-load.io/download.html12
Frame ID: 8AF84EA66F54C5EBF77F820CC41ABC48
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: B6CCF66D51DB1E8D475F33B67187E5CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&adk=1812271804&adf=3025194257&lmt=1619845959&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959528&bpp=14&bdt=171&idt=102&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8215906732395&frm=20&pv=2&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=124
Frame ID: B1EFC5550A28F63DBCDC6979D9AA1EB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=347471439&adf=3020350034&pi=t.ma~as.5887324455&w=1170&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959542&bpp=9&bdt=186&idt=117&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QWSNtM2mGa&p=https%3A//up-load.io&dtd=136
Frame ID: 918256302DE287C589F808567F6AA122
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141
Frame ID: 040549CA21D1CAE5373A299119A9C30A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155
Frame ID: 66AF400E7BDF24D58D2BA287D0BDE420
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2588602223&adf=2915893547&pi=t.ma~as.2274887932&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=196&idt=161&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280%2C1110x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qaJgw3Or7z&p=https%3A//up-load.io&dtd=165
Frame ID: B519F2FC52C7C517422F5648BC48F998
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6B3170F0C95836F798D78F878DBF3D71
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Frame ID: 301CB3D552037394BB2023CBD2F35C3C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Frame ID: 5B10CEB02345AA754D8B3FAE51A8A644
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DEFDFE2402BB9033CCF8A652756F2A66
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Frame ID: BA25F2A9151DC311AA4F1A5B2FBB0244
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Frame ID: 96EFC24BADC164C5BDC3B89EC9A3CFA7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FE92B7A66FB534AABA0B8DE9509BE99A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://up-load.io/ivahv4i9bnny HTTP 302
https://up-load.io/download.html12 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

112
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

20
Subdomains

19
IPs

5
Countries

1589 kB
Transfer

3888 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://up-load.io/ivahv4i9bnny HTTP 302
https://up-load.io/download.html12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 103

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

112 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3-29

200

Primary Request download.html12 Show response
up-load.io/
Redirect Chain

https://up-load.io/ivahv4i9bnny
https://up-load.io/download.html12

80 KB
23 KB

201ms
190ms

Document
text/html

2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66eb3c1537c64ab67613e37489611a5e0cfad383dcb63385b724b838943d8112

Request headers

:method: GET
:authority: up-load.io
:scheme: https
:path: /download.html12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 30 Apr 2021 05:12:39 GMT
set-cookie: aff=34101; domain=.up-load.io; path=/; expires=Sat, 15-May-2021 05:12:39 GMT
cf-cache-status: DYNAMIC
cf-request-id: 09c7f0e5fd00002bf22f1b2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AllPUne1tIisRKBbZH1PNhPLSjLSs3Yu85LTOQp1In7MMjvHPZoi9q0EH4FST0wQAqmi4MhZBXp5%2BhRnGf%2Fo0CZKJ2OkrJjhloZIvTIw21Tzj8vN7D0K"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6486841cccac2bf2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 01 May 2021 05:12:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; expires=Mon, 31-May-21 05:12:38 GMT; path=/; domain=.up-load.io; HttpOnly; SameSite=Lax lang=english; domain=.up-load.io; path=/ file_code=ivahv4i9bnny; domain=.up-load.io; path=/; expires=Sat, 01-May-2021 06:12:39 GMT
location: https://up-load.io/download.html12
cf-cache-status: DYNAMIC
cf-request-id: 09c7f0e54800004e14c6bd8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i6D8mffzQg014b5Ngu%2FTAN%2BQ1S7c%2BEBSoc%2FedgRUiN9EFngDTBMAPyxkml%2Fi9z93K9rTT6pFZ1O5vIo32KUsCo6o%2Bu6e9Jzq%2B71timqUohOOJ0DxPpc6"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6486841bad8a4e14-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 18ms
15ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-138250031-1

Requested by

Host: up-load.io
URL: https://up-load.io/download.html12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

373af099c37e3f777dbc021dab543f9d2100955ad929871a60a49d292f825d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35850
x-xss-protection: 0
last-modified: Sat, 01 May 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 May 2021 05:12:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 49ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: up-load.io
URL: https://up-load.io/download.html12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47851
x-xss-protection: 0
server: cafe
etag: 9950050495859225628
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 May 2021 05:12:39 GMT

GET
H3-29 200 jquery-1.9.1.min.js Show response
up-load.io/ds1/js/ 90 KB
31 KB 22ms
21ms Script
application/javascript 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/js/jquery-1.9.1.min.js
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

:path: /ds1/js/jquery-1.9.1.min.js
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1099022
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e6c100002bf24935e000000001
last-modified: Sat, 09 Feb 2019 02:09:01 GMT
server: cloudflare
etag: W/"5c5e363d-169d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fGPH4TKqFTcSzOhsbpgZEU92DDukfSjfozQasyEdD7JSkLUlQskwV6BNVMTCYTK2enqYxQ0FxtqKhUXc7GyNavBeVArgml7qjxFe8venfE5RoV%2Fb3gK1"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6486841e0e5e2bf2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 bootstrap.min.css
up-load.io/ds1/css/ 118 KB
18 KB 17ms
15ms Stylesheet
text/css 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/css/bootstrap.min.css?v=12
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58d05cacbd0f4ed57e98252a000f3e4b5648cabd396aebdad1ac4d60048ce4d3

Request headers

:path: /ds1/css/bootstrap.min.css?v=12
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1378
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e6c200002bf216202000000001
last-modified: Fri, 15 Feb 2019 13:57:34 GMT
server: cloudflare
etag: W/"80005-1d970-581ef282a267b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7x1OekYeeBqPCZQqA%2FI2X7A4SNMhuuEKqjoKowRZSi6OLkg19FtBKQq6NMTGHh7xdB18JJpL7V1BAMcRj5dIREvwdUvlAuuUJ4XbAFMC45BBBFsUDDl%2B"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6486841e0e612bf2-FRA

GET
H3-29 200 ie10-viewport-bug-workaround.css
up-load.io/ds1/css/ 433 B
784 B 15ms
13ms Stylesheet
text/css 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/css/ie10-viewport-bug-workaround.css
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17ec74c69eb8c08a5c82d7126fa307525806b2b9f06cda918c5f750428c40d40

Request headers

:path: /ds1/css/ie10-viewport-bug-workaround.css
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1378
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e6c300002bf29039f000000001
last-modified: Sat, 09 Feb 2019 02:08:54 GMT
server: cloudflare
etag: W/"80009-1b1-5816c8ebe031b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a4k3kfAS3Xh%2FWbJ4CYKRtAk6NF0dcaqwN%2FpIkWmqu7baYK0fLmQoUBeZnDEYCx13zY6VxqQEfLI57urM1t3pjB8mxKKTXWASHKEDeuqOhBC%2FBxR1GTRG"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6486841e0e622bf2-FRA

GET
H3-29 200 theme.css
up-load.io/ds1/css/ 47 KB
9 KB 21ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/css/theme.css
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8655093f5bdfeac39902407102aceb756fe68adbdb159c92664b9ad9b7d90fd

Request headers

:path: /ds1/css/theme.css
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1378
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e6c300002bf23d80e000000001
last-modified: Sun, 31 May 2020 16:04:05 GMT
server: cloudflare
etag: W/"8000c-bbbe-5a6f3d3dd790c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B3atuENzFOLEami9eQ%2FT4v7P%2FEGndLpbjTr5Vuq5J39q8eL58hqYgBYT1yBMbVBRMzjaa9fZpRCcNaZBTD4H0lYAs%2BmV852FMlwsTfSNdZ4HLgK69S22"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6486841e0e642bf2-FRA

GET
H3-29 200 ug.css
up-load.io/ds1/css/ 27 KB
4 KB 26ms
24ms Stylesheet
text/css 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/css/ug.css
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 240137a07f7906bc0a120b538caaa26f888a08e4ede9007082356afbfa6209e3

Request headers

:path: /ds1/css/ug.css
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1378
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e6c700002bf23d80f000000001
last-modified: Sat, 18 May 2019 16:13:27 GMT
server: cloudflare
etag: W/"80415-6a79-5892bc780e5db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k4F3qF4iKWJ2clLeB6pPbL30jkbJgkC74xTKHqmeUDNPDvkWsqzly0sADTjbEGKuY8IKjLc08PsKM%2FKkqYTqlFoaHy%2Fq9%2F7qHoDbt3IwIDBDTTebvUzu"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6486841e0e652bf2-FRA

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.6.3/js/ 1 MB
455 KB 198ms
85ms Script
application/javascript 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/js/all.js
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e

Request headers

Origin: https://up-load.io
Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: gzip
last-modified: Thu, 20 Dec 2018 17:45:16 GMT
server: NetDNA-cache/2.2
etag: W/"7b6ab1d5b8de4d3b0e2d8084ad292818"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H3-29 200 hsn_style.min.css
up-load.io/ds1/css/ 18 KB
4 KB 15ms
13ms Stylesheet
text/css 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/css/hsn_style.min.css
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac701443fe8d0e7b7e253b6b3c8684c47cc8811e86dbb39eb1b670e046e5c6ab

Request headers

:path: /ds1/css/hsn_style.min.css
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1378
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e6c300002bf279a49000000001
last-modified: Thu, 17 Dec 2020 20:51:04 GMT
server: cloudflare
etag: W/"80008-4974-5b6af2676208d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0sXFeQ0YW5h5KcXDPxOVs9GwUPwGlaS4FWP3TsDeM3NSOGx3lSkaVGyukziGExFZQpC5KrC1lw%2BcdfItOI4zgcns6BNkSQ5p7sa2gYdF5YvhVUZRA%2FRF"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6486841e0e672bf2-FRA

GET
H3-29 200 jquery.paging.js Show response
up-load.io/ds1/js/ 19 KB
4 KB 26ms
24ms Script
text/javascript 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/js/jquery.paging.js
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6

Request headers

:path: /ds1/js/jquery.paging.js
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6795
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e6c300002bf236044000000001
last-modified: Sat, 09 Feb 2019 02:09:07 GMT
server: cloudflare
etag: W/"80020-4ba5-5816c8f8594f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OxB3qR5wMFC9HdpGLwLhHX9vozVSv3SHjAosCaxUxhpEYkC9xwt1meM7bnq%2F%2F%2FphuxtpVPtGa%2FFiggpiOER4WPFihxpY9GO0GlCmwHask8D%2FJPtfdDux"}],"max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 6486841e0e682bf2-FRA

GET
H3-29 200 jquery.cookie.js Show response
up-load.io/ds1/js/ 2 KB
1 KB 13ms
11ms Script
text/javascript 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/js/jquery.cookie.js
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a

Request headers

:path: /ds1/js/jquery.cookie.js
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6795
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e6c300002bf2703ff000000001
last-modified: Tue, 03 Nov 2020 16:52:57 GMT
server: cloudflare
etag: W/"8001d-709-5b336b1dba100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u38Wo%2Fu%2B8C%2FPTcsz5OvLZXZ6EELEEWbcfwGLkHJMuHQ3jPRZntOJMIAwvBzPChh2lzE5xZHCKjLwvbi9%2F9Vwug3%2F%2B6WQ%2F9kX0Qeqvh6EGNraB6BUIxXV"}],"max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 6486841e0e692bf2-FRA

GET
H3-29 200 paging.js Show response
up-load.io/ds1/js/ 2 KB
1 KB 26ms
24ms Script
text/javascript 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/js/paging.js
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3c741cc2a0975148b5daf3086fdcf62f5b59debe152ca1b73145c55dd011a7

Request headers

:path: /ds1/js/paging.js
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6795
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e6c400002bf218a67000000001
last-modified: Sat, 09 Feb 2019 02:09:09 GMT
server: cloudflare
etag: W/"80026-72c-5816c8f9ca34b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x%2BCrAoXBJ3jo5q97QSCV35f9yYxFvE75hGUGcmgkUD5zAdCl4bef%2F5d%2BzF0zwuUf7cZE54aZJQdbWNjyLGrtkcyJit5p2sdF9cabZEP6Cj1vLxwH4Had"}],"max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 6486841e0e6a2bf2-FRA

GET
H2 200 css
fonts.googleapis.com/ 13 KB
926 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900

Requested by

Host: up-load.io
URL: https://up-load.io/download.html12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

102d69b8233684dd9b9bc94145fc332453aaa8f4fcf6221b1824ecdd042a693b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 04:19:25 GMT
server: ESF
date: Sat, 01 May 2021 05:12:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 05:12:39 GMT

GET
H/1.1 200
OK ntfc.php Show response
coaphauk.net/ 14 KB
6 KB 180ms
57ms Script
application/javascript 139.45.196.143
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coaphauk.net/ntfc.php?p=3785589
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.143 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 031f00b22a8c37dc6f3a8ea8e33f3d958a579bb1fcddc00c9409a24d1e07c259

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 05:12:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:58 GMT
Server: nginx
ETag: W/"6086a8aa-380b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3-29 200 logo.png
up-load.io/ds1/img/ 4 KB
4 KB 14ms
13ms Image
image/png 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://up-load.io/ds1/img/logo.png
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c1f2bef7733aa8715bef84ecc9c61bf2f864d4b0b754fc5ee7c671db639b38

Request headers

:path: /ds1/img/logo.png
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 928348
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3936
cf-request-id: 09c7f0e72200002bf2a786b000000001
last-modified: Thu, 28 Mar 2019 13:28:34 GMT
server: cloudflare
etag: "5c9ccc02-f60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L2AVCMOuturK6dGdqvQTlahAssSJHLajHnCttf9rv7neHLc09g23NgqL%2BB1VJFR57xxmivVq1MvuBv43fMq1PtoF2HEqx8qKdMlkKQYsVJbMa9tr22%2FZ"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6486841e9f242bf2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 email-decode.min.js Show response
up-load.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://up-load.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: up-load.io
URL: https://up-load.io/download.html12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 09c7f0e6f100002bf279a4b000000001
last-modified: Fri, 30 Apr 2021 09:06:15 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"608bc887-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FMQdJLV11ykkxe7dbDdXD6%2B7Umkl1WcczYi5eDha0nvMQ85ZhXvd84yGgYWRe%2BYQvreycqoJWTMGhBm1I4LnjGhB%2F1MkbIlX%2FEUkheAzEp1D2UXSxPTO"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 6486841e4ec02bf2-FRA
expires: Mon, 03 May 2021 05:12:39 GMT

GET
H3-29 200 bootstrap.min.js Show response
up-load.io/ds1/js/ 36 KB
10 KB 14ms
13ms Script
text/javascript 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/js/bootstrap.min.js
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

:path: /ds1/js/bootstrap.min.js
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 380
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e72100002bf2afa7d000000001
last-modified: Sat, 09 Feb 2019 02:08:59 GMT
server: cloudflare
etag: W/"80015-90b5-5816c8f03ce4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EBV10A8U1Au9Q3qYoQfY%2FEkXTRXmIddRjZ2tclecabzQCceuOT%2FHl9Iyx%2FwjC2EyGWzy0mjaGDWTZjcbfosKmVq6MI2LS%2FpfdxmJ0wOXQslmzMTZqDQ3"}],"max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 6486841e9f202bf2-FRA

GET
H3-29 200 clipboard.min.js Show response
up-load.io/ds1/js/ 10 KB
4 KB 18ms
17ms Script
application/javascript 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/js/clipboard.min.js
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2

Request headers

:path: /ds1/js/clipboard.min.js
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 806923
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e72500002bf23d817000000001
last-modified: Sat, 09 Feb 2019 02:08:59 GMT
server: cloudflare
etag: W/"5c5e363b-29a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pqwLY%2BEAgxQQvcySITFR0nilmrlvRAR1lLYTao3Xjd49mToHBhA2VhAFofH0GIimPwsLHabTJw05wXpNPleXci6bS5tcn7ZUBxGhysBY%2BBB5ZL5Jwv8z"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6486841e9f212bf2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 feather.min.js Show response
up-load.io/ds1/js/ 64 KB
16 KB 17ms
15ms Script
application/javascript 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/js/feather.min.js
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34eff09d3a94fa86b4f3e5af9cf391515e8e2caa3ebb6d7fe6ed13e5778ff8e0

Request headers

:path: /ds1/js/feather.min.js
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 928348
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e72100002bf236049000000001
last-modified: Sat, 09 Feb 2019 02:09:01 GMT
server: cloudflare
etag: W/"5c5e363d-ff31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=24M9P3ntZLjIvAgtgB%2BOSIAsMJFMJsrWQ71RJulUbvm3QH04QhftnWZzSRaG7RfHC2eZfIgZrEcTkNZdmnWBZbS4a21KHingoED6suylhHcZqDwMITFL"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6486841e9f222bf2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 main.js Show response
up-load.io/ds1/js/ 820 B
854 B 17ms
16ms Script
text/javascript 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/ds1/js/main.js?v=3
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d970b5c6138015be569be57ee8233f16aa8d06b634ab4469243d9e518ae7b973

Request headers

:path: /ds1/js/main.js?v=3
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 380
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e72100002bf274a0b000000001
last-modified: Sat, 09 Feb 2019 02:09:08 GMT
server: cloudflare
etag: W/"80022-334-5816c8f8ab95b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0P4xwBPuFP5Kqy24K%2BpDniWcIdizwcUFc9XYl%2FwwVpeewTJdnClHSFLCqCoE%2BRAaQfdlaGPF37tx7Fc8m76Hw%2Faf7NELtor4Jt%2BRNyamTyT9z2azYW9e"}],"max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 6486841e9f232bf2-FRA

GET
H3-29 200 flags.png
up-load.io/ds1/img/ 15 KB
15 KB 12ms
11ms Image
image/png 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://up-load.io/ds1/img/flags.png
Requested by: Host: up-load.io
URL: https://up-load.io/ds1/css/hsn_style.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9

Request headers

:path: /ds1/img/flags.png
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: up-load.io
referer: https://up-load.io/ds1/css/hsn_style.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/ds1/css/hsn_style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15180
cf-request-id: 09c7f0e72200002bf268840000000001
last-modified: Sat, 09 Feb 2019 02:12:40 GMT
server: cloudflare
etag: "8000e-3b4c-5816c9c2d82d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RKz%2BsDqUAaObPWzYHA7hJ5Sk9RRMyoS0umEMac5uzAAHVNGn0pWUFJcDgifmS53EFWrKz2APlyn4suem3O2QnkIwPm%2BU6vPPFAiuZPBn1Peml0dq5evS"}],"max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6486841e9f252bf2-FRA

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v12/ 44 KB
23 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf

Requested by

Host: up-load.io
URL: https://up-load.io/ds1/css/hsn_style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72aed54637c02a7a9f04fdd621299791428a886a5b66d5a7b7af7c0731202903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://up-load.io
Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183841
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23652
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:45 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 02:08:38 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v12/ 44 KB
23 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf

Requested by

Host: up-load.io
URL: https://up-load.io/ds1/css/hsn_style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b128faf2db3afc5cda64e3a00f54dd96e2ebf5b7155c77086cbaec430d08bf2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://up-load.io
Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 06:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514855
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23587
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:12 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Apr 2022 06:11:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138250031-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5524
date: Sat, 01 May 2021 03:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 01 May 2021 05:40:35 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v12/ 45 KB
23 KB 15ms
14ms Font
font/ttf 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf

Requested by

Host: up-load.io
URL: https://up-load.io/ds1/css/hsn_style.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7efbd86cc7b38ff4073967d7ec290934fc421eb2ed25ed3ec1592d79826e610c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://up-load.io
Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57336
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23885
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:06 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 13:17:03 GMT

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
fonts.gstatic.com/s/montserrat/v12/ 44 KB
23 KB 19ms
18ms Font
font/ttf 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf

Requested by

Host: up-load.io
URL: https://up-load.io/ds1/css/hsn_style.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66dc995d8af6f17d9e3931e5de51ef935684a6cbf609a2284d723292676802c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://up-load.io
Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 21:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288618
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23546
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 21:02:21 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 223 KB
82 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8284139241797023&plah=up-load.io&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84347
x-xss-protection: 0
server: cafe
etag: 8033165652557143678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 May 2021 05:12:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame B6CC 10 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210428/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://up-load.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://up-load.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 01 May 2021 01:17:06 GMT
expires: Sat, 15 May 2021 01:17:06 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 14133
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=916636070&t=pageview&_s=1&dl=https%3A%2F%2Fup-load.io%2Fdownload.html12&ul=en-us&de=UTF-8&dt=Download%20GANDALF%20rar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=92957169&gjid=1261623280&cid=720186387.1619845960&tid=UA-138250031-1&_gid=1333354084.1619845960&_r=1&gtm=2ou4l3&z=1893791108

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 May 2021 05:12:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://up-load.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=916636070&t=pageview&_s=2&dl=https%3A%2F%2Fup-load.io%2Fdownload.html12&ul=en-us&de=UTF-8&dt=Download%20GANDALF%20rar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=720186387.1619845960&tid=UA-138250031-1&_gid=1333354084.1619845960&gtm=2ou4l3&z=626732873

Requested by

Host: up-load.io
URL: https://up-load.io/download.html12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 10:14:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68263
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
639 B 203ms
69ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=up-load.io&callback=_gfp_s_&client=ca-pub-8284139241797023

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8284139241797023&plah=up-load.io&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

121b3e92013b5adc53acd30db871a40646413f159f2fec6e74bac2abb9f78a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 51ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=up-load.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 45ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=up-load.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&tn=DIV&id=gdpr-cookie-notice&ign=false

Requested by

Host: up-load.io
URL: https://up-load.io/download.html12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 05:12:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&tn=NAV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false

Requested by

Host: up-load.io
URL: https://up-load.io/download.html12

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 05:12:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B1EF 10 KB
874 B 70ms
50ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&adk=1812271804&adf=3025194257&lmt=1619845959&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959528&bpp=14&bdt=171&idt=102&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8215906732395&frm=20&pv=2&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=124

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

577f932099c76665bd8ab79c16da5b83517c1568f3cf94e2db72179d1cf62203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8284139241797023&output=html&adk=1812271804&adf=3025194257&lmt=1619845959&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959528&bpp=14&bdt=171&idt=102&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8215906732395&frm=20&pv=2&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=124
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://up-load.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://up-load.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 05:12:39 GMT
server: cafe
content-length: 851
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 05:27:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 05:12:39 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Sat, 01 May 2021 05:12:39 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9182 67 KB
21 KB 623ms
622ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=347471439&adf=3020350034&pi=t.ma~as.5887324455&w=1170&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959542&bpp=9&bdt=186&idt=117&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QWSNtM2mGa&p=https%3A//up-load.io&dtd=136

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68c9eb68a466772c3aee13df75cf2e86133fdee8c5f0afa6e230ff71da161ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=347471439&adf=3020350034&pi=t.ma~as.5887324455&w=1170&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959542&bpp=9&bdt=186&idt=117&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QWSNtM2mGa&p=https%3A//up-load.io&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://up-load.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://up-load.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 05:12:40 GMT
server: cafe
content-length: 21876
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 05:27:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 05:12:40 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0405 59 KB
22 KB 752ms
751ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80b19e42024a344e421539d6556fbcc79ad4ff49e13a0b8c0e77221858ffe6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://up-load.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://up-load.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 05:12:40 GMT
server: cafe
content-length: 22458
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 05:27:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 05:12:40 GMT
cache-control: private

GET
H/1.1 200
OK zone Show response
coaphauk.net/ 778 B
1 KB 58ms
57ms Fetch
application/json 139.45.196.143
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://coaphauk.net/zone?pub=0&zone_id=3785589&is_mobile=false&domain=up-load.io&var=&ymid=&var_3=

Requested by

Host: coaphauk.net
URL: https://coaphauk.net/ntfc.php?p=3785589

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.143 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

31cc0f5d2bee8530885b863470bcc886b92c1ed3ccd73efff3f89abbaf604831

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: 53eebdc2999bad75d3c7764a9915f79c
Date: Sat, 01 May 2021 05:12:39 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://up-load.io
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 778

GET
H/1.1 200
OK universal.min.js Show response
coaphauk.net/pfe/current/ 107 KB
38 KB 204ms
90ms Fetch
application/javascript 139.45.196.143
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coaphauk.net/pfe/current/universal.min.js?v=3.1.291
Requested by: Host: coaphauk.net
URL: https://coaphauk.net/ntfc.php?p=3785589
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.143 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 05:12:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:58 GMT
Server: nginx
ETag: W/"6086a8aa-1ab55"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://up-load.io
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 66AF 73 KB
23 KB 720ms
719ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dad21062683990ee2cd6566b5572d157998cb7b25886b148b9ae24936137165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://up-load.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://up-load.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 05:12:40 GMT
server: cafe
content-length: 23812
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 05:27:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 05:12:40 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B519 78 KB
25 KB 468ms
468ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2588602223&adf=2915893547&pi=t.ma~as.2274887932&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=196&idt=161&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280%2C1110x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qaJgw3Or7z&p=https%3A//up-load.io&dtd=165

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c84c4debc2b70a26e36e4f5cb4df4f7f5a96acbc134dd233138db5622137796d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2588602223&adf=2915893547&pi=t.ma~as.2274887932&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=196&idt=161&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280%2C1110x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qaJgw3Or7z&p=https%3A//up-load.io&dtd=165
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://up-load.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://up-load.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 01 May 2021 05:12:40 GMT
server: cafe
content-length: 25716
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 01-May-2021 05:27:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 05:12:40 GMT
cache-control: private

GET
H2 200 / Show response
extreme-ip-lookup.com/json/ 483 B
631 B 167ms
56ms XHR
application/json 37.48.65.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://extreme-ip-lookup.com/json/
Requested by: Host: up-load.io
URL: https://up-load.io/ds1/js/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.48.65.182 Vinkeveen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 481fe954d2ea02603e1212b2deb28dba52ffe8dcf68d6532259bd11cdaf0d537

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 01 May 2021 05:05:24 GMT
cache-control: max-age=3600
server: nginx
access-control-allow-headers: *
content-length: 483
content-type: application/json; charset=utf-8;

GET
H2 200 apu.php Show response
cdn.betgorebysson.club/ 382 B
989 B 175ms
59ms Script
application/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.betgorebysson.club/apu.php?zoneid=3968974

Requested by

Host: coaphauk.net
URL: https://coaphauk.net/ntfc.php?p=3785589

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

11f418cd0f44829c1077c3227cd3782c47fab8021b8e2c664e6d64b3979a5acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 7703d7a93791d089c1255e0cb6f073e0
pragma: no-cache
date: Sat, 01 May 2021 05:12:39 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H/1.1 200
OK custom Show response
coaphauk.net/ 39 B
485 B 58ms
58ms Fetch
application/json 139.45.196.143
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://coaphauk.net/custom

Requested by

Host: up-load.io
URL: https://up-load.io/download.html12

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.143 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d7520cb7046c2ae7baa87762599c3f9a
Date: Sat, 01 May 2021 05:12:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://up-load.io
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H3-29 200 sw.js Show response
up-load.io/ 3 KB
2 KB 15ms
15ms Fetch
text/javascript 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://up-load.io/sw.js
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82394b7e224d8a00b5affd25f30aaffc5f70c6878853e7aae3f7104d7b11fc0a

Request headers

:path: /sw.js
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101; _ga=GA1.2.720186387.1619845960; _gid=GA1.2.1333354084.1619845960; _gat_gtag_UA_138250031_1=1; __gads=ID=3efea822ebbcd0fb-220697ccbca7004f:T=1619845959:RT=1619845959:S=ALNI_MYQQq4b36oYGTcSvXbqauC4w7Q6og
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3575
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7f0e91d00002bf245b94000000001
last-modified: Tue, 15 Dec 2020 11:16:01 GMT
server: cloudflare
etag: W/"80482-aaf-5b67ee23878ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Tuyl1MudZKedxoY8NeItmzJ2Om5H8vvdCp4xYuG3L2tj2FE%2BIrHj2vyfqLFU4sdcuFq%2BrnITfK6cDNjswdnrnJ5NEo9efK08fj8kxfJnWH3RlFFXQ5c"}],"max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 64868421cb2d2bf2-FRA

OPTIONS
H/1.1 200
OK custom
coaphauk.net/ Frame 0
0 56ms
56ms Preflight
text/plain 139.45.196.143
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coaphauk.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.143 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://up-load.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sat, 01 May 2021 05:12:39 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://up-load.io
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
coaphauk.net/ 39 B
485 B 60ms
58ms Fetch
application/json 139.45.196.143
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://coaphauk.net/custom

Requested by

Host: up-load.io
URL: https://up-load.io/download.html12

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.143 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: e23cb6b53a97b75ac84f7333de17c5f9
Date: Sat, 01 May 2021 05:12:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://up-load.io
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
coaphauk.net/ Frame 0
0 95ms
56ms Preflight
text/plain 139.45.196.143
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coaphauk.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.143 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://up-load.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sat, 01 May 2021 05:12:40 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://up-load.io
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 12996008169791129941
tpc.googlesyndication.com/simgad/ Frame B519 65 KB
65 KB 33ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12996008169791129941?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlq4b-iMa3Sd25L_jy0klBKNCPg3w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2588602223&adf=2915893547&pi=t.ma~as.2274887932&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=196&idt=161&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280%2C1110x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qaJgw3Or7z&p=https%3A//up-load.io&dtd=165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0755732306703b493273ce957db779772182ffe2cfacd64f4685fcad72f7e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:51:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Dec 2018 18:19:57 GMT
server: sffe
age: 134497
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66323
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:51:03 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame B519 17 KB
7 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:03:32 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame B519 2 KB
1 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 04:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 04:57:16 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame B519 67 B
196 B 27ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 01:32:03 GMT
x-content-type-options: nosniff
server: cafe
age: 13237
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sun, 02 May 2021 01:32:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B519 116 KB
35 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 05:12:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame B519 13 KB
6 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:01:29 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B519 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKmJ7R-OMYIjpLJv4-ga997z4D8Pdj4xhouTXxeII2tkeEAEgypKlJWCViriCyAegAdSQwMkDyAECqAMByAPJBKoEwwFP0BZphjLf914hCN1VMvOEcmGZ99EVsfTOVfd9gVT45oV4GmHDEL2fVHwK8ILjG-KGP7uykPtASDevzR_0InwZq7tHScRijYnzDkW94EZfHKDmihSr5oykLQfl75fvN2hPd8hX-0B9VQMKvZRC38G2kju97kiC7q1xS00TwpzqwpCaFb3cWfgnfzdZvpJzUTi6CEiqDFKBDjxdhw1sPLhkvaXrK3btQR_JV4R3DV2-rCTrJhv5WmZunVdVSn3pyvQIFbDABKv-9uf1AZIFBAgEGAGSBQQIBRgEoAYCgAeU7782qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEP6vCdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi04Mjg0MTM5MjQxNzk3MDIz&sigh=gMiFF5H6-gQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2588602223&adf=2915893547&pi=t.ma~as.2274887932&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=196&idt=161&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280%2C1110x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qaJgw3Or7z&p=https%3A//up-load.io&dtd=165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 05:12:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 01 May 2021 05:12:40 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame B519 25 KB
10 KB 24ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02aa7720a28f292170a06052b80a192437ed79746b7697daab5bc59d2b8f42bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10468
x-xss-protection: 0
server: cafe
etag: 16391357189745862645
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 10:24:31 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B31 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2588602223&adf=2915893547&pi=t.ma~as.2274887932&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=196&idt=161&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280%2C1110x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qaJgw3Or7z&p=https%3A//up-load.io&dtd=165
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmFaWOT5ViDW5nUfCyQ1hXYoQmLX8DWf3UMPCf53GGdkVn3EXDZSx92-fmdykA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2588602223&adf=2915893547&pi=t.ma~as.2274887932&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=196&idt=161&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280%2C1110x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qaJgw3Or7z&p=https%3A//up-load.io&dtd=165

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 01 May 2021 04:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2601
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B31
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmFaWOT5ViDW5nUfCyQ1hXYoQmLX8DWf3UMPCf53GGdkVn3EXDZSx92-fmdykA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 May 2021 05:12:40 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 01-May-2021 06:12:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 05:12:40 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 May 2021 05:12:40 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B519 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d578608a448c3838819354692fb0e0a540f8ac4bfc53b81cb868530c34b3637f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9182 3 KB
578 B 26ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=347471439&adf=3020350034&pi=t.ma~as.5887324455&w=1170&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959542&bpp=9&bdt=186&idt=117&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QWSNtM2mGa&p=https%3A//up-load.io&dtd=136

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 04:09:38 GMT
server: ESF
date: Sat, 01 May 2021 05:12:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 05:12:40 GMT

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/spam_signals/ Frame 9182 6 KB
3 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 22:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 22:31:06 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 9182 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 04:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 04:51:41 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 9182 17 KB
7 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:03:32 GMT

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame 301C 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 04:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 895
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sun, 01 May 2022 04:57:45 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 9182 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:06:19 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9182 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 05:12:40 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 9182 13 KB
5 KB 18ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:01:29 GMT

GET
H2 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame 9182 25 KB
11 KB 24ms
5ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 18:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:04:36 GMT
server: sffe
age: 39725
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Thu, 29 Jul 2021 18:10:35 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9182 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE0MFR-OMYN-_KoflgQfP6rXACP7_ycBisqnRzdsN2tkeEAEgypKlJWCViriCyAegAfPX7YsDyAEJqQIOTIPShyq0PqgDAcgDywSqBL0BT9CI3Na6D_yFgi1CNS9awfi1xDPdeLL2Ia2nc51D0S442Kne-Le-hPdP0YJ5yDE7xDutWE0mWLtZcUo_lZaFELErIye2sP1SOTGZLX97XBoy7h6STaFr_sOCgiWyONBTtmRJQiltIDkL5gIdvl8XHG8c8Xb9EZPie1Ktcabjom-IQ5duqhWGS4Xck6my8S1_f-zJKUoEZCn_9v76cwozk4fgkJt3KesGTb-5aBFkxMzZRuwBgxJ0gJt-1Sm7wASij579vwOSBQQIBBgBkgUECAUYBKAGLoAH0bPef6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCjxCXSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMMiBQBshcaChgIABIUcHViLTgyODQxMzkyNDE3OTcwMjM&sigh=CSfr6isHZNY&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=347471439&adf=3020350034&pi=t.ma~as.5887324455&w=1170&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959542&bpp=9&bdt=186&idt=117&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QWSNtM2mGa&p=https%3A//up-load.io&dtd=136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 05:12:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5747407698995660247/ Frame 9182 24 KB
24 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5747407698995660247/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fce394626cf67b3bd17542a3cb17bc7b3430ea6679612005a2a61213b2488fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:38:28 GMT
x-content-type-options: nosniff
age: 362052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24366
x-xss-protection: 0
last-modified: Sun, 11 Apr 2021 11:24:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:38:28 GMT

GET
DATA 200
OK truncated
/ Frame 9182 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9182 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fd84ab151f5015e7c2f6c8f8aff85e8409b55c5282e4cd95de7e942c0428556

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 66AF 3 KB
578 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 04:07:32 GMT
server: ESF
date: Sat, 01 May 2021 05:12:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 05:12:40 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9182 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 186038
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:32:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9182 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 186069
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:31:31 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 66AF 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 04:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 04:51:41 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 66AF 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:03:32 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 66AF 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:06:19 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66AF 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 05:12:40 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 66AF 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:01:29 GMT

GET
H3-29 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame 66AF 25 KB
10 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 18:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:04:36 GMT
server: sffe
age: 39725
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Thu, 29 Jul 2021 18:10:35 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5747407698995660247/ Frame 66AF 24 KB
24 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5747407698995660247/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fce394626cf67b3bd17542a3cb17bc7b3430ea6679612005a2a61213b2488fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:38:28 GMT
x-content-type-options: nosniff
age: 362052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24366
x-xss-protection: 0
last-modified: Sun, 11 Apr 2021 11:24:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:38:28 GMT

GET
DATA 200
OK truncated
/ Frame 66AF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B10 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 04:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 895
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sun, 01 May 2022 04:57:45 GMT

GET
H3-29 200 9217700862403725573
tpc.googlesyndication.com/simgad/ Frame 0405 12 KB
12 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9217700862403725573?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql1GB42_igi0JpwcgxMWxkMbWFSQw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64a09d35829fc5f94e946ea2ddb2a1bb956ec602024eba5f0f1ec710505ad4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:04:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Oct 2020 08:14:01 GMT
server: sffe
age: 184069
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12032
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:04:51 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 0405 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:03:32 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0405 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:06:19 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0405 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 05:12:40 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0405 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 05:01:29 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0405 25 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02aa7720a28f292170a06052b80a192437ed79746b7697daab5bc59d2b8f42bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10468
x-xss-protection: 0
server: cafe
etag: 16391357189745862645
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 10:24:31 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0405 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyketR-OMYOvNK42I-gaZn6yQBpfAr8diq8T7_a4N9Y38wgMQASDKkqUlYJWKuILIB6ABl8qNmgLIAQKpAg5Mg9KHKrQ-qAMByAPJhIACqgS9AU_Q3JbceVDVtXpMBhndX176UVwPT1U36EjHnJUfyh64gExl4zRsxO2o0uuJ6WdabuC1Esq4OfLwNV1y6hDD2ufwnteKNH5VRriMemQevAYZZ0PTkd254sjkoysmjLBK5sZb-uTsyIGQWzEMKQiHaFgdJvhN078h-YYMsMzYgpSGD0XeHR8Ir5un8bBiOHuYUuaE0W--veVDjfXVzI79-iLrTgWWTtutsGSy6ovHhHlLTQXSdf_lF4bl2y-FJ8AEk6K22qYDkgUECAQYAZIFBAgFGASgBgKAB9G18uUBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMTZEdIICQiA4YAQEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi04Mjg0MTM5MjQxNzk3MDIz&sigh=KI9jAIMlhKw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 05:12:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 66AF 0
0 18ms
16ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_jvER-OMYN23LMmcgQe79Z6AAv7_ycBisqnRzdsN2tkeEAEgypKlJWCViriCyAegAfPX7YsDyAEJqQIOTIPShyq0PqgDAcgDywSqBL0BT9AyTXVjaNvOp2d5AxKls9FJhJeLvvXUpRupV6lPqWtHejl2aQ5v_S3CYtBNbxlrcKwhh4AFGuhGvJ-L8RlpFP0FCHFjbeEvqWR1ydsvzUNUeT5nL5eJYz8ZwnGBvdN5vJbkfU4EgWMnWdzedP_D4yU3MLe16efYe34BDkSNPdpkf73QoA-JBj3NSwS0e3ipMTmmuAOY19fn4Ph0NqcyETeT6Avzufah4yK4lN8VapccyD0WRvpNOTDGORiMwASij579vwOSBQQIBBgBkgUECAUYBKAGLoAH0bPef6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDAjAfSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMMiBQBshcaChgIABIUcHViLTgyODQxMzkyNDE3OTcwMjM&sigh=Uyr5F0w4jFs&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 01 May 2021 05:12:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DEFD 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmFaWOT5ViDW5nUfCyQ1hXYoQmLX8DWf3UMPCf53GGdkVn3EXDZSx92-fmdykA; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 01 May 2021 04:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2601
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 66AF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cea77c12410fb5da04759021a3722191759f99e51a621bfe9373e5497beeca5d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0405 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d253be9a2a869993c18e3ac35e324897a7add8df64df353e56dafcfe2f85f941

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 66AF 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 186038
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:32:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 66AF 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 186069
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:31:31 GMT

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame BA25 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=5887324455&adk=3116513679&adf=3363846133&pi=t.ma~as.5887324455&w=1110&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959552&bpp=1&bdt=195&idt=150&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C350x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=870&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=jWblmhxEV2&p=https%3A//up-load.io&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 04:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 895
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sun, 01 May 2022 04:57:45 GMT

OPTIONS
H/1.1 200
OK custom
coaphauk.net/ Frame 0
0 55ms
55ms Preflight
text/plain 139.45.196.143
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coaphauk.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.143 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://up-load.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sat, 01 May 2021 05:12:40 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://up-load.io
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 31ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210428&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04c6385c1d95afe498317fd240b6f2a653166d1c07ceb0ed61ccf033c2d64046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 05:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7732
x-xss-protection: 0

POST
H/1.1 200
OK custom Show response
coaphauk.net/ 39 B
485 B 57ms
57ms Fetch
application/json 139.45.196.143
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://coaphauk.net/custom

Requested by

Host: up-load.io
URL: https://up-load.io/download.html12

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.143 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 59924f8147ef48f2a99974abd103da12
Date: Sat, 01 May 2021 05:12:40 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://up-load.io
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DEFD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmFaWOT5ViDW5nUfCyQ1hXYoQmLX8DWf3UMPCf53GGdkVn3EXDZSx92-fmdykA; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 May 2021 05:12:40 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 01-May-2021 06:12:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 05:12:40 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 01 May 2021 05:12:40 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 0405 54 KB
21 KB 190ms
60ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a46a07c3d4d62ab8017abd9b7f57d0eb11209d23e0230720f8220a9175da4d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 04:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 788
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20853
x-xss-protection: 0
server: cafe
etag: 17473441666752178516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 01 May 2021 05:59:32 GMT

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame 96EF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284139241797023&output=html&h=280&slotname=2274887932&adk=2939141396&adf=2448662898&pi=t.ma~as.2274887932&w=350&fwrn=4&fwrnh=100&lmt=1619845959&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fup-load.io%2Fdownload.html12&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619845959551&bpp=1&bdt=194&idt=134&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=8215906732395&frm=20&pv=1&ga_vid=720186387.1619845960&ga_sid=1619845960&ga_hid=916636070&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=410&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=434941649229486&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=RTPUFSQFuK&p=https%3A//up-load.io&dtd=141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 04:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 895
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sun, 01 May 2022 04:57:45 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 01 May 2021 05:12:40 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FE92 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://up-load.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://up-load.io/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 01 May 2021 04:57:44 GMT
expires: Sun, 01 May 2022 04:57:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 896
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame FE92 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 04:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 895
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sun, 01 May 2022 04:57:45 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0405 0
331 B 756ms
262ms Ping
image/gif 2404:6800:4004:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ko5agmoo&ctx=2&gqid=R-OMYICYK9e_x_AP0_uO-AY&qqid=CKuNlLjcp_ACFQ2E3godmQ8LYg&met.6=6.1_CgsY2AYgMyoECAgSAAoLGOYHIDgqBAgIEgAKCxilCCAyKgQICBIA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 May 2021 05:12:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0405 0
54 B 919ms
425ms Ping
image/gif 2404:6800:4004:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~ko5agmou&ctx=2&gqid=R-OMYICYK9e_x_AP0_uO-AY&qqid=CKuNlLjcp_ACFQ2E3godmQ8LYg&met.4=fb.n2~lb.qb~ol.rk~bdt.-9c~bpp.-3x~idt.-8~dtd.-1~dt.-3y&met.3=739.qc~736.qg_1~555.qu~556.qu~735.qv_1~740.qy~740.rb~740.rc~738.rh~740.ux~740.wi~113.y4_3~112.y3_4~246.y8_1&met.1=1.ko5aglql~6.5~7.5~8.5~9.5~10.5~12.7~13.l2~14.l4~15.m3~16.qb~17.qb~18.qc~19.rh~20.rh~21.rk~22.nm~23.nv&met.7=CAUQCBgBKAUw-AU44AdoB3D3BXjUrwGAAbqvAYgBjNgDsAEBuAED~CBcQBhgBIL0GKL0GMMQGOAhovQZwxAZ4mF6AAYBeiAGAXrABAbgBAw~CBwQChgBIL0GKL0GMMQGOAdovQZwwwZ4jzeAAfQ2iAGiiAGwAQG4AQM~CBwQChgBIL0GKL0GMMkGOAxowgZwyAZ4sgqAAZcKiAHRE7ABAbgBAw~CCoQChgBIL0GKL0GMNMGOBY~CBwQChgBIL0GKL0GMMgGOAtowgZwyAZ4_yuAAeQriAHbZbABAbgBAw~CBwQChgBIL0GKL0GMMoGOAxoxAZwyQZ4_1GAAeRRiAGWyQGwAQG4AQM~CCEQBBgBIMEGKMEGMNMGOBNowgZw0wZ4EbABAbgBAw~CCgQBRgBINUGKNUGMNwGOAdo1gZw3AZ4owGAAZEBiAGPAbABAbgBAw~CCgQChgBIOUHKOUHMMMJON4BQOUHSOcHUOcHWOYIYIUIaOYIcKIJeKOnAYAB9aIBiAGZrgOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 May 2021 05:12:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210428&jk=434941649229486&bg=!U1ClUBTNAAZLnZBaS507ACkAdvg8WlwkMoRccCiFXcFla2dIwe3Rk05CI4VwF1jK0AWTX-NeTQaCmwIAAABlUgAAAAxoAQcKAPPqpMVPY8WGWPsIAW8dk6JBo2VbVNfv9BXeXTEiziq27NoVGwFrOwNbWi1l31Z1ozLFdyJFgIO3s8h6k4CXdcOuTMESpST4I_w3sPSzx11d9DlW_Ci3-JVwLNR-1AQOxpyhm4ECFRYAUYpGZwzz50EKYqrnzMSuYrdbNRkJb1o9zJCNx3DmumWzcTHo7q7beyzrq_ze4n_hmWT1MoApGWWN2VMWRILbuQtcEb8gv2EPiFAXyvBUcLuuplVSm6jnKwyOXEtJiszbr7TkeSi0qteLGfP0Fs9FenmGiPVK2BNmsvplwycG3EBGy4B1H-ARPEUt8J-ZAklWBxO-qNtNXonBHfIuti52BDX70pUJLXDmxLERLfCODVyTc-es0_XQZEX40KZ7skmJvleGXNkPVsB_-AYE_1GxB-1_d8BB0VtjgZ29hkNbnbc3LKt7yFtWTedhm2HTVJQw1GOSSR3GXNcrAg6F-8zMKVvjvg9VpRkw5QYRjDZq2aPBV5JBJaprmjsNw7qptEiN3wGe3jRtNjG_hgxxFbqoHmQv_H0H_0VE98SLJdes_zOys4YOSbF9_LFnMYxZQD6Tzm8dAJD7RD7DnvHREB95Ffr-XmTHJImsTtKmQjg4PbmA4tKdT4urshMC3YSUdXNUS4cUwNsGhJF874srxgCkyd7YekexYO82fwk_b-mgM8aW3dSpia5eT104iyju6ALmQfO0dczRMxMUwhM1HYyUc1c016dWQ2azeQL-YP0NiwF4-Cnm0heqMXqnBh0MLctEHdgL4UH1lbW1EukcyJLDf1wK6-ZIjca0dQB8x4pxKwY4oPRNNborLYzTzA-UuhpELaj2hsYrCx6DONYlEiZ5Hu9JbWNVxNC0AV24H9ilYvGHDmXoOvS-N-038aGRT3IoVhr8g0Xd-UWinIUnw6sfH5qOM-475oLEP8s4niu6BEBLcmr1PLkZwR4FethGogskqO0QBuxvg9jQFQ9uyEzpA1TMXLqApcdcjNNo2NT1vYUnpPQ489_fyHVVDV2wCu_eBvCYa6Iogn1MqliWsKohRDd5KQWhviL2CRc8mygg0GyqQ1QVhCWpyugZXkMBjlcF9CKXQ5DPJx8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://up-load.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 05:12:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9182 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmrd83iekl2OxAzg3wSYo9cnunBMZU9zIVfrtWLLXEotlSTj9-4xFErQ6AysyiOIb2-NXmq3Qg_NpNxuWwSVYW5etYaQ6Fm8yAWWZQFGy_Px3NGwyBghqU9g5X_g&sai=AMfl-YRgl4N8yIZ0NDk7iUNNv2gtVlmiuKAbF7x5t3xSiFgils6sJ1LfOTNbzNNafRQmW3t2LVFCUx6nsx0B&sig=Cg0ArKJSzAj_JVvWs3PwEAE&id=lidar2&mcvt=1004&p=90,215,370,1385&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=347471439&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619845959682&dlt=635&rpt=62&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 05:12:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0405 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-5SuP-U2YbNEa97oNffdPsnaOrn_hYYxvtdfmsfqbxNtQxS43EdAdEoy4yNpx3BH5TufQJ5FUUiM2JGKbngiNwK0r_3sHr6azKdeYXOnKV-bXLKlgdW2rivlTMw&sai=AMfl-YTa6GGl5RitlxYfJCaw-8i5KsESUkstpckLiB8Smt4jLxrfFAQN3B-gPO7DWO3x-MQaV-g6DIa981wQ&sig=Cg0ArKJSzCNY3nKcAhP-EAE&id=lidar2&mcvt=1000&p=410,1012,690,1348&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2939141396&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619845959693&dlt=795&rpt=60&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 05:12:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 66AF 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMDQVvDkEyn3wvEhVVjHofZvDZP0LgQ4zMUL38_tjTnWDxqW9e0tajeVpi3N3Ro_SZAQafkC0KsdUR29kitR6Tl7awpVNPeU0WA8gFzFvUf0msj_RnDdxrKqY41g&sai=AMfl-YQmAEjUPO4BOv5xfJZWoMn50yH6zguwfJd3J9B7DEB2vT-bWwmix_pBKUtiptSTmvz9DZQOLA_6iqOw&sig=Cg0ArKJSzJZ_M7gbye5VEAE&id=lidar2&mcvt=1000&p=870,245,1150,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3116513679&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619845959709&dlt=762&rpt=962&msd=0&r=v&fum=1&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 05:12:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 logo.png
up-load.io/ds1/img/ 4 KB
4 KB 15ms
15ms Image
image/png 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://up-load.io/ds1/img/logo.png
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c1f2bef7733aa8715bef84ecc9c61bf2f864d4b0b754fc5ee7c671db639b38

Request headers

:path: /ds1/img/logo.png
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101; _ga=GA1.2.720186387.1619845960; _gid=GA1.2.1333354084.1619845960; _gat_gtag_UA_138250031_1=1; __gads=ID=3efea822ebbcd0fb-220697ccbca7004f:T=1619845959:RT=1619845959:S=ALNI_MYQQq4b36oYGTcSvXbqauC4w7Q6og
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:42 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 928351
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3936
cf-request-id: 09c7f0f3c200002bf22ca1b000000001
last-modified: Thu, 28 Mar 2019 13:28:34 GMT
server: cloudflare
etag: "5c9ccc02-f60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P8yLvV00hKE6voIn%2BxRjdU7c1Aop08ydUtoqVORhEXFu2FuIYbNDO91RwKVmlwFH3%2FzWZsrFdXFV3zsD2tNIsP0aDG3pJATD1vHk%2BGDOgK%2B56Oc0%2B7OW"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 64868432caa52bf2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 logo.png
up-load.io/ds1/img/ 4 KB
4 KB 11ms
11ms Image
image/png 2606:4700:3031::ac43:8a52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://up-load.io/ds1/img/logo.png
Requested by: Host: up-load.io
URL: https://up-load.io/download.html12
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8a52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c1f2bef7733aa8715bef84ecc9c61bf2f864d4b0b754fc5ee7c671db639b38

Request headers

:path: /ds1/img/logo.png
pragma: no-cache
cookie: __cfduid=dc0c348b25e0c3d296772ef1f562620481619845958; lang=english; file_code=ivahv4i9bnny; aff=34101; _ga=GA1.2.720186387.1619845960; _gid=GA1.2.1333354084.1619845960; _gat_gtag_UA_138250031_1=1; __gads=ID=3efea822ebbcd0fb-220697ccbca7004f:T=1619845959:RT=1619845959:S=ALNI_MYQQq4b36oYGTcSvXbqauC4w7Q6og
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: up-load.io
referer: https://up-load.io/download.html12
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://up-load.io/download.html12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:12:42 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 928351
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3936
cf-request-id: 09c7f0f3d100002bf22ca1d000000001
last-modified: Thu, 28 Mar 2019 13:28:34 GMT
server: cloudflare
etag: "5c9ccc02-f60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=olhstwDsF%2F7J7axJePMSnzaqlKvMTzMuB4xeRQ4RUjjPbC93flYQxiD7VHJOt9P11LADVgl5oAwkI5Y0ZJw7UFDOuDEA5gcT5HKtkCd%2BXF8amI3VlsEm"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 64868432eacf2bf2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 03:19:01	Name: IDE Value: AHWqTUmFaWOT5ViDW5nUfCyQ1hXYoQmLX8DWf3UMPCf53GGdkVn3EXDZSx92-fmdykA
.up-load.io/	1970-01-20 03:19:01	Name: __gads Value: ID=3efea822ebbcd0fb-220697ccbca7004f:T=1619845959:RT=1619845959:S=ALNI_MYQQq4b36oYGTcSvXbqauC4w7Q6og
.up-load.io/	1970-01-20 11:28:37	Name: _ga Value: GA1.2.720186387.1619845960
.up-load.io/	1970-01-19 18:17:35	Name: aff Value: 34101
.doubleclick.net/	1970-01-19 17:57:26	Name: test_cookie Value: CheckForPermission
.up-load.io/	1970-01-19 17:57:26	Name: _gat_gtag_UA_138250031_1 Value: 1
.up-load.io/	1970-01-19 17:57:29	Name: file_code Value: ivahv4i9bnny
.up-load.io/	1970-01-19 17:58:52	Name: _gid Value: GA1.2.1333354084.1619845960
.up-load.io/	1969-12-31 23:59:59	Name: lang Value: english
.doubleclick.net/	1970-01-19 17:57:29	Name: DSID Value: NO_DATA
.up-load.io/	1970-01-19 18:40:37	Name: __cfduid Value: dc0c348b25e0c3d296772ef1f562620481619845958

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: service worker path (u): /sw.js event domain: https://coaphauk.net
console-api	log	URL: https://cdn.betgorebysson.club/apu.php?zoneid=3968974(Line 1) Message: 0x50005

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.betgorebysson.club
coaphauk.net
csi.gstatic.com
extreme-ip-lookup.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
up-load.io
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
139.45.195.8
139.45.196.143
142.250.186.66
23.111.9.35
2404:6800:4004:80d::2003
2606:4700:3031::ac43:8a52
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
37.48.65.182
02aa7720a28f292170a06052b80a192437ed79746b7697daab5bc59d2b8f42bc
031f00b22a8c37dc6f3a8ea8e33f3d958a579bb1fcddc00c9409a24d1e07c259
04c6385c1d95afe498317fd240b6f2a653166d1c07ceb0ed61ccf033c2d64046
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8
102d69b8233684dd9b9bc94145fc332453aaa8f4fcf6221b1824ecdd042a693b
11f418cd0f44829c1077c3227cd3782c47fab8021b8e2c664e6d64b3979a5acc
121b3e92013b5adc53acd30db871a40646413f159f2fec6e74bac2abb9f78a46
173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e
17ec74c69eb8c08a5c82d7126fa307525806b2b9f06cda918c5f750428c40d40
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1f3c741cc2a0975148b5daf3086fdcf62f5b59debe152ca1b73145c55dd011a7
1fd84ab151f5015e7c2f6c8f8aff85e8409b55c5282e4cd95de7e942c0428556
240137a07f7906bc0a120b538caaa26f888a08e4ede9007082356afbfa6209e3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
31cc0f5d2bee8530885b863470bcc886b92c1ed3ccd73efff3f89abbaf604831
34eff09d3a94fa86b4f3e5af9cf391515e8e2caa3ebb6d7fe6ed13e5778ff8e0
373af099c37e3f777dbc021dab543f9d2100955ad929871a60a49d292f825d5d
41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
481fe954d2ea02603e1212b2deb28dba52ffe8dcf68d6532259bd11cdaf0d537
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
577f932099c76665bd8ab79c16da5b83517c1568f3cf94e2db72179d1cf62203
58d05cacbd0f4ed57e98252a000f3e4b5648cabd396aebdad1ac4d60048ce4d3
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745
64a09d35829fc5f94e946ea2ddb2a1bb956ec602024eba5f0f1ec710505ad4a2
64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a
66dc995d8af6f17d9e3931e5de51ef935684a6cbf609a2284d723292676802c0
66eb3c1537c64ab67613e37489611a5e0cfad383dcb63385b724b838943d8112
67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68c9eb68a466772c3aee13df75cf2e86133fdee8c5f0afa6e230ff71da161ca1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dad21062683990ee2cd6566b5572d157998cb7b25886b148b9ae24936137165
72aed54637c02a7a9f04fdd621299791428a886a5b66d5a7b7af7c0731202903
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7efbd86cc7b38ff4073967d7ec290934fc421eb2ed25ed3ec1592d79826e610c
80b19e42024a344e421539d6556fbcc79ad4ff49e13a0b8c0e77221858ffe6c7
80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e
82394b7e224d8a00b5affd25f30aaffc5f70c6878853e7aae3f7104d7b11fc0a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
99c1f2bef7733aa8715bef84ecc9c61bf2f864d4b0b754fc5ee7c671db639b38
9fce394626cf67b3bd17542a3cb17bc7b3430ea6679612005a2a61213b2488fa
a46a07c3d4d62ab8017abd9b7f57d0eb11209d23e0230720f8220a9175da4d24
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
ac701443fe8d0e7b7e253b6b3c8684c47cc8811e86dbb39eb1b670e046e5c6ab
b128faf2db3afc5cda64e3a00f54dd96e2ebf5b7155c77086cbaec430d08bf2c
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c84c4debc2b70a26e36e4f5cb4df4f7f5a96acbc134dd233138db5622137796d
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
cea77c12410fb5da04759021a3722191759f99e51a621bfe9373e5497beeca5d
d253be9a2a869993c18e3ac35e324897a7add8df64df353e56dafcfe2f85f941
d578608a448c3838819354692fb0e0a540f8ac4bfc53b81cb868530c34b3637f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8655093f5bdfeac39902407102aceb756fe68adbdb159c92664b9ad9b7d90fd
d970b5c6138015be569be57ee8233f16aa8d06b634ab4469243d9e518ae7b973
e0755732306703b493273ce957db779772182ffe2cfacd64f4685fcad72f7e7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

up-load.io Open in urlscan Pro 2606:4700:3031::ac43:8a52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

100 %HTTPS

74 %IPv6

15 Domains

20 Subdomains

19 IPs

5 Countries

1589 kBTransfer

3888 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

up-load.io Open in urlscan Pro
2606:4700:3031::ac43:8a52 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

20
Subdomains

19
IPs

5
Countries

1589 kB
Transfer

3888 kB
Size

11
Cookies

112 HTTP transactions
6 data transactions