urlscan.io logo urlscan.io
SecurityTrails logo

filecr.com Open in urlscan Pro
2606:4700:3031::6815:4efc  Public Scan

Go To Rescan Add Verdict Report
URL: https://filecr.com/en/?id=94640144256
Submission Tags: falconsandbox
Submission: On December 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 9 countries across 73 domains to perform 398 HTTP transactions. The main IP is 2606:4700:3031::6815:4efc, located in United States and belongs to CLOUDFLARENET, US. The main domain is filecr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time filecr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2.18.235.93 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
20 192.0.77.2 2635 (AUTOMATTIC)
3 94.31.29.32 33438 (HIGHWINDS2)
1 2606:4700:303... 13335 (CLOUDFLAR...)
23 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
50 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 34.246.244.131 16509 (AMAZON-02)
3 7 185.33.220.216 29990 (ASN-APPNEX)
10 52.28.203.152 16509 (AMAZON-02)
2 3.127.31.101 16509 (AMAZON-02)
1 185.255.84.151 200271 (IGUANE-)
1 35.156.28.35 16509 (AMAZON-02)
3 35.174.217.176 14618 (AMAZON-AES)
1 178.250.2.131 44788 (ASN-CRITE...)
5 2602:803:c002... 26667 (RUBICONPR...)
4 51.89.9.251 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.18.102 15169 (GOOGLE)
3 6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
34 2a00:1450:400... 15169 (GOOGLE)
8 24 216.58.212.162 15169 (GOOGLE)
3 8 2.18.234.21 16625 (AKAMAI-AS)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 5 35.244.159.8 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
4 142.250.185.130 15169 (GOOGLE)
1 178.250.2.146 44788 (ASN-CRITE...)
2 3 185.64.190.78 62713 (AS-PUBMATIC)
6 10 69.173.144.139 26667 (RUBICONPR...)
3 185.86.138.131 201081 (SMARTADSE...)
3 3 3.126.56.137 16509 (AMAZON-02)
2 2 3.67.115.59 16509 (AMAZON-02)
4 5 2a05:d018:d29... 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
12 34.95.81.22 15169 (GOOGLE)
4 104.109.78.125 16625 (AKAMAI-AS)
1 2620:1ec:bdf::60 8068 (MICROSOFT...)
1 151.101.129.108 54113 (FASTLY)
2 7 76.223.111.18 16509 (AMAZON-02)
4 7 3.33.220.150 16509 (AMAZON-02)
1 1 34.102.163.6 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
5 6 18.195.132.244 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 209.54.176.128 16509 (AMAZON-02)
3 3 64.74.236.95 19024 (INTERNAP-...)
2 104.16.200.58 13335 (CLOUDFLAR...)
1 17 34.251.173.19 16509 (AMAZON-02)
2 67.202.105.21 32748 (STEADFAST)
1 2 216.52.2.19 30282 (AS-INAPCD...)
6 6 213.19.147.44 26120 (RHYTHMONE)
1 50.19.13.13 14618 (AMAZON-AES)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 178.162.133.149 60781 (LEASEWEB-...)
1 1 147.75.38.124 54825 (PACKET)
3 3 151.101.66.49 54113 (FASTLY)
1 35.244.174.68 15169 (GOOGLE)
1 54.172.254.117 14618 (AMAZON-AES)
1 1 35.171.214.154 14618 (AMAZON-AES)
2 38.91.45.7 398989 (DEEPINTENT)
1 35.241.40.233 15169 (GOOGLE)
2 2 198.148.27.139 19189 (PULSEPOINT)
4 199.187.193.185 47043 (SMARTADSE...)
2 2 52.215.67.233 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 185.33.221.88 29990 (ASN-APPNEX)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 157.90.157.235 24940 (HETZNER-AS)
3 3 70.42.32.31 22075 (AS-OUTBRAIN)
1 1 54.85.186.77 14618 (AMAZON-AES)
1 1 34.199.172.6 14618 (AMAZON-AES)
1 150.136.25.38 31898 (ORACLE-BM...)
1 1 104.111.215.191 16625 (AKAMAI-AS)
2 2 52.31.83.126 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 2.18.233.180 16625 (AKAMAI-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
1 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.43 2514 (INFOSPHER...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
398 73
21    2606:4700:3031::6815:4efc (United States)

ASN13335 (CLOUDFLARENET, US)
filecr.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
cs.media.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
32    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
20    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
i2.wp.com
i1.wp.com
i3.wp.com
3    94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net
cdn4.buysellads.net
1    2606:4700:3035::6815:5fcf (United States)

ASN13335 (CLOUDFLARENET, US)
webcrx.io
23    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
adservice.google.de
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
50    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
9    34.246.244.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-244-131.eu-west-1.compute.amazonaws.com
ads.servenobid.com
7    185.33.220.216 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
10    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    3.127.31.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-31-101.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    35.156.28.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    35.174.217.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-217-176.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
5    2602:803:c002:200::42 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net
ad.doubleclick.net
6    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
15    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
34    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
24    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
8    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
2    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    185.86.138.131 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    3.67.115.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-115-59.eu-central-1.compute.amazonaws.com
match.sharethrough.com
5    2a05:d018:d29:3601:dff7:6d91:8da4:96a3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
12    34.95.81.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.81.95.34.bc.googleusercontent.com
c.4dex.io
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2620:1ec:bdf::60 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
7    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    18.195.132.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-132-244.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    64.74.236.95 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    104.16.200.58 (None, )

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
17    34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
2    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
6    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    50.19.13.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-13-13.compute-1.amazonaws.com
jadserve.postrelease.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    54.172.254.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-254-117.compute-1.amazonaws.com
rtb.adentifi.com
1    35.171.214.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-214-154.compute-1.amazonaws.com
nep.advangelists.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    52.215.67.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-67-233.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    2606:4700::6810:76c3 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
1    157.90.157.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.157.90.157.clients.your-server.de
bidswitch-eu.splicky.com
3    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    54.85.186.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-186-77.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    34.199.172.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-172-6.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    52.31.83.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-83-126.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    124.146.215.43 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
Apex Domain
Subdomains		 Transfer
85 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
882 KB
51 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
334 KB
34 2mdn.net
s0.2mdn.net
585 KB
21 filecr.com
filecr.com
222 KB
20 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
31 KB
20 yahoo.com
c2shb.ssp.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
13 KB
20 wp.com
i0.wp.com
i2.wp.com
i1.wp.com
i3.wp.com
66 KB
17 gumgum.com
g2.gumgum.com
rtb.gumgum.com
5 KB
15 ampproject.org
cdn.ampproject.org
306 KB
15 4dex.io
script.4dex.io
mp.4dex.io
c.4dex.io
25 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
157 KB
10 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
25 KB
10 servenobid.com
ads.servenobid.com
public.servenobid.com
7 KB
9 google.com
adservice.google.com
www.google.com
2 KB
8 casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
8 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
7 adsrvr.org
match.adsrvr.org
3 KB
7 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3 KB
6 bidswitch.net
x.bidswitch.net
3 KB
6 openx.net
us-u.openx.net
rtb.openx.net
u.openx.net
867 B
6 googletagservices.com
www.googletagservices.com
209 KB
5 googleapis.com
fonts.googleapis.com
4 KB
4 1rx.io
sync.1rx.io
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
4 pubmatic.com
image6.pubmatic.com
ads.pubmatic.com
7 KB
4 onetag-sys.com
onetag-sys.com
2 KB
4 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
6 KB
4 sharethrough.com
btlr.sharethrough.com
match.sharethrough.com
930 B
3 outbrain.com
sync.outbrain.com
1 KB
3 everesttech.net
sync-tm.everesttech.net
741 B
3 zemanta.com
b1sync.zemanta.com
2 KB
3 mantisadnetwork.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
960 B
3 google.de
adservice.google.de
1 KB
3 buysellads.net
cdn4.buysellads.net
187 KB
2 creativecdn.com
creativecdn.com
695 B
2 360yield.com
ad.360yield.com
615 B
2 glotgrx.com
pre.glotgrx.com
392 B
2 bidr.io
match.prod.bidr.io
1 KB
2 contextweb.com
bh.contextweb.com
824 B
2 deepintent.com
match.deepintent.com
83 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
942 B
2 lijit.com
ce.lijit.com
1 KB
2 33across.com
pixel.33across.com
ssc-cms.33across.com
2 yabidos.com
pixel.yabidos.com
25 KB
2 criteo.net
static.criteo.net
53 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 media.net
contextual.media.net
cs.media.net
137 KB
2 cloudflare.com
cdnjs.cloudflare.com
33 KB
1 socdm.com
tg.socdm.com
695 B
1 emxdgt.com
cs.emxdgt.com
1 mathtag.com
sync.mathtag.com
656 B
1 bluekai.com
stags.bluekai.com
1 KB
1 technoratimedia.com
sync.technoratimedia.com
292 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
612 B
1 splicky.com
bidswitch-eu.splicky.com
221 B
1 quantserve.com
pixel.quantserve.com
512 B
1 brand-display.com
dmp.brand-display.com
253 B
1 advangelists.com
nep.advangelists.com
232 B
1 adentifi.com
rtb.adentifi.com
88 B
1 rlcdn.com
id.rlcdn.com
1 a-mo.net
prebid.a-mo.net
311 B
1 sonobi.com
sync.go.sonobi.com
478 B
1 rfihub.com
p.rfihub.com
754 B
1 postrelease.com
jadserve.postrelease.com
427 B
1 bing.com
c.bing.com
592 B
1 linkedin.com
px.ads.linkedin.com
704 B
1 mrtnsvr.com
ad.mrtnsvr.com
218 B
1 omnitagjs.com
hb-api.omnitagjs.com
703 B
1 googleadservices.com
partner.googleadservices.com
644 B
1 webcrx.io
webcrx.io
2 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
0 advertising.com Failed
sync.adaptv.advertising.com Failed
398 73
Domain Requested by
50 tpc.googlesyndication.com googleads.g.doubleclick.net
filecr.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
cdn.ampproject.org
34 s0.2mdn.net filecr.com
s0.2mdn.net
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
32 pagead2.googlesyndication.com filecr.com
pagead2.googlesyndication.com
www.gstatic.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
www.googletagservices.com
24 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
eb2.3lift.com
g2.gumgum.com
21 filecr.com filecr.com
16 rtb.gumgum.com 1 redirects g2.gumgum.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
filecr.com
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
12 c.4dex.io filecr.com
10 c2shb.ssp.yahoo.com cdn4.buysellads.net
9 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
7 match.adsrvr.org 4 redirects eb2.3lift.com
ssum-sec.casalemedia.com
7 eb2.3lift.com 2 redirects cdn4.buysellads.net
eb2.3lift.com
7 ib.adnxs.com 3 redirects cdn4.buysellads.net
googleads.g.doubleclick.net
acdn.adnxs.com
7 www.gstatic.com googleads.g.doubleclick.net
7 i1.wp.com filecr.com
6 x.bidswitch.net 5 redirects eb2.3lift.com
6 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
6 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 www.google.com 3 redirects tpc.googlesyndication.com
filecr.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
filecr.com
6 www.googletagservices.com cdn4.buysellads.net
googleads.g.doubleclick.net
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
5 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
5 fonts.gstatic.com fonts.googleapis.com
5 fastlane.rubiconproject.com cdn4.buysellads.net
5 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
5 i3.wp.com filecr.com
5 i0.wp.com filecr.com
4 rtb-csync.smartadserver.com ssbsync.smartadserver.com
4 token.rubiconproject.com 4 redirects
4 sync.1rx.io 4 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com cdn4.buysellads.net
eus.rubiconproject.com
g2.gumgum.com
4 googleads4.g.doubleclick.net filecr.com
4 us-u.openx.net 2 redirects googleads.g.doubleclick.net
4 onetag-sys.com cdn4.buysellads.net
public.servenobid.com
3 sync.outbrain.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 b1sync.zemanta.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 ssbsync.smartadserver.com 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
public.servenobid.com
g2.gumgum.com
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 cdn4.buysellads.net filecr.com
3 i2.wp.com filecr.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 pre.glotgrx.com mantodea.mantisadnetwork.com
2 secure.adnxs.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 bh.contextweb.com 2 redirects
2 match.deepintent.com ssum-sec.casalemedia.com
g2.gumgum.com
2 sync.targeting.unrulymedia.com 2 redirects
2 ce.lijit.com 1 redirects public.servenobid.com
2 ssum-sec.casalemedia.com public.servenobid.com
ssum-sec.casalemedia.com
2 pixel.yabidos.com mantodea.mantisadnetwork.com
pixel.yabidos.com
2 match.sharethrough.com 2 redirects
2 ads.yahoo.com googleads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 ad.doubleclick.net 1 redirects googleads.g.doubleclick.net
2 mantodea.mantisadnetwork.com cdn4.buysellads.net
2 btlr.sharethrough.com cdn4.buysellads.net
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdnjs.cloudflare.com filecr.com
cdnjs.cloudflare.com
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssc-cms.33across.com g2.gumgum.com
1 ads.pubmatic.com g2.gumgum.com
1 sync.mathtag.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 u.openx.net g2.gumgum.com
1 bidswitch-eu.splicky.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 nep.advangelists.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 id.rlcdn.com
1 prebid.a-mo.net 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 p.rfihub.com 1 redirects
1 jadserve.postrelease.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 acdn.adnxs.com cdn4.buysellads.net
1 public.servenobid.com cdn4.buysellads.net
1 rtb.openx.net 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 mug.criteo.com gum.criteo.com
1 bidder.criteo.com cdn4.buysellads.net
1 tlx.3lift.com cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 mp.4dex.io cdn4.buysellads.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 webcrx.io filecr.com
1 www.googletagmanager.com filecr.com
1 contextual.media.net filecr.com
0 sync.adaptv.advertising.com Failed 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
398 109

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2021-08-03 -
2022-09-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-12-06 -
2022-01-26		 2 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
c.4dex.io
GTS CA 1D4		 2021-12-24 -
2022-03-24		 3 months crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh

This page contains 51 frames:

Primary Page: https://filecr.com/en/?id=94640144256
Frame ID: DC08EFE9354EDB579FD6CF7B04FDA819
Requests: 112 HTTP requests in this frame

Frame: https://webcrx.io/extension/comm
Frame ID: 4323A9DB5DA70BDA1147BD58B7537656
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: BA57671FD2F5A3D795A54F8ACEC7FCE8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&adk=1812271804&adf=3025194257&lmt=1640746957&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957152&bpp=2&bdt=444&idt=123&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2277599080302&frm=20&pv=2&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=143
Frame ID: B77B2012B5996612D039CC968136DDBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Frame ID: DEDE3C2F9BAE0C76CC7C520E7D586276
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Frame ID: E8886101D226E34C11EE1451C8B2F7DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3DFF2977705D2DDC1284FB23C5A42586
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/de974e0de653beaf8b7a147538108e14.js?tag=client_fast_engine_2019
Frame ID: 69C713AABBA6E2442E79981C530E6927
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: 2340B89C630C95A172D7800F453EACCC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: 605A1BD8A568E2AD17717147D0B18B90
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/index.html
Frame ID: 88D81EDC06835DE37529209F45614520
Requests: 14 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B26766164.319517987;dc_pre=CNfd6tyCiPUCFc7GuwgdPN0CiQ;dc_trk_aid=512275546;dc_trk_cid=161005276;ord=376318974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 4FCD6E1740250C9672C7B75C88F397E0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EDE1E195661B2D3A60F4326D5BE730C3
Requests: 2 HTTP requests in this frame

Frame: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C6B482F472C59D196653BC38A56AA36F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7FC142296F5958A44C0A92337430F06A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C7F25C3E809ED87FC122D6267780CF2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: AC1243C67B255EB78E9AA949ABB8DB81
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: A9CE0D11D4CDE464C3EE41FD440A56BA
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 7C2B0F42CF9F83341E06669EFFD1548B
Requests: 15 HTTP requests in this frame

Frame: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FE07D5D746AA1E90D2F857B2886095D8
Requests: 14 HTTP requests in this frame

Frame: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 514FA9A5CF4BEA7DB2523470E9A5133A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNXI7KO7UZVCRA-szri8b51xIJvaCFnaPW_OzbXrZhnk-hHk4aSmw9azL4w-2qY5iOdzrz4HABUAnwUUZGUzj6NUj1rfevS92hJxCT3QEe_9bUjNeQc
Frame ID: 7FE56EC077D27EBE9C9768E5F487E7E4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUwhN4NO_j5lGqLvHM1LONj7krveRoTN7LFs_r1PE0--OInLuN0Pj-m-KdFypWrX9x2v55b4z023YcoavinmA2oLBAvsvuDQtAuRr4MzRpvE3Ai0hY
Frame ID: 624527E69533A8169513C97EE2BA7B55
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=filecr.com
Frame ID: 39343EA43FC655615517BD63526D3B26
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
Frame ID: FC4370F2BCE0D4975C3197891CBEAEE3
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
Frame ID: F0EEE6096A553BA3ABDBE0DA896CB4AE
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15AEC6460F816625A617CCBEF16910AB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BE53547CC4703DD3A712AFEEBC1029D8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 542138AA4F6BBD304E812050C860D727
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 46CCC50CF7BFDF835DAAA0526DE53CE6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 74B23D7B9D73CFEC2F709EB1BF924B36
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 4CE88170C5861A38C2A49528785086E7
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 58F07527965EBA6417E7172BD9238339
Requests: 3 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1640746958054&secure=true&version=9&uuid=87237068-ec04-412e-bff0-c0f9aeeaf403&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256
Frame ID: 7FC4727C0DCBA0F231D52950E987681B
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1640746957854
Frame ID: 96BBF27C45D9E42B018D021F017AE4CA
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 61C8555C15B01B0BFD71315971121A32
Requests: 11 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 1EE90DEFD8D2723EB9C8175AE5B3A98C
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: F3F31778F48A75EB4C5CC0B8EA0283D2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 882D3D23241EF5ED980C7BDA8992A3A7
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 6ED18B41AD809D21A1A4A7A4B598A9C5
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: FF4CD5E32A7F489CC847BF1C1A014589
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=c52061cb-cfd1-4600-a448-0399dd0bfb45&gdpr=0&gdpr_consent=
Frame ID: 91337DE429F9CD0BF7BEF35C1145FE84
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YcvP0QABcWXrMwAF&gdpr=0&gdpr_consent=
Frame ID: 1BAFF84EF517C6492C22FB1B7443398C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mMzUxM2JiZi01YmNiLTRiZDUtOGIyMi0yMWZkY2M3ZTZkMmY=&gdpr=0&gdpr_consent=
Frame ID: 3417DEADB2AD2745B6CCA7582F932F6C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 18384B2C9CDFF95F4F21B1716EEACF52
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 8FBFAC53EE43693B6F7E190570F28174
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=34e83a71-ac15-43fc-a517-573939a26801&t=1643338961
Frame ID: 658379D6635268D88A5BD28A01CFE715
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: AF14F3E37B27C34F72F533F62B4DDD67
Requests: 3 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 429DAB0E71FBA2E493F7BE530D98C01E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YcvP0sCo8YQAAESP3.kAAAAA
Frame ID: A7389006B84D9328879B1805F6700E12
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=Y1x5ssw45UM0ZE4Jcyw5&pi=gumgum&tc=1
Frame ID: EA4BAF98700E5822E73A7E6A07A241BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FileCR - THE BIGGEST SOFTWARE STORE

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

398
Requests

85 %
HTTPS

31 %
IPv6

73
Domains

109
Subdomains

73
IPs

9
Countries

3383 kB
Transfer

8907 kB
Size

77
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129
  • https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B26766164.319517987;dc_trk_aid=512275546;dc_trk_cid=161005276;ord=376318974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B26766164.319517987;dc_pre=CNfd6tyCiPUCFc7GuwgdPN0CiQ;dc_trk_aid=512275546;dc_trk_cid=161005276;ord=376318974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 142
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 219
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 220
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFxmdfqh8X8LuKYMEnGH_c&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFxmdfqh8X8LuKYMEnGH_c&google_cver=1&C=1
Request Chain 228
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YcvPziZtjvbL1RXKY0SD4wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFxmdfqh8X8LuKYMEnGH_c&google_cver=1
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPuHdcvAmCDuez9eDQOkUZU&google_cver=1
Request Chain 230
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNTQzNDM4NDI5MjQ4Njk3Mw%3D%3D
Request Chain 236
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN9JnYLnbO4y24NLF1YRNVE&google_cver=1
Request Chain 250
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=filecr.com&sn=ChromeSyncframe&so=0&topUrl=filecr.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=QGUnJXxHWm5tNzBnMmdnbnNEN0FyeWwvakQrQnI2NGxaSUZoVkdkYmx5T3pVa0ZHMmF4bTBmRGlMR0kzb0ZoVllhbzhNZFBGOTNEd1VYQ3ZaZktZbzhwRnBGMUtLdGc2MEd1b1Q4VmlRQTR4K0JaZlBpdDEwcG9PbXUyOGZBS1R0WVJodS9HMFBsc0MyRTcxc0FDa1FDZG5vQ1JFbUFwcW4rWFBHYXpIOXR0T1U4RnJSdEtveVYvRk5XNm1wY05kTWRBclJkd3dqV2dObkxsb3RYOFFNNFV1MFhDbmREV3hjSzczYWpsT284MHZmckZMZHVnQ3duR09NbFl0dVV6RkhGS2I5SWYzMzhkQWNzSm1UVTZwYkJSb0Fkdz09fA&cppv=2
Request Chain 258
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHRXKREDI3HJB4bgCdlP_Ag&google_cver=1&google_push=AYg5qPJOoFUCvgMFI-QboJO3YtzdT694Q83bhsdU9-HXIVR0-_-ne1Y1NJmT8n8zijpDDwJkdfESsEDXm_sNU3inkP_wagkWB8j2 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHRXKREDI3HJB4bgCdlP_Ag&google_cver=1&google_push=AYg5qPJOoFUCvgMFI-QboJO3YtzdT694Q83bhsdU9-HXIVR0-_-ne1Y1NJmT8n8zijpDDwJkdfESsEDXm_sNU3inkP_wagkWB8j2&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uZXKfI1IT9iCXjSBvn24bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOoFUCvgMFI-QboJO3YtzdT694Q83bhsdU9-HXIVR0-_-ne1Y1NJmT8n8zijpDDwJkdfESsEDXm_sNU3inkP_wagkWB8j2
Request Chain 259
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJwwolVGh3swjKP6ltB-ivc&google_cver=1&google_push=AYg5qPLdcWBsFzjIL7cVpRBqrnGtdd_XLJ1lts0JF0xlLgMbBVc8iEXQPYyEMvaNqw162vqNLLbIjRquHzcBbcvi7_f26f2ZNmP4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF&google_push=AYg5qPLdcWBsFzjIL7cVpRBqrnGtdd_XLJ1lts0JF0xlLgMbBVc8iEXQPYyEMvaNqw162vqNLLbIjRquHzcBbcvi7_f26f2ZNmP4
Request Chain 260
  • https://cs.media.net/cksync?type=g&google_gid=CAESED-JT1FBo_Lz1WciDi7jWSU&google_cver=1&google_push=AYg5qPK9Wj0ooRNFURN6mjy8mWfumdUOiRybJlGYBKziG45FQ7ck63L9qlYLYzgQGKKaCTzXTPPWt170F6Ungv-BdqRvTpcJW0dZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjgzNzQ4NTU5OTg2MDIyMjAwMFYxMA%3d%3d&mn_hm=MjgzNzQ4NTU5OTg2MDIyMjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK9Wj0ooRNFURN6mjy8mWfumdUOiRybJlGYBKziG45FQ7ck63L9qlYLYzgQGKKaCTzXTPPWt170F6Ungv-BdqRvTpcJW0dZ&gdpr=&gdpr_consent=
Request Chain 262
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJrSMRHPeDuq_mN6CVSk-nM&google_cver=1&google_push=AYg5qPIXn7DFAoGUvBX4KXcvTW5ofYOAIqIaXkbe_j_jMvUZXy4ovin5p5TtQcPxrrnvWjSknidzXGrBjuB8e0Qi_rTrdZz285bq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS04a2Q0X09GRTJ1SFhUdW9Kb3k1bXguc1dCd3BuSTRSeX5B&google_push=AYg5qPIXn7DFAoGUvBX4KXcvTW5ofYOAIqIaXkbe_j_jMvUZXy4ovin5p5TtQcPxrrnvWjSknidzXGrBjuB8e0Qi_rTrdZz285bq
Request Chain 263
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECmF36NjMKpmGuWce8Zy1C4&google_cver=1&google_push=AYg5qPIkgikdFTJfEMtdeU77Ata6ca3SRZdfeJvosVLz7Nrk7FzLXRz6WenDnPjm8n1r3P9LjMfxTPJ1DHsNXR79kgz_w68tuE0vKw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmI2ZDJhZWUtNzA5ZC00NjEwLWE5MmYtYTdkNzA1Zjk0NDkz&google_push=AYg5qPIkgikdFTJfEMtdeU77Ata6ca3SRZdfeJvosVLz7Nrk7FzLXRz6WenDnPjm8n1r3P9LjMfxTPJ1DHsNXR79kgz_w68tuE0vKw
Request Chain 265
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDwpQT9BtCF2jRR42dk7KVI&google_cver=1&google_push=AYg5qPJO0xjnAPP-KjiB1OIv4U6BRH65fyef-0quHhVmrZ4SnlXDNMGw_bSkbPw_xT11RMZEJLGeAQ5Bi225s-OpPxh6zDFGDlq9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJO0xjnAPP-KjiB1OIv4U6BRH65fyef-0quHhVmrZ4SnlXDNMGw_bSkbPw_xT11RMZEJLGeAQ5Bi225s-OpPxh6zDFGDlq9&google_hm=NTA5NzQ3MDU0MzA2NDk2NzczMQ%3D%3D
Request Chain 267
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJwwolVGh3swjKP6ltB-ivc&google_cver=1&google_push=AYg5qPKycSpPB5dUMNIgHQ42CVjRWg7ILhZfuuo--Buty373E9k86uTUx48yce1L3r3zlu-6TW6ktf3uiaIZsmfQcI7xdZBVz80V HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF&google_push=AYg5qPKycSpPB5dUMNIgHQ42CVjRWg7ILhZfuuo--Buty373E9k86uTUx48yce1L3r3zlu-6TW6ktf3uiaIZsmfQcI7xdZBVz80V
Request Chain 268
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_cver=1&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1
Request Chain 269
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEOkSMzpGKuaNO35lTq6C9wo&google_cver=1&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
Request Chain 270
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJrSMRHPeDuq_mN6CVSk-nM&google_cver=1&google_push=AYg5qPJNYPrvwYIKrPckZTGvCpVsZZrA6fqHL3Djl-cwInFhOWE4NvgjXI4alUAsT1mVBnbGQVgUbvLC4_fm8vEKb4IWs15eBjdmhg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS04a2Q0X09GRTJ1SFhUdW9Kb3k1bXguc1dCd3BuSTRSeX5B&google_push=AYg5qPJNYPrvwYIKrPckZTGvCpVsZZrA6fqHL3Djl-cwInFhOWE4NvgjXI4alUAsT1mVBnbGQVgUbvLC4_fm8vEKb4IWs15eBjdmhg
Request Chain 271
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECmF36NjMKpmGuWce8Zy1C4&google_cver=1&google_push=AYg5qPLD7pwEJXfEU02BhYry5rQv9Z0CFT0LDbp5ZBYW4FaG9G1gsSAGePlG8xFdaFPk7-lPPcMzaPbIEFI_RA1RrxpBHCchv3aa2Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Yzg4YjM4ZGUtMzE4Mi00NjY0LWI2MWMtMzEzNzEwMDliNzZm&google_push=AYg5qPLD7pwEJXfEU02BhYry5rQv9Z0CFT0LDbp5ZBYW4FaG9G1gsSAGePlG8xFdaFPk7-lPPcMzaPbIEFI_RA1RrxpBHCchv3aa2Q
Request Chain 317
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 321
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=EEwhVDbfp&dongle=u6nf
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIiYJk-M4owWPo82ybyK-v8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 323
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMjQ1NjY2MjEyMzgzMDU5OTM%3D
Request Chain 325
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/10324566621238305993?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-L_aJ5xZE2oSYkR1k4S3X7829aEayu4RQvdOQGST6CQ--~A&dongle=0883
Request Chain 328
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=10324566621238305993 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10324566621238305993&dcc=t
Request Chain 329
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 332
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=34e83a71-ac15-43fc-a517-573939a26801
Request Chain 338
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7225434384292486973
Request Chain 339
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Request Chain 340
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1995151955 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/34e83a71-ac15-43fc-a517-573939a26801 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
Request Chain 342
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5123196420901286746
Request Chain 344
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=813d5567-f0da-4ea5-b4bd-5e7d096a7d66&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 345
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-P8dSUM1E2uGORDhmHWRPwMzrcmZamstJ9KfW82M-~A
Request Chain 347
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzEzN2NhMzUxNWE3NTA3ZjYzNDllZmZiZTg5NWVlMjA4ZDM5MmY1ZA
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIbRkEtwyiQiMqpS5hMt_gk&google_cver=1
Request Chain 349
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YcvP0QABcWXrMwAF HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YcvP0QABcWXrMwAF&_test=YcvP0QABcWXrMwAF
Request Chain 351
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXQYDJBC-Q-JMKE&sigv=1&esig=2~3782bd80cda1e0154be95901d50402f850a1949a
Request Chain 352
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3njT9jXCHBfbrExhBWekVA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5097470543064967731
Request Chain 353
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_cver=1
Request Chain 357
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&dcc=t
Request Chain 360
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ebb80216-4ab3-4a05-a045-2bd9aa9242a3
Request Chain 365
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=KRxk1EzJ5W1Q&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 366
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=ADnlKE7Dl6AAAEtrjHsDFQ&gdpr=0
Request Chain 367
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=GqjiG0__5UgBr7AdTf-sTxupt0ABqrFKSK6dzkCQ
Request Chain 368
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7225434384292486973&gdpr=0&gdpr_consent=
Request Chain 371
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7225434384292486973
Request Chain 372
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6d60707b-f46c-48ff-9d11-78f46152ddec HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=6d60707b-f46c-48ff-9d11-78f46152ddec HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=6d60707b-f46c-48ff-9d11-78f46152ddec
Request Chain 373
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28wxm99jZ-E768Tzz4ZJv0zJJNlX54wAFZI4Qnyck8R6YpybcMiGHohMjFD8zgI0wp%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28wxm99jZ-E768Tzz4ZJv0zJJNlX54wAFZI4Qnyck8R6YpybcMiGHohMjFD8zgI0wp%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f&obuid=ENC(wxm99jZ-E768Tzz4ZJv0zJJNlX54wAFZI4Qnyck8R6YpybcMiGHohMjFD8zgI0wp) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3Dwxm99jZ-E768Tzz4ZJv0zJJNlX54wAFZI4Qnyck8R6YpybcMiGHohMjFD8zgI0wp%26uid%3D
Request Chain 374
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=4d462119-c6ee-48d5-8599-72a6f8a96c07
Request Chain 375
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-2cd3ef61-c47a-4400-67b0-3b0397e5eecc$ip$91.199.118.74
Request Chain 376
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-bFcSU5JE2peJg.D281Z1d8k2BN1rIrzZSGxu~A
Request Chain 377
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=c9c0261a-6853-11ec-993e-eb5bec7e4584
Request Chain 380
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=k1cj8SIVmZWULBMlX7o0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22ZRMNVDQU2JKZWVUV2VJRBE23CYG5XTAJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22ZRMNVDQU2JKZWVUV2VJRBE23CYG5XTAJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=k1cj8SIVmZWULBMlX7o0&us_privacy=1---
Request Chain 381
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=dc2fdacf-c43e-4b8e-b5a5-125f2b9a21d3
Request Chain 382
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003&rndcb=2213315336 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=6d60707b-f46c-48ff-9d11-78f46152ddec&google_hm=NmQ2MDcwN2ItZjQ2Yy00OGZmLTlkMTEtNzhmNDYxNTJkZGVj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEG8XJvKEESEZdlZ3qDGByEs&google_cver=1&ssp=adconductor&bsw_param=6d60707b-f46c-48ff-9d11-78f46152ddec HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/6d60707b-f46c-48ff-9d11-78f46152ddec?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
Request Chain 383
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=lAAzrWCN5soI&ev=1&pid=558355
Request Chain 386
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=c52061cb-cfd1-4600-a448-0399dd0bfb45&gdpr=0&gdpr_consent=
Request Chain 387
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YcvP0QABcWXrMwAF&gdpr=0&gdpr_consent=
Request Chain 391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=34e83a71-ac15-43fc-a517-573939a26801&t=1643338961
Request Chain 392
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 394
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YcvP0sCo8YQAAESP3.kAAAAA
Request Chain 395
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=Y1x5ssw45UM0ZE4Jcyw5&pi=gumgum&tc=1

398 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
filecr.com/en/ 		145 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27 PleskLin
Resource Hash
c5c9293a7bd9fb7e0f9d30e981977350a6ae08773847d1af5d3f6abe971caee9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.27 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://filecr.com/wp-json/>; rel="https://api.w.org/", <https://filecr.com/wp-json/wp/v2/pages/57680>; rel="alternate"; type="application/json", <https://filecr.com/?p=57680>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YQb%2F%2Bpo1V5YlxNTUh96aougAkAnxxZAXgMWJi1m3w%2B4ackCzC%2BKQKKhtFYRpX%2BQtjkGeSy%2B9ieE6d4SEqfWdFzD%2FA5F8CJX2jPh56%2BnOTgHwWSPdMa9Jd9R5Rs7obKnz%2BXQuGsOUR4C"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c4fca5df9314ec2-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f903b0e68ac1cb80ad56c6da32fa545314baa698fb8f2e6a65b8e33fca427d96
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5352090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2222
timing-allow-origin
*
last-modified
Mon, 10 Aug 2020 15:57:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f316e72-32ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wL%2BPwB3XTmiVFnadmZ4YsTClC9jnh0Te1TqYn0Gu2e8Voi7R8eXb%2F%2BotGL6gqgnGkQD62FzgjYmmibsyVp7uOi5WvYZDl8TUBmHMwiNBqb094IwKCn5MJvrDjLciBa3jMze%2FX82%2BbTYhgTXCORHnFHD1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c4fca5fab13692d-FRA
expires
Mon, 19 Dec 2022 03:02:36 GMT
style.min.css
filecr.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1045
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-13abe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vqufe2R6b0NJddg1iWBjP2Xk028gPVqeY3r55Sap7A8ga%2BgIDnWfqceInX0uFzEUoqJJfgDZY5FZ93u5f%2F4ddrxgI27%2BKd1izTtsp4A88ms%2FsoyY2o1xuCfUq4YhQcV%2F9jKxnV5ErjD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6c4fca5f9a544ec2-FRA
style.css
filecr.com/wp-content/themes/filecr/ 		61 B
394 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/style.css?ver=5.8.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
574f5dc48c403fa7ede2cb0e9bcbc979c2cdf658c2268a4744140f5f174d3e93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1045
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"19c-5cc72c9e32d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDUjYHB9W26FtDjMfd5QlaV%2F1UA9SkobGGd%2Bdl%2BEUnqmq%2Fp85ljfAZSYnZSln4sfdadurt7qvdxN06trP%2BF6As%2F1dBlEnexIiiE%2BbLbv2DcBhgdMWY0US8NUStjHWi%2BtM99cdN9fqNbe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=412
cf-ray
6c4fca5f9a564ec2-FRA
cf-bgj
minify
style.min.css
filecr.com/wp-content/themes/filecr/assets/css/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/css/style.min.css?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a99d9a63bc96ec98b7e05f106603236b4d6f5b53bd9d4ebabb25543047b35bef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1369
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-1adb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g17nbBudS3xGxZfHCT9RX0ajyH8wr9PD9CxlRyJu6Rc%2Fut1RZMvH1ZJQqIMYxq7hNO8ON%2FOqAPp41G5PqxMKX7R86RlfefXOXTFoK%2F5xA0%2FMJj0WEKoi%2B49Oael2xc9RbBWTZVXKBk7N"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6c4fca5f9a574ec2-FRA
main.js
filecr.com/wp-content/plugins/wp-custom-parameter/js/ 		245 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/wp-custom-parameter/js/main.js?ver=1.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
be5f701f37218795787c585bdac8050f748447d710da0bdf08a22f15ee7b119e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1369
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 13:43:35 GMT
server
cloudflare
etag
W/"10e-5cc95b36c8687-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0DjieQsWTiRlHRryvhVuFYOmgvmq0%2FyqwhEXnW4niiHyRr28q0MYOAVIAw52PcxDEBd7ZmCHysqt5Y9VgU1rrkcf8auS8oV6EW2vExauetA2eaRyxrmlyISjXQhTE%2BeZUW8fznqOra1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=270
cf-ray
6c4fca5f9a584ec2-FRA
cf-bgj
minify
jquery.min.js
filecr.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
911
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysGOElnqw0btxPyQwBX1RxM2C4f0i3luxHaIy%2BQgPqzLyyK1c%2BoGTfLYmh26FykgNEkaFGapuBQQA796BTRKS8Vlzp5TpAq4lZ%2F2Mzcy7Dy5G5%2FDEFuxbdepxNgU6QlIJ62G9eNN8z1W"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6c4fca5f9a594ec2-FRA
jquery-migrate.min.js
filecr.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
911
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"5fb4e3fe-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAsA20aTE%2FvmNrsn89KLViaPW4TXzeIJNTOq4B23tnUn0pGZpNt5Jq9X%2BJ%2FK5OC8p%2BmEfH1fwr2Kc%2Fs0slqkNskpYHSL0RRLJM1NdqiP8Jm80%2FEmCQ7mj%2FYtm7IG9jToaPVLaGokQ5Zo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6c4fca5f9a5b4ec2-FRA
advanced.min.js
filecr.com/wp-content/plugins/advanced-ads/public/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.30.5
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Dec 2021 09:45:33 GMT
server
cloudflare
etag
W/"61bc5c3d-29e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE16ShBNn0KnlPIiPF2U0yaTob9YUivpq6zu3bMM%2F0CmpF5vHpbkkPDW5drO97GZdFAb44PFkzt8zTFAN5DiDCqY3lw9S6VHz0tSpE74o6aetQ%2FavSBFrDU%2B7VFbJi5IiijldGfzQvHc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6c4fca5f9a5c4ec2-FRA
dmedianet.js
contextual.media.net/ 		427 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU709Q2E
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c243f28e05a28a4ad9180436c1bf4aa6962dec59e38574870059ab303826181
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-mnt-h
8-19
content-encoding
gzip
server
Apache
etag
"c6a33aa92d949f114a472dd8f418dc6c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Wed, 29 Dec 2021 03:02:36 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-7
expires
Wed, 29 Dec 2021 03:07:36 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139662474-1
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf1bcf9639febe995799b0428801b7af38d5fd7e3b7249e7a9da6314903d1817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36182
x-xss-protection
0
expires
Wed, 29 Dec 2021 03:02:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd4bc3d38632c492c786a8aee8289354144e0fe91f2844cf3013a95a9ad4873c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51732
x-xss-protection
0
server
cafe
etag
3409492205450485460
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Dec 2021 03:02:36 GMT
Icon_Blackmagic-Design-DaVinci-Resolve-Studio_free-download.png
i0.wp.com/filecr.com/wp-content/uploads/2018/12/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2018/12/Icon_Blackmagic-Design-DaVinci-Resolve-Studio_free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
b1af9aaef658c2ddc16c0fe26521401658b8002a70c28fefcabfec92ec168edd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:19:51 GMT
server
nginx
etag
"563260762a898bd3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/12/Icon_Blackmagic-Design-DaVinci-Resolve-Studio_free-download.png>; rel="canonical"
content-length
3322
expires
Fri, 31 Mar 2023 01:19:51 GMT
icon_Avid-Media-Composer_free-download.png
i2.wp.com/filecr.com/wp-content/uploads/2019/01/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2019/01/icon_Avid-Media-Composer_free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
c2605b319ff5cdee21d71e6b7cf0a187464bafa48b2ba4947bbd52ca1991bb8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:16:32 GMT
server
nginx
etag
"ce52ce346545368b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/01/icon_Avid-Media-Composer_free-download.png>; rel="canonical"
content-length
3516
expires
Fri, 31 Mar 2023 01:16:32 GMT
Icon_Glary-Utilities-Pro_free-download.png
i1.wp.com/filecr.com/wp-content/uploads/2020/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2020/04/Icon_Glary-Utilities-Pro_free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
a74f6799343afa74391d7dd24a0a1b505cdf058388ee6eda58ca1dcd646c8ab5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:04:37 GMT
server
nginx
etag
"7df36871d1fa0bf4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/Icon_Glary-Utilities-Pro_free-download.png>; rel="canonical"
content-length
2920
expires
Fri, 31 Mar 2023 01:04:37 GMT
Icon_McAfee-Endpoint-Security_free-download.png
i0.wp.com/filecr.com/wp-content/uploads/2020/02/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2020/02/Icon_McAfee-Endpoint-Security_free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
2eb904635f4a0a4fcd66a4ae7d124d6f0fc8083da97a8292eb31357e17845783
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 13:43:19 GMT
server
nginx
etag
"5aa6d5d65fb445c5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/02/Icon_McAfee-Endpoint-Security_free-download.png>; rel="canonical"
content-length
1926
expires
Sat, 01 Apr 2023 01:43:19 GMT
Modified-Win10PE-Logo.png
i0.wp.com/filecr.com/wp-content/uploads/2018/12/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2018/12/Modified-Win10PE-Logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
54ad1caf60fbffae863420db4245b613cfd4793d9fe8cf36b45cf6c95c5819ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:41:59 GMT
server
nginx
etag
"1b4d2a2e06240248"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/12/Modified-Win10PE-Logo.png>; rel="canonical"
content-length
2556
expires
Fri, 31 Mar 2023 02:41:59 GMT
Icon-Boris-Continuum-free-download.png
i1.wp.com/filecr.com/wp-content/uploads/2019/06/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2019/06/Icon-Boris-Continuum-free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
d4996b52af6d07e8ed85e129fe2d1a9938bf1a1dcea880cb6ec28d541e2c98b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:34:33 GMT
server
nginx
etag
"e7324648ed33ce28"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/06/Icon-Boris-Continuum-free-download.png>; rel="canonical"
content-length
3556
expires
Fri, 31 Mar 2023 01:34:33 GMT
Icon_4K-Video-Downloader_Free-download.png
i1.wp.com/filecr.com/wp-content/uploads/2018/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2018/11/Icon_4K-Video-Downloader_Free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
16b9e32d2030053b8337c5597c606a4903c783429172b9b47375821b60eb8c19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:04:37 GMT
server
nginx
etag
"3aa3f93d2a4a815a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/11/Icon_4K-Video-Downloader_Free-download.png>; rel="canonical"
content-length
3842
expires
Fri, 31 Mar 2023 01:04:37 GMT
DxO-PhotoLab.png
i3.wp.com/filecr.com/wp-content/uploads/2021/07/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2021/07/DxO-PhotoLab.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
71f583214fcb1560b3ad698a28a9d949c28f879167c163b3d82ccd391ef8e5bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 06 Oct 2021 17:45:13 GMT
server
nginx
etag
"813e33a3737df5d7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/07/DxO-PhotoLab.png>; rel="canonical"
content-length
2894
expires
Sat, 07 Oct 2023 05:45:13 GMT
truecaller-caller-id-block-logo.png
i1.wp.com/filecr.com/wp-content/uploads/2021/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2021/11/truecaller-caller-id-block-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
fc1ff38f1bca2b62914aa0295958396d8c3ace42dfd9e53be5c53a860f8f206f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Sat, 25 Dec 2021 14:58:12 GMT
server
nginx
etag
"e9bdd4146dce1f71"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2021/11/truecaller-caller-id-block-logo.png>; rel="canonical"
content-length
2852
expires
Tue, 26 Dec 2023 02:58:12 GMT
filmorago-logo.png
i2.wp.com/filecr.com/wp-content/uploads/2020/08/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2020/08/filmorago-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9aa257c1850506a2fae07305fd07b9fd30da894d386d3775581b947324c2b577
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:34:30 GMT
server
nginx
etag
"ce9efbb4c42b701c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/08/filmorago-logo.png>; rel="canonical"
content-length
1504
expires
Fri, 31 Mar 2023 01:34:30 GMT
battery-guru-battery-monitor-battery-saver-logo.png
i0.wp.com/filecr.com/wp-content/uploads/2020/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2020/11/battery-guru-battery-monitor-battery-saver-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ec9f2d07e957d112e0a80e5a33439184d9c87a8df31ed2cbc3256a9c293e0e0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:06:12 GMT
server
nginx
etag
"03cd178a5fd6ee07"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/11/battery-guru-battery-monitor-battery-saver-logo.png>; rel="canonical"
content-length
1926
expires
Fri, 31 Mar 2023 02:06:12 GMT
1tap-cleaner-logo.png
i3.wp.com/filecr.com/wp-content/uploads/2020/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/04/1tap-cleaner-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1c61a31466f21adef51634ed9a8bfd6b994b1984873956c6e17a3ecfbc87e423
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 18:36:27 GMT
server
nginx
etag
"e4137ec720b4708c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/1tap-cleaner-logo.png>; rel="canonical"
content-length
2628
expires
Sat, 01 Apr 2023 06:36:27 GMT
rosetta-stone-learn-languages-logo.png
i3.wp.com/filecr.com/wp-content/uploads/2020/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/10/rosetta-stone-learn-languages-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
8f163fdb0d575831a79f5c34111a9d3a1a71d564e643fd08ef4495791743d13e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:09:12 GMT
server
nginx
etag
"18f45a67acf0ded7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/10/rosetta-stone-learn-languages-logo.png>; rel="canonical"
content-length
3694
expires
Fri, 31 Mar 2023 01:09:12 GMT
Photo-Grid-Photo-Editor-Video-Collage-Maker.png
i1.wp.com/filecr.com/wp-content/uploads/2020/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2020/12/Photo-Grid-Photo-Editor-Video-Collage-Maker.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3d7c4dbc2c2348f475e685fb7f298dbc2f969d7d9433ece7b42d828f3bfdcf4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 14:58:44 GMT
server
nginx
etag
"d281ad60c2c58c97"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/12/Photo-Grid-Photo-Editor-Video-Collage-Maker.png>; rel="canonical"
content-length
4238
expires
Fri, 31 Mar 2023 02:58:44 GMT
appmgr-logo.png
i3.wp.com/filecr.com/wp-content/uploads/2020/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2020/04/appmgr-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
6cc38fed4254a74bd74c738a6dd959a672b9f67e43b651bf871495a47689cb25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 14:16:29 GMT
server
nginx
etag
"4cadd0bd40c8018a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/04/appmgr-logo.png>; rel="canonical"
content-length
2570
expires
Sat, 01 Apr 2023 02:16:29 GMT
video-show-logo.png
i0.wp.com/filecr.com/wp-content/uploads/2020/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/filecr.com/wp-content/uploads/2020/09/video-show-logo.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
8756cacc6f527aa5544e5be7947428723a36be71624a337315c4e4a761edcae0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:04:37 GMT
server
nginx
etag
"29d362c4c01b5c59"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2020/09/video-show-logo.png>; rel="canonical"
content-length
3188
expires
Fri, 31 Mar 2023 01:04:37 GMT
Wondershare-Filmora-macOS.png
i1.wp.com/filecr.com/wp-content/uploads/2019/11/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/uploads/2019/11/Wondershare-Filmora-macOS.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
60a021aa4820ca71fb46e8982955c578f4d6c87cfad49471f31f0fccce14c8e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:20:46 GMT
server
nginx
etag
"17cc51f5aebc21d4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2019/11/Wondershare-Filmora-macOS.png>; rel="canonical"
content-length
1044
expires
Fri, 31 Mar 2023 01:20:46 GMT
icon_DxO-PhotoLab_free-download.png
i2.wp.com/filecr.com/wp-content/uploads/2018/12/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/filecr.com/wp-content/uploads/2018/12/icon_DxO-PhotoLab_free-download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
acd669956964821a13f74ee0786b8d93b4a6a7c4507e5926dd9d741b239fb9a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:42:15 GMT
server
nginx
etag
"c91b3bcdac8cc37c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/12/icon_DxO-PhotoLab_free-download.png>; rel="canonical"
content-length
1382
expires
Fri, 31 Mar 2023 01:42:15 GMT
Icon_4K-Stogram_download.png
i3.wp.com/filecr.com/wp-content/uploads/2018/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.wp.com/filecr.com/wp-content/uploads/2018/11/Icon_4K-Stogram_download.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
8a7126b46a60d4a6b9bf33541fc5d8860f0cbf4d38fd3b0f499805ce9274519e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 16:25:23 GMT
server
nginx
etag
"7062f5e5d4dae892"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/uploads/2018/11/Icon_4K-Stogram_download.png>; rel="canonical"
content-length
3176
expires
Sat, 01 Apr 2023 04:25:23 GMT
extension-feature-image.png
i1.wp.com/filecr.com/wp-content/themes/filecr/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/filecr.com/wp-content/themes/filecr/assets/images/extension-feature-image.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
0e88ad62ff0a0c72ef67e1daf40764b12861d27f3c7d1ddce8e7124d69621d59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 11:51:17 GMT
server
nginx
etag
"d80f3bfe22caf697"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://filecr.com/wp-content/themes/filecr/assets/images/extension-feature-image.png>; rel="canonical"
content-length
10528
expires
Wed, 24 May 2023 23:51:17 GMT
script.js
filecr.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/script.js?ver=1.10.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7136
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 07 Jul 2021 11:56:39 GMT
server
cloudflare
etag
W/"60e59677-b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug00f558LsqkvMUssD46KCQoL9gA5I%2Bq4PIuHxmUB80seU%2B8oMDWLFuVyvCbrLxQr29xcioXx2X3ibE0hDyAMW6ckG5ZhujkWpG%2F%2Bs8LmSc07i%2Bo4dFHZhn%2BwudKV0zkDGDw3%2Buu3HgX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2962
cf-ray
6c4fca5fb9785c14-FRA
cf-bgj
minify
ads.js
filecr.com/wp-content/plugins/deblocker/js/ 		126 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/deblocker/js/ads.js?ver=3.1.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3dbfe6eda0abf69eb1901f4696d5daf4e276cb6dd8c30dfaa26b724b60251635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1368
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 21 Mar 2021 11:33:20 GMT
server
cloudflare
etag
W/"33f-5be0a50e9c000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZD9IoHJfpCdf2dWGa6Dl53AGmQJmvNfmr6chEN9wY4%2F0OiquBn1LLmf7gAgn5DPnvQS%2BZS1nDvKuRhve1pSSsK9f8EYZh7jh%2F7bE09r7N5R%2FfT6k2%2BdjBU6xaCQSGAQl4zDwfQypoGn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=31536000
cf-polished
origSize=831
cf-ray
6c4fca5fc9835c14-FRA
cf-bgj
minify
advanced-ads-pro.min.js
filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.15.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
308c252b2381b887baf74268990c582643dbdaad9e9b332d158112745e2c65ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
744
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 04 Dec 2021 13:06:34 GMT
server
cloudflare
etag
W/"61ab67da-1620"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWaL%2F8PyO%2FZnuc1nOelHlkG1njPu679igE3TUICIEMzLRBIkJZqgIXZ4UcujU43lgHEpKkHRmtCHDuP8mKqReN%2BztQk%2FL%2FSKL1sdLqNdeg%2B8PYLMaFkyq9k8euwryW0zi4IWQXtbewNn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6c4fca5ff9b85c14-FRA
script.js
filecr.com/wp-content/themes/filecr/assets/js/ 		272 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/script.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
11cd1e1d49bf0a95c35aeb868dd4673260a225078ed2e054ed0fa6a8cb64e99e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
911
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-4d0f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgmSMKuMJkL7ocpWuVTt3oBp%2B63oI%2BwABjTTtxehhZeHqycz9sFeXxtCUfzwizLNxh9h5V%2FzA5t6oXvDQWkZInZsHVbLeOEaFRYWwGX3wp3JwTz7LTO1ZPs90h0BAt8K%2F5Ba%2FfKtVQC9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=315638
cf-ray
6c4fca6009bd5c14-FRA
cf-bgj
minify
ratings.js
filecr.com/wp-content/themes/filecr/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ratings.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3e4609b61e3f7b1135d9d5dac5113fdeccf8085478d37cea8ea11cf63034e8af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
911
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-f89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12EwzqY%2FhevJikJbLE%2FrQHVjtvf6dVTorywY501wfec2d27jw7PpTq%2FHGFHOTY6MWbn9hVz0FyN62XYAbl%2F4GQCCvrtwVgUhV3zzPTKk1FAuTITNQsTtm%2BMps8Vz8aujt%2B7TZDqzYaEK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=3977
cf-ray
6c4fca6009bf5c14-FRA
cf-bgj
minify
confirm.js
filecr.com/wp-content/themes/filecr/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/confirm.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
89e267039d32f778ee14f762d623290ef56cc3965c0d8843a9f81d5748322d72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1045
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-842"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZ2PsBG%2BjPFns6AJfCbB6%2Bx36fz48Udm7jr%2BkKUyMEFVI3KLhWxFS3aYoEE%2FWzoW%2F6FFB4g9DmyHWdOQ%2Bz70jASfGZyR5Nt3qygK%2FZSES4lVAaQy1%2B9rj7j3oJzGh%2FUX4ST8DT7hfaSn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2114
cf-ray
6c4fca6009c15c14-FRA
cf-bgj
minify
ext-notification.js
filecr.com/wp-content/themes/filecr/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ext-notification.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
15e116457c9d49a0e37d9128e98dd0da56c3413408aeb2e49903e490e98fc7c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1045
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-88e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fie05YmazVsoflFfrMgKZ%2FnljMrciLk9pGn70RgejsKAlc4WQb%2FZ5xQ8%2F37uFr4umpI4bHlT4qM2SyMhyNizTrR8X4v8TzQHIy7EctR8JpO%2Be%2BRUjeOaXPzi8GD44qrde29cilwyNxZk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=2190
cf-ray
6c4fca6009c25c14-FRA
cf-bgj
minify
custom-front.js
filecr.com/wp-content/themes/filecr/assets/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/custom-front.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e2b0c644e90d90d54a55d3c7dd7dde3f8897a92f18ee6d69d74d5cab0167405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
744
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-47ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCMWRdBA6wodo%2Biku9cmUlaTAlKI7YU8WKhy1nnTt589RKj5N5VQzHtz2UY01qfNvN3gOZ%2BLMsZNrSORipWbLN5iSnxAwIierVGMl8YdIo3ShEBQgUWElZ5AeboaarQ9x2iH%2B%2FjWutF%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=18431
cf-ray
6c4fca6009c35c14-FRA
cf-bgj
minify
ext.js
filecr.com/wp-content/themes/filecr/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/themes/filecr/assets/js/ext.js?ver=1.1.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e60ebb7a34b9e7d06c9c4ddf4a44eb523b03f2826b34159f04a86996625c0a21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
744
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:04:29 GMT
server
cloudflare
etag
W/"6148e94d-36a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VM%2BBxdC1VK6p9mbDv0YbAiTeG%2BtRJ4B%2BJa5Ah6QeqFoRIUd1iXvEcUsb4727bkqorXVFp%2Fuc8em8BI5rpd%2FjdwK4mAJ%2FywgKG2HBo284adQzBZhpu5DxfMWqT4NtvHtfJ%2FZS5lcDZSJE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-polished
origSize=13986
cf-ray
6c4fca6009c55c14-FRA
cf-bgj
minify
base.min.js
filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.15.0
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c03a0c272ac4982cee8a10ba55930a4abf2612c8795f39810c8a22364de7c8cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7136
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 04 Dec 2021 13:06:34 GMT
server
cloudflare
etag
W/"61ab67da-11df2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0i9Hq1TmNUAfGq93W5NEY19axRVrix4ddntrwzMFWW%2BpsTg5ASLNOwuWI%2BaT9dFN6XBTcwFCQXnEOxMVezzfLB9FgXOmM7Og4187eaGN083y9EJ65unxUk%2BCmmx5S0uqUjDZh%2FaRDdW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6c4fca6009c65c14-FRA
wp-embed.min.js
filecr.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1255
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
cloudflare
etag
W/"5ff5d754-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3PTbgLejug8n97v27pSYIWcQ04XPOsFfAwI6BYswemwfxoOSpdCdEjgT0ODsUZitn1Y%2Fz7yHWoRR3in%2FNqpqPpG4O1LLDs7NOZZ3ykNBhxVXVNiv4KcYi7dIg%2Bup51LGsCsBYFThUct"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6c4fca6009c85c14-FRA
wp-emoji-release.min.js
filecr.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/en/?id=94640144256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
911
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 27 Jul 2021 13:25:43 GMT
server
cloudflare
etag
W/"61000957-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwT1yg%2Fh%2BG8P9CEsgSnwgrdGfdYpYHr%2BwKMioXqzSWmqPkbMvIg3iSI1atcsMmukpEMC0KksHR6%2Fng%2BHPDGpSpjr71EuTgKzN3kyCnkFKpRlk%2FaCFxbWqQPwXh7%2BW1p5MQq2Swq%2Fc5g9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6c4fca6009c95c14-FRA
filecr.js
cdn4.buysellads.net/pub/ 		545 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
cc8323b394e8c8422322298c0c2a8564836788c84ceae9150f1410e41bcd5f29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
gzip
last-modified
Tue, 28 Dec 2021 13:58:58 GMT
server
NetDNA-cache/2.2
x-amz-request-id
15ZWBX4Q05CVZT54
etag
W/"e5bee3e563ba036c589741eea30e8479"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
x-amz-id-2
9j0ywi8ZjRXtbB8OZEg8zgO1iJsjtZDzepT1IpPPkI6o2TON/E+LlF8jX4Yx2YbRCc7oCCdALl4=
expires
Sat, 24 Dec 2022 03:02:36 GMT
Simple-Line-Icons.woff2
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/fonts/Simple-Line-Icons.woff2?v=2.4.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.5.5/css/simple-line-icons.css
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
697661
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30064
timing-allow-origin
*
last-modified
Mon, 10 Aug 2020 15:57:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f316e72-7570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoSrCtRgeZfYtczyXbVwpWDWudkGF2qrVpA7N%2B06YIg8Y%2FkehDz8yLNqqTAwUKkBvo4fK%2BKwU7qdffL8rjJTjOGYOlpRxytWC7G4svvvRn35R7WiFx3GsM7s0lW49ku4n9ZZyUNejuItv3%2Fo3mzHdz%2Bf"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c4fca604a0ed6c1-FRA
expires
Mon, 19 Dec 2022 03:02:36 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a31b0310331c8959b07a0fffd3bcbc1d7b67100ad78576323a5a0136146a080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
comm
webcrx.io/extension/ Frame 4323 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webcrx.io/extension/comm
Requested by
Host: filecr.com
URL: https://filecr.com/wp-content/themes/filecr/assets/js/ext.js?ver=1.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a969b6aad84c69a5a60aa38b1dc211818c0b713f020ae274424e7546c4169501
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiDHQ1vPi5RmYO4yi%2FqBorKpkEorCWP4naH4GxDNDq9YsR6qenN8zLGlTlkJyXCePbbzEHejWzdP7d5xrPTb0%2FE6XFWbNUNn6eBG67E4HSU2Li1HX8zzXElAT%2F6hUB99dgVQ9kG%2B26U%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c4fca621a785bfd-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27fe98956f9598d6c35cf91f5c3a4b075fdb7ef04989b2b3fa2de3a4ca794269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51752
x-xss-protection
0
server
cafe
etag
9395010949842431621
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Dec 2021 03:02:37 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
4507154694380913909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 29 Dec 2021 03:02:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame BA57 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3553508983172692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 28 Dec 2021 18:37:20 GMT
expires
Tue, 11 Jan 2022 18:37:20 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
30317
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1085 / 620 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Dec 2021 03:02:37 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=3.9159676216166304
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
9N3DFAQ4BQJEMDQD
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
7iTNUFnDhAO+KS+wvTx7weSXN1LRJnb8udb08LhttzD6scfi2vDlcloi38kFiNWx8rgxU9xEC6c=
expires
Sat, 24 Dec 2022 03:02:37 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=3.9159676216166304
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
9N31MXNEW09ATFCJ
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
yiGg1cnbrDZSVLZs4uCiPdPQyD5fjKzftLlF6GtKk1snEmU9qjPgP72xUDnyXRk4JXl1bir+Wsg=
expires
Sat, 24 Dec 2022 03:02:37 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139662474-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
91
date
Wed, 29 Dec 2021 03:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 29 Dec 2021 05:01:06 GMT
cookie.js
partner.googleadservices.com/gampad/ 		214 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=filecr.com&callback=_gfp_s_&client=ca-pub-3553508983172692
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
496b171eb6d2f0b2a00351d2c4d159094af7a45c0add41c86adad921b06afc88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&tn=DIV&id=site-alert&cls=alert%20fixed&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B77B 		158 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&adk=1812271804&adf=3025194257&lmt=1640746957&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957152&bpp=2&bdt=444&idt=123&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2277599080302&frm=20&pv=2&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=143
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43ff7cbe7e15591cba55f6b29127a9c9a3b1ed48264c165eaaeebd7c36524498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 29 Dec 2021 03:02:37 GMT
server
cafe
content-length
44328
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Dec 2021 03:02:37 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame DEDE 		84 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f8d5fcd4681ac486397403560d37ea970005d65e965705c193e1e6dc02d7d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 29 Dec 2021 03:02:37 GMT
server
cafe
content-length
29534
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Dec 2021 03:02:37 GMT
cache-control
private
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Dec 2021 03:02:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		29 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=filecr.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
f312a20c6132b5c1b0ea46ee9d034b4ad198ceefbcf46b8e22672d4604182da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45
x-xss-protection
0
expires
Wed, 29 Dec 2021 03:02:37 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=750245554&t=pageview&_s=1&dl=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&ul=en-us&de=UTF-8&dt=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=468079571&gjid=2123056987&cid=1477690717.1640746957&tid=UA-139662474-1&_gid=1272224741.1640746957&_r=1&gtm=2ouc10&z=1216387414
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://filecr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E888 		129 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7a919a68bb4a4ef175504f2bd82d909a5f752bb16cb05e2e5ce607243b29b56
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPLTvNyCiPUCFYhI4Aod0EEKIA&gqi=zc_LYYD7FOaN9u8P6aWGsA0&layout=/sadbundle/%24csp%253Der3%24/7905931665516244678/300x600/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPLTvNyCiPUCFYhI4Aod0EEKIA&gqi=zc_LYYD7FOaN9u8P6aWGsA0&layout=/sadbundle/%24csp%253Der3%24/7905931665516244678/300x600/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 29 Dec 2021 03:02:37 GMT
server
cafe
content-length
40334
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Dec 2021 03:02:37 GMT
cache-control
private
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54385
x-xss-protection
0
server
cafe
etag
4993246191385855005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Dec 2021 03:02:37 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame 3DFF 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 28 Dec 2021 19:07:16 GMT
expires
Tue, 11 Jan 2022 19:07:16 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
28521
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 3DFF 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 02:13:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Dec 2021 03:02:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Dec 2021 03:02:37 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3DFF 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 10:59:10 GMT
x-content-type-options
nosniff
age
57807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 28 Dec 2022 10:59:10 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3DFF 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:27:25 GMT
x-content-type-options
nosniff
age
48912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 28 Dec 2022 13:27:25 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 3DFF 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8346
x-xss-protection
0
server
cafe
etag
3177319193432224586
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 00:42:03 GMT
localstore.js
script.4dex.io/ 		483 B
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1958396
x-amz-request-id
tx002dec70dafe483ba85bc-0061adedd1
x-amz-id-2
tx002dec70dafe483ba85bc-0061adedd1
last-modified
Mon, 06 Dec 2021 11:00:36 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjt7io7NhneNHn7RkNQJ9BaAZqH87Wj%2BTuN%2FxcYl27sw0raVDnYEt4nqsi0zUGw0CjhGSIr9PWNdDDc0MfCeXuLYiwC%2BQKMtNPi0wgO97dfELMxby8xL1frJtUbiZdZrTknMeCH6UCcVDKf7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1638788436623244
cf-ray
6c4fca65fb497021-FRA
prebid
mp.4dex.io/ 		99 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0afd160f95b6b1a85d3a4ba4af582d3b58e7dca5fc45dfe47478739a86d8e2a5

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6c4fca660e704eb0-FRA
pragma
no-cache
date
Wed, 29 Dec 2021 03:02:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
adreq
ads.servenobid.com/ 		597 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7383
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.244.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-244-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
de81c47e236c866617601f020aa348c429f1472d8b69249935aa21b29448889f

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://filecr.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:37 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fc86ead5-96a5-4190-b427-0a7d439fc584
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a9691a0017c7c276934280b04cd001d&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
59a9469112bdcd4a7fe4a61a5c96d4dd99e04980c9e87a53b863cd4875ea40aa

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280a57d4001b&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5b511d9e1b80fc5226b95db7163515ac42c366b14d2eb30431d71c040c89f297

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e2272849553d0470730d49d839a706ed151b7dfbd29fb13f37919d4c273f1ee4

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a9691a0017c7c276934280be73c001e&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a7b48512042ec39fd8291af5a7ce7004091be27f41efb7122f59820e3ff6ba31

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691a0017c7c2769342812c4ac0020&pos=8a969d17017c7c2764ee28140f1d001b&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5ec0be71516d6508e7cf7c1bbde09efe67844ccd5356366b23fb2975a42ecea9

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280b8d4d001c&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3b28406a6db1220af1f6a30f665513ad88f333659d109f27255cf51984e972d8

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee280c36f30017&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2fd2ade140efbafe72c97a7d770ca2b2b62b183e1cb8a752c2652838da4170d9

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
6140
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ff4160d615f9b36447961bdb3f9d364c564132f25415e95ce8b92f44eccfae54

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
16a1666c3c3932f35a8875de439142ddcc0e994930c51dbf925e8bdbee0b6585

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5c09582809757e983f15242f26de4a6f316c87e19ed98800dfee0071820c9b31

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
content-length
62
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.31.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-31-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://filecr.com
date
Wed, 29 Dec 2021 03:02:37 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.31.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-31-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://filecr.com
date
Wed, 29 Dec 2021 03:02:37 GMT
access-control-allow-credentials
true
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		358 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&CanonicalUrl=https%3A%2F%2Ffilecr.com%2Fen%2F&PublisherDomain=https%3A%2F%2Ffilecr.com
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
fb776e64506f9d686d536116260ced0186d8ea5f4c7f8360bca19bd18c6862ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:37 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
358
expires
0
auction
tlx.3lift.com/header/ 		19 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&tmax=900
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.28.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-28-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:37 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1640746957742&secure=true&version=9&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&measurable=true&bids[0][bidId]=50d8b74e2e79177&bids[0][config][property]=6115725d81c45d000f945f3e&bids[0][config][zone]=FileCR_S2S_Leaderboard_ROS_ATF&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=970&bids[0][sizes][2][height]=250&bids[1][bidId]=512502d4ee99c29&bids[1][config][property]=6115725d81c45d000f945f3e&bids[1][config][zone]=FileCR_S2S_Sidebar_Right_ROS_Pos1&bids[1][sizes][0][width]=300&bids[1][sizes][0][height]=250&bids[1][sizes][1][width]=300&bids[1][sizes][1][height]=600&bids[1][sizes][2][width]=160&bids[1][sizes][2][height]=600&bids[2][bidId]=52a9a350a82d697&bids[2][config][property]=6115725d81c45d000f945f3e&bids[2][config][zone]=FileCR_S2S_InContent_ROS_Pos1&bids[2][sizes][0][width]=728&bids[2][sizes][0][height]=90&bids[3][bidId]=53e5f172d2a161d&bids[3][config][property]=6115725d81c45d000f945f3e&bids[3][config][zone]=FileCR_S2S_InContent_ROS_Pos2&bids[3][sizes][0][width]=728&bids[3][sizes][0][height]=90&bids[4][bidId]=5420bcb4d9dd616&bids[4][config][property]=6115725d81c45d000f945f3e&bids[4][config][zone]=FileCR_S2S_InContent_ROS_Pos3&bids[4][sizes][0][width]=728&bids[4][sizes][0][height]=90&property=6115725d81c45d000f945f3e&foo
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.217.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-217-176.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f4a15f094792a316a0edfea7d51004147efc1e73a71513929fc299629f0ec759

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
x-powered-by
Express
etag
W/"38-Ny4TxJTQyWD+hksR9OyuRz0mDDg"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://filecr.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
cdb
bidder.criteo.com/ 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=44123590671
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Dec 2021 03:02:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://filecr.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&tk_flint=pbjs_lite_v4.43.0&x_source.tid=e213fb6c-629d-4c28-b260-c444251893d1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6215057690750294
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d63efc31a49898c1e52807c13879e2183b7611543614806100364fbd59f135d2

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:38 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
306
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&tk_flint=pbjs_lite_v4.43.0&x_source.tid=e5f03cea-61ed-47c1-a9d7-0b53177f6217&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6698112807196266
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c04ce8a839e765f19221355c9e912cca1a1e472d2a9e4f0a1d7a921ec9fdd1ec

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:38 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
306
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155654&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&tk_flint=pbjs_lite_v4.43.0&x_source.tid=dcb346dd-4fd9-40cd-a309-6d66b9ff078a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.537300794355029
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1a3f754cff28acfc0c470089aa5b73be44b89006fb14faff256aa130f53cb2bd

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:38 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155656&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&tk_flint=pbjs_lite_v4.43.0&x_source.tid=9aa4dfa5-200e-4732-a720-b474863c74b5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.754651175703738
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
db285186cc9299e8485e3836d503b40bcb4356ca86dfea93564f8ee18983d297

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:38 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=386922&zone_id=2155656&size_id=2&rp_schain=1.0,1!buysellads.com,13694,1,,,&rf=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&tk_flint=pbjs_lite_v4.43.0&x_source.tid=005108d7-c7c9-4738-8e98-36413b26c810&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.49622025699537686
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
57431d2af8e927302881ea9960a8da63a7bfcd9e952b6a0772e744e6a5fba552

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:38 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://filecr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://filecr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://filecr.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
css
fonts.googleapis.com/ Frame DEDE 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 02:00:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Dec 2021 03:02:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Dec 2021 03:02:37 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DEDE 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3564
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 02:03:13 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame DEDE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:34:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1660
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 02:34:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DEDE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 03:01:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DEDE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Dec 2021 03:02:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DEDE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4928
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 01:40:29 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame DEDE 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 14:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 14:00:58 GMT
de974e0de653beaf8b7a147538108e14.js
www.gstatic.com/mysidia/ Frame 69C7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de974e0de653beaf8b7a147538108e14.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3353
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 23 Mar 2022 12:06:29 GMT
4c162666b480f9d25b4d1657ab76b19c.js
www.gstatic.com/mysidia/ Frame 69C7 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4c162666b480f9d25b4d1657ab76b19c.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
422322a5b664a67b41d5548903029f24d41665edf71afa39bc31dc5b03c668c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 26 Dec 2021 15:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4817
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 26 Mar 2022 15:16:01 GMT
css
fonts.googleapis.com/ Frame 69C7 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 02:59:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Dec 2021 03:02:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Dec 2021 03:02:37 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 69C7 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3564
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 02:03:13 GMT
e485ffd488b44fd3558b39d314f67b09.js
www.gstatic.com/mysidia/ Frame 69C7 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e485ffd488b44fd3558b39d314f67b09.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd2002cdf21b9a1c068b3b6f24ece6d21d00ecdf3b14de9b37372425e8045e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 26 Dec 2021 15:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2354
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 26 Mar 2022 15:16:01 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 69C7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:34:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1660
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 02:34:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 69C7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 03:01:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69C7 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Dec 2021 03:02:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 69C7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4928
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 01:40:29 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 69C7 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 14:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Mar 2022 14:00:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DEDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEamyzc_LYZGRFOfMx_AP3fq-uAPK3JLvZoCN7ajwDZiw-vqNDhABINXClHVglYqzgsAHoAGJoP7mAsgBCagDAcgDywSqBPABT9Bqa1aTnUZsqKX1FVbL-MMYFuJkFQdYbWnMmTbFUUXNJHnOT5k3pyU72PteSUxdauZfakdzEq90pZKMJyTvXdbD_TwQC6oCRk1S0D5w2geyWdtXsUwIF8QRxwrDNGlRmszB0Z1Pl5BYS7MuCaQlmhlCJ1ftqT_kuhwVfuJH2VUXwFO-glCGdtTvgTn0u9x9820pTGomrysFdP3dsBMZn8vdhokk07l2xdIzsqmwe4xfLFwmHiX0wZW1i5WmLIh3dEYldtZngr9eSJ75pS41hZYWVvMByygdQYSBky-ohW4e75cA9N2gNV6mj27-9IRuwASs2_G6wgOSBQQIBBgBkgUECAUYBKAGLoAHtP2GmQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCh7HrSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMC0BUBgBcBshccChoIABIUcHViLTM1NTM1MDg5ODMxNzI2OTIYAA&sigh=Skc2i-NWyX4&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 29 Dec 2021 03:02:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 29 Dec 2021 03:02:37 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/2823260151897433514/ Frame DEDE 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2823260151897433514/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c35a783283c24174cbcb703221dcd86b5b88162ebd297f45e5333f2d93bbfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 23:12:23 GMT
x-content-type-options
nosniff
age
532214
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30040
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 08:50:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Dec 2022 23:12:23 GMT
truncated
/ Frame DEDE 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b121affca12c60f2656a8f62a191dcac68eb7aa3edd4f9b50d1cde2af7e7aefb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1958346
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txdbe92cd08dd64ca78ba60-0061adedf8
x-amz-id-2
txdbe92cd08dd64ca78ba60-0061adedf8
last-modified
Mon, 06 Dec 2021 11:00:35 GMT
server
cloudflare
etag
W/"d56fadf5a52703aee9982c415a17065a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mwhkt%2FD%2FPeJo087%2BiyiVtkP4Oo2Mwh0sP%2B4gt3eJc4ag1mckJrpDNaHMQRRwSnMNiuEO5tgyCWyaWSrnvrZo4dFPTfhxczmsxcYo0GtxLTjmYIaCdTZIAhhfhtHR7CF0qn0ioDW22jnLkbep"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1638788435319991
cf-ray
6c4fca666e5b701b-FRA
access-control-allow-headers
Authorization
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69C7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCiMIASofaW1hZ2Utd2l0aC1jdGEtb24tbGFyZ2VyLXNjcmVlbgoKCAIqBnNlcnZlcgooCAQqJGxvYWRfaW1hZ2VfcGwsbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNECshAAAAAAAAFEAwBAoNEAMhAAAAcGZmSUAwBBIaQ09Ta3U5eUNpUFVDRmRVVzRBb2RjQ1VPS2ciKmltYWdlL2ltYWdlX3ZpZ25ldHRlX3RyYW5zbHVjZW50X3YyX21lcmdlZCgj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4c162666b480f9d25b4d1657ab76b19c.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69C7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCiMIASofaW1hZ2Utd2l0aC1jdGEtb24tbGFyZ2VyLXNjcmVlbgoKCAIqBnNlcnZlcgooCAQqJGxvYWRfaW1hZ2VfcGwsbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQSGkNPU2t1OXlDaVBVQ0ZkVVc0QW9kY0NVT0tnIippbWFnZS9pbWFnZV92aWduZXR0ZV90cmFuc2x1Y2VudF92Ml9tZXJnZWQoIw==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4c162666b480f9d25b4d1657ab76b19c.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame DEDE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
208a74702f09b74f87678094c9cf767ba99c4f9fb31162b8edb0970ceee57f28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DEDE 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 10:56:24 GMT
x-content-type-options
nosniff
age
57973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 10:56:24 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DEDE 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 20:07:29 GMT
x-content-type-options
nosniff
age
24908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 20:07:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69C7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCiMIASofaW1hZ2Utd2l0aC1jdGEtb24tbGFyZ2VyLXNjcmVlbgoKCAIqBnNlcnZlcgooCAQqJGxvYWRfaW1hZ2VfcGwsbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNECshAAAAAAAAIEAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAEBP0UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAaGamX0AwBBIaQ09Ta3U5eUNpUFVDRmRVVzRBb2RjQ1VPS2ciKmltYWdlL2ltYWdlX3ZpZ25ldHRlX3RyYW5zbHVjZW50X3YyX21lcmdlZCgj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4c162666b480f9d25b4d1657ab76b19c.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 69C7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCiMIASofaW1hZ2Utd2l0aC1jdGEtb24tbGFyZ2VyLXNjcmVlbgoKCAIqBnNlcnZlcgooCAQqJGxvYWRfaW1hZ2VfcGwsbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEBQhAAAAAAAk0kAwBAoNEBUhAAAAAAAAJEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAAABAYUAwBBIaQ09Ta3U5eUNpUFVDRmRVVzRBb2RjQ1VPS2ciKmltYWdlL2ltYWdlX3ZpZ25ldHRlX3RyYW5zbHVjZW50X3YyX21lcmdlZCgj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/4c162666b480f9d25b4d1657ab76b19c.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 2340 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 07:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
69802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Dec 2022 07:39:15 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 605A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=280&slotname=6956700837&adk=1623974057&adf=66275089&pi=t.ma~as.6956700837&w=1158&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=1158x280&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957154&bpp=2&bdt=445&idt=145&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=221&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k8gJ242GoB&p=https%3A//filecr.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 07:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
69802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Dec 2022 07:39:15 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/ Frame 88D8 		119 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/index.html
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd805f81a7a8619b5d73bd2dfd2947f185c08bfda8ab58bfe093bcf4fd403849
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Wed, 22 Dec 2021 05:47:49 GMT
expires
Thu, 22 Dec 2022 05:47:49 GMT
last-modified
Tue, 09 Nov 2021 12:40:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
30682
age
594889
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
B26766164.319517987;dc_pre=CNfd6tyCiPUCFc7GuwgdPN0CiQ;dc_trk_aid=512275546;dc_trk_cid=161005276;ord=376318974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/ Frame 4FCD
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B26766164.319517987;dc_trk_aid=512275546;dc_trk_cid=161005276;ord=376318974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=...
  • https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B26766164.319517987;dc_pre=CNfd6tyCiPUCFc7GuwgdPN0CiQ;dc_trk_aid=512275546;dc_trk_cid=161005276;ord=376318974;dc_lat=;dc_rdid=;tag_for_chi...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B26766164.319517987;dc_pre=CNfd6tyCiPUCFc7GuwgdPN0CiQ;dc_trk_aid=512275546;dc_trk_cid=161005276;ord=376318974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f102.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N297201.3159GOOGLE/B26766164.319517987;dc_pre=CNfd6tyCiPUCFc7GuwgdPN0CiQ;dc_trk_aid=512275546;dc_trk_cid=161005276;ord=376318974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4FCD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CWuVSzc_LYbK5FYiRgQfQg6mAArXK4exmruSUqNkO5eqrr94BEAEg1cKUdWCVirOCwAegAfLZ-IMDyAEJqQIqmNUYdvmyPqgDAcgDSKoE8gFP0GDyB3RKnFwQWkZR0sY5IuuJCQKp8SVE4AVx0--6aAWQxp0uwSLO-BI0rhTlP5SRL_JgTq7_ayBNFTCJfQ-nPGY7Gr4VGQZAvGXWAqnrq2ka7oCvUCj8mYRu3TqkmEDv8P5klF0o0AtKtGx6fEYW3VueNEv7tZf6vCaOVNuLxjxP5fR2Pg4mDoTq7KbGo_gOAze6PDzdVNUaebNyG-dQjxjTqUXb2isEQR1XD5O0vId_BaJ_t52iB0ZznmHMIX0jHL2aksakFWc-0HhXm83F6j0nKU5z60GeakLTMIX9ZEcr7mFDS5cW_XBaMykti_Zt38AEut-l5O0DkgUECAQYAZIFBAgFGASgBi6AB_alh3yoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQkOI00ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTM1NTM1MDg5ODMxNzI2OTIYAA&sigh=rzIFAJaVlmI&uach_m=[UACH]&template_id=531
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 29 Dec 2021 03:02:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 4FCD 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:34:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 02:34:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4FCD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 03:01:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4FCD 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Dec 2021 03:02:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4FCD 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 01:40:29 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EDE1 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 29 Dec 2021 03:02:24 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
14
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 88D8 		6 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Overpass:700,600|Open+Sans:regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb9bbca62474487d6bfcfd88a8da5d165633d0ccdeb4ae5ecbc9ae963575877b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 03:02:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Dec 2021 03:02:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Dec 2021 03:02:38 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 88D8 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12851
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 29 Dec 2021 23:28:27 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 88D8 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 16:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 29 Dec 2021 16:13:39 GMT
truncated
/ Frame 4FCD 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d12ab45eb8649df73cf0d922a29846477bcf22be6ba259ae5443c86b52a9211

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
visual.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/ Frame 88D8 		2 KB
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/visual.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fc00d8824032a8e3e17e51a2e38afd6ab6d5aac1e796ed36ccc6a728440cb9c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
13445
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
971
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 12:40:55 GMT
server
sffe
date
Tue, 28 Dec 2021 23:18:33 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 23:18:33 GMT
qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v7/ Frame 88D8 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/overpass/v7/qFdH35WCmI96Ajtm81GlU9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:700,600|Open+Sans:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
995dfb0c839090c9461662fca31b3d886f80dd9e881db8ea224374866eade55f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:21:37 GMT
x-content-type-options
nosniff
age
542461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38496
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:13:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 20:21:37 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EDE1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 29 Dec 2021 03:02:38 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Dec 2021 03:02:38 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 29 Dec 2021 03:02:38 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=filecr.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=filecr.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		167 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3053768650826345&correlator=156866077714596&output=ldjh&impl=fifs&eid=44752541%2C31062930&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211229&iu_parts=8691100%2CFileCR_S2S_Leaderboard_ROS_ATF%2CFileCR_S2S_Sidebar_Right_ROS_Pos1%2CFileCR_S2S_InContent_ROS_Pos1%2CFileCR_S2S_InContent_ROS_Pos2%2CFileCR_S2S_InContent_ROS_Pos3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C160x600%2C728x90%2C728x90%2C728x90&prev_scp=optimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1627508894724-7_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1627508935810-9_123456%26optimize_inview%3Dfalse%26hb_size_onemobile%3D160x600%26hb_pb_onemobile%3D0.24%26hb_adid_onemobile%3D73cd7418e699b89%26hb_bidder_onemobile%3Donemobile%26hb_size%3D160x600%26hb_pb%3D0.24%26hb_creative%3D409_26915%26hb_adid%3D73cd7418e699b89%26hb_bidder%3Donemobile%26_bd%3Dbid%26_pl%3D0.24%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629214863639-0_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629215045012-3_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1629215230348-3_123456%26optimize_inview%3Dfalse&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dlifestyle%26optimize_env%3Dprod%26optimize_pub%3Dfilecr&cookie=ID%3Dee53b8d6452621f4-222b3f9c11cd0035%3AT%3D1640746957%3ART%3D1640746957%3AS%3DALNI_MbrEFqB41eu84EOTLXGM3S9UQ-E9A&bc=31&abxe=1&lmt=1640746958&dt=1640746958154&dlt=1640746956708&idt=681&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1073%2C200%2C200%2C200&adys=3100%2C453%2C522%2C1540%2C2558&adks=1202396793%2C1436553605%2C1058625133%2C1413693914%2C3977682169&ucis=1%7C2%7C3%7C4%7C5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0%7C296x0%7C811x0%7C811x0%7C811x0&msz=728x0%7C296x0%7C811x0%7C811x0%7C811x0&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=true&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&btvi=1%7C0%7C0%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ba4c36326ae38fc378e6fbc3321fcd4729d0fe8b7c58840615c035d429d288de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30863
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://filecr.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C6B4 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 29 Dec 2021 03:02:38 GMT
expires
Thu, 29 Dec 2022 03:02:38 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 88D8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 07:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
69803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Dec 2022 07:39:15 GMT
architekt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/ Frame 88D8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/architekt.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
829c4d5174ddbea97221dafff61a7a208a132f0ecdc7196f1b7011427b34e59f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8566
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 12:40:55 GMT
server
sffe
date
Tue, 28 Dec 2021 23:06:51 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 23:06:51 GMT
Persona_Architect_female_500px.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/ Frame 88D8 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/Persona_Architect_female_500px.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
867929a5db83737a5849a31f013a188b9522e6a0b8455bf9ff4f4c2d9aae624b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
532223
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49343
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 12:40:55 GMT
server
sffe
date
Wed, 22 Dec 2021 23:12:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Dec 2022 23:12:15 GMT
backdrop.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/ Frame 88D8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/backdrop.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9083eeab46df9f2cfe1548a485742acce97708d8ff901728e692ed9ba6c8e9a9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
532223
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1033
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 12:40:55 GMT
server
sffe
date
Wed, 22 Dec 2021 23:12:15 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Dec 2022 23:12:15 GMT
visual.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/ Frame 88D8 		2 KB
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/visual.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fc00d8824032a8e3e17e51a2e38afd6ab6d5aac1e796ed36ccc6a728440cb9c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
13445
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
971
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 12:40:55 GMT
server
sffe
date
Tue, 28 Dec 2021 23:18:33 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 23:18:33 GMT
logo-white.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/ Frame 88D8 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/logo-white.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9c7ced652c966659825962b2c0f79ccbb36d535bb4a61c2ea175eb105690878
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
575913
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 12:40:55 GMT
server
sffe
date
Wed, 22 Dec 2021 11:04:05 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Dec 2022 11:04:05 GMT
truncated
/ Frame 88D8 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
architekt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/ Frame 88D8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7905931665516244678/300x600/architekt.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3553508983172692&output=html&h=600&slotname=7034607982&adk=3517184107&adf=654094910&pi=t.ma~as.7034607982&w=296&fwrn=4&fwrnh=100&lmt=1640746957&rafmt=1&psa=0&format=296x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640746957156&bpp=1&bdt=448&idt=173&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1158x280&nras=1&correlator=2277599080302&frm=20&pv=1&ga_vid=1477690717.1640746957&ga_sid=1640746957&ga_hid=750245554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062930&oid=2&pvsid=3053768650826345&pem=822&tmod=523&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=alJsvzJHCp&p=https%3A//filecr.com&dtd=177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
829c4d5174ddbea97221dafff61a7a208a132f0ecdc7196f1b7011427b34e59f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8566
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 12:40:55 GMT
server
sffe
date
Tue, 28 Dec 2021 23:06:51 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 23:06:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
242f551a90edac6a77c2f145b5a05b88d7f321a78873f3b3d19d7c8270041657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8584
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3553508983172692&plah=filecr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Wed, 29 Dec 2021 03:02:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7FC1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Tue, 28 Dec 2021 23:53:53 GMT
expires
Wed, 28 Dec 2022 23:53:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1C7F 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8db4471eb486bf6ce704a780699beaf321edbc03e9a711a4d12b0089a3f2092
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NOY8d5709BzFPwS7oiJVGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 29 Dec 2021 03:02:38 GMT
date
Wed, 29 Dec 2021 03:02:38 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-NOY8d5709BzFPwS7oiJVGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 7FC1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 07:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
69803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Dec 2022 07:39:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C7F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=3053768650826345&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=3053768650826345&bg=!X1ylXBjNAAZKWFskSlg7ACkAdvg8WuKWLau_Kn-5exQ-8Raxj155WFsTv5wBiOxj7AWva3ykn1-sHQIAAABZUgAAAAtoAQeZArgFJeQ36ahiJDX75p0yWZpVZq2bhAxA-AqYydSACDxDYeGr1TnjlH2sUiXynRN5OAzR4wU5A985xAaspceG2B5jfH6oH6S8xet0C3lfChsRcPX37yKFImEJDkrq2TfOawlnUl5UTxaBLAzeUkUn_KEdVMnnyzaEn-Nsbl9MP-LZFXshzib6_fsK38kylPOqdNYO1mTUb85RUgx_lR2_Qko5pRlSfAJDMCkM2-aegeNdwhkLbC6iDZijHyadIgyFlPrjK8ZwF4K7RbLGEFkO7oyF1_sS4uCLqNcD5krxycXoF9cz1PLCSmvyzVZ-iLX4rxqS_NH47Q9-VZCQsfXvcZ5XjD6D-UJXbLrZjKkty_FQhHFYPsZ_ItSJbnP4gOv3CV9JBDtm-EJ1fzskEpD8an05N68i2Vfo8l9ElRModmuyKTg6QTVEgsDywYXv8mcCmJDblFCvesIN3N9tEEmojfbFCvrQOpXtKFHhzq1yZjDz4HcLL7WGs3XFIjQqcl2iLn0NrEuNggyTTZRBM2ZVI8bWYi6bNxdRJyBeqZvym32px-WJIR7hSgHuK_xIRv3VqlDtmRbfIYGUTWizxjnzKb-l21b_Ug10NdTl7rjvY62hKjt5X41yI9tggURFuT616XnmGsWDcuiB1knVK4LMr2qrhCxQHKlWRCpLGNgoJQg1Gy5YjeS-4ARyyvT4Iw9wxmvX7nrJB_JHyciCtVKaJ8ebRXIbJYEYskA99U9dyEF-jfCUPm212OcHgYFQyxLp1zpssYXgMYAAkTrDsiMYtB1-IWjswoN4WFY39Dzv0YF5qPJcYELA1VhGbXFoGqQLwkR781D8DRr1_1ehcAHOuvdZVyrA2zx02MBOONtCBKpELmYkaQUcIfDc-Nry7xXF7HwOE3ugHgFL5Xl0OKLTsMKVCI_Pfu-a0fM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame AC12 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AC12 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AC12 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AC12 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AC12 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
css
fonts.googleapis.com/ Frame AC12 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 01:47:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Dec 2021 03:02:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Dec 2021 03:02:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC12 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
24442
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 29 Dec 2021 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC12 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
76744
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 29 Dec 2021 05:43:34 GMT
l
www.google.com/ads/measurement/ Frame AC12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_gx22hEsbIhbxoMQiS38ObWM9z4hzH_p3GoXvwM3ai6j4XhJszkcWGklj3ILYEigeGasNpI96Hm8hFfkDxrt29XoxTg
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame AC12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyRAizs_LYfLDDY2V7_UP7v-CuAGyoIq6Z5PryOLoDr_hHhABIPzf6BlglYKAgJQHoAH-y4KfA8gBCakCKpjVGHb5sj7gAgCoAwHIAwqqBIsCT9AEh_IFh7b3teiC-Xr2_MUDldlq2rRyP0bdmSnAwNT9OK-lvl674_5wStcek6FiivY1_oQk7YZXt-jbWpxoBvSPoTI4VV4hj8lc-1BRcpQnxncBGqf1xUoAvK7q-W1mt-O3qs2awxPkxC6Zd_y1uPHLVyCksbOZyZ4QGpX7lSAx9gJeWCW4KyTasXedGFJK8t40QhrayhHaV7ElZFd7H9KtYxKlnNmPWB3agYQYyjUMd2c3ancOtRMtX1dNkOKsWzMVS5Sj43Jo2JtwZ1M5NKjl_9Eryg4v8AYeAGNKctsnoyyDqzPY0dqGMlFlXKb5in6_ZFivdrb4-bAwgWE9vFOo_EYi_R_QsBKUwATe44j93APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH6rP9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEInPCNIICQiA4YAQEAEYHYAKA8gLAbgTiCfYEwyIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMjA0OTk0ODE4MDA3OTI2NBickw8&sigh=2x40Antk4vs&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame A9CE 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A9CE 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A9CE 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A9CE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A9CE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A9CE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
24442
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 29 Dec 2021 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A9CE 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
76744
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 29 Dec 2021 05:43:34 GMT
truncated
/ Frame A9CE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c73c5d7e25b6d4bf59b4b87c7cf14d33f0706d36117f231a508bbea85d807b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 7C2B 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7C2B 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7C2B 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7C2B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7C2B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
43566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7C2B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
24442
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 29 Dec 2021 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7C2B 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
76744
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 29 Dec 2021 05:43:34 GMT
truncated
/ Frame 7C2B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40d3ce2a2f381bf2dc39ec4aacf04987e8e56abfbde41b59d95c7179e100682e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
container.html
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FE07 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 29 Dec 2021 03:02:38 GMT
expires
Thu, 29 Dec 2022 03:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 514F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 29 Dec 2021 03:02:38 GMT
expires
Thu, 29 Dec 2022 03:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
17330724057521692362
tpc.googlesyndication.com/simgad/ Frame A9CE 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17330724057521692362?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnQanpIfowkZt3xsGuRrJA3aZzclw
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef1a571cc5fc9fe2069da0071a92a9a5516eadb17861a0ae3703ccb57517acfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 00:13:52 GMT
x-content-type-options
nosniff
age
528526
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64317
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:25:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Dec 2022 00:13:52 GMT
l
www.google.com/ads/measurement/ Frame A9CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsEzWay7-ALL-gko4nO0ymCVwwDBSOMO0RkSfACET7EPpjfRYzarszAUdxxMHkQE9M0H92vg43pROd1bBMr2IkPw3LWw
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame A9CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIRsrzs_LYfPDDY2V7_UP7v-CuAHd-pK7Z8Ph_sX-DsCNtwEQASD83-gZYJWCgICUB6ABgpj13wPIAQKpAtBunrTtiLY-4AIAqAMByAMIqgSCAk_QJXD7H_yJh_BJkp4dm3SBg7uwE8vpD5Oh918B3LtkdAUvqRMkrcrTBlOTr6jjVgCSZz6jvFwF99HVE4m_pdZyF3Q52Zjfv9roBRKtyj-SiFit2JTDNSPlb_2fR-g2p5OKCe5zMF8PTLTjTiW-EGZvG9sGh80jpx2nUge8RdWZ-h_9YTWXjmvc63YltR90gGd3V3YCK0wpt5N1oKPiWuXb_-yKnysVZ7GENXhHZ3yguCzG-bniT-6O9JsHP_8obTNztoM1br34RM7ARxi5H9R1zTfm-lxwHTCjBEphmLHNBQwhmM4pyF3lfsOL8d5FJxnc8BO-XLXi6DXb2gbnnJtnF8AElfbnztED4AQBkgUECAQYAZIFBAgFGASgBgKAB-bniiCoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDikyDSCAkIgOGAEBABGB2ACgPICwHYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItMjA0OTk0ODE4MDA3OTI2NBickw8&sigh=CLCl0zeAx4w&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
11223012576750741523
tpc.googlesyndication.com/simgad/ Frame 7C2B 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11223012576750741523?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qml8hjoUl4cVQyTOsAgtIuZWXD7TQ
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e419d951c819c052caee51f95ea700755fd436c974aafdef2097c8ba48b5753c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 16:24:06 GMT
x-content-type-options
nosniff
age
297512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32741
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:25:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Dec 2022 16:24:06 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7C2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNJn4zs_LYfTDDY2V7_UP7v-CuAHd-pK7Z6Pl_sX-DsCNtwEQASD83-gZYJWCgICUB6ABgpj13wPIAQKpAtBunrTtiLY-4AIAqAMByAMIqgSBAk_QETAMonk_F9XqiTLkbIwUltMtTeGfIcL3w7DAnXFHGiwKJUm09I8aiK6OlO5sUQtKURvvQCwi8dAVDKsnS8ImAHHcPM9NyLi8WGXQPIDBE_PaNMQZ-2n-mnvSXiHecDPl8LWocHfUQGPM3OjJ4ME5c5XtRj7i2tbwxxnxzPzx6xPOVnmNdwczZb43JwmEuojkJrJVvhAQbTWRjS8v0zBoeimVxBqAuixclLibcQthbpwb1LVEdnUqfGDUGBAwrJJJR6dCea8g0bC9PFdWDVBHOQUFl535JUTGEF5UdqhZmIwy9pX2Nm0kgFUcreSN8sJeD0aIbo_ZakXjqZelqIFZwASV9ufO0QPgBAGSBQQIBBgBkgUECAUYBKAGAoAH5ueKIKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELqwCdIICQiA4YAQEAEYHYAKA8gLAdgTC9AVAZgWAYAXAbIXHgocCAASFHB1Yi0yMDQ5OTQ4MTgwMDc5MjY0GJyTDw&sigh=ocbAPeeWTrg&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 30 Dec 2021 03:02:38 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4137312683515812676/ Frame AC12 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4137312683515812676/downsize_200k_v1?w=600&h=314
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec21054660972f2c675da1813bb366e182e7feb94db3086a5f7e694ed68a9213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 06:31:12 GMT
x-content-type-options
nosniff
age
73886
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22754
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:52:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 06:31:12 GMT
truncated
/ Frame AC12 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame AC12 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c5adcaac4bdb1cba54363c8a196177f284017c646c001c07f1cb18d1bb42bee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame AC12 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 10:56:24 GMT
x-content-type-options
nosniff
age
57974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 10:56:24 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame AC12 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://filecr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 20:07:29 GMT
x-content-type-options
nosniff
age
24909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 20:07:29 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7FE5 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNXI7KO7UZVCRA-szri8b51xIJvaCFnaPW_OzbXrZhnk-hHk4aSmw9azL4w-2qY5iOdzrz4HABUAnwUUZGUzj6NUj1rfevS92hJxCT3QEe_9bUjNeQc
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 29 Dec 2021 03:02:38 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 514F 		72 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AorqT9n1D25C1RuEKtbpTPBbEDO9aB_aZsXBMgRcgaycd7XQ4YtW-nO4GMEfcwjVQiSLrTyqJw4o3L3Tn7DzyrZm5nJ696eniAmUVcSh879B9pbl_bvo4wjSbddyzSRmSB3hEQ3lheqbXPn95ZOsKeoFus8g&dbm_d=AKAmf-AjYfAG2Acvb0LjYr5vBrA-JAR6AT6a3hGbscqG8JHz5CQ-d3RBYiWKQJVSpDVzdEqPEYwIFpdQ--a87DoFTEm0M2GNo9gSlTVRrQGMxM1Wlr_680SfdNYWpfTzFKrtitPVTTj0xIXSiCBAqeP3rpJ_hZOW82lm6FXtmEE7QgFGqc_viuAU4k94HJXktU7-29QI8Ws9FZdnbZImSq0u5qoY1HSiRF40UlQUJYjrqJgLgR9HQNWN_xFng1oDrq7UXg7-xBH-3fBejDp_ApIuxWqNxSJpKAze_PcE_pyVRGln7OqMQSuqxvG0NKBVhrhEbIzrUW1FvWxFknr7pzXZ89yHNy_k2EhJjgXz4he_kW4nOuJrnJcz5F-QAJo_qi8J5DwzMHzgyhu7gVQKi7SDMKfQpSOKpTbfKtRUpTJip6OLhs08drAujPHVn_yAIcMqTQiY2vs6AjrChdxBG0R7Nlz2RHlvy6oJ6OowUv9dGJCiegeq7774NJTauDqmFF5i1Cm1obqnQb5PDR33VQSisYJ11IWV7v75xbyLrIChMoALrgkOeOwC_fMBsd-XXf9eE0IgMdvRy94u0qbYXT9nIb_EKKr3WXeUZkpmU2Dfg1JU0IU7GxnePmO159cFr6oDmx3jOgNDniQEKY0Qay1it-LwwDXqDeo54dm2frdck-JCX5R21EYqfr_GpxT5INnL451AHHZ82CVh7byX5nqNBz5umFJUaAaKgwFzYPTVgCMVIBWoTZpyBy3IRwe6tdwZISgiSrtQCxKqxX3w2sj05Do2a7bfMO0dHBtTMytSKWL7BPduTFYoTQvxZXuPthVoJ410t9DiwoXrspWlMmckOrhZG7q0FRpVEoMPMi3znqfiMQHIg5u5pRh19qj_sFy5AmTxMsF_AzC9TlYM-CfTF39OCA_LcULFImNuPo5A7QCidZWfcR2lUlCymglxdcI-ffh82rsQ-zvnJI-CqnwQbwh90E51v6Ke-GExtt2HznNZGix6WiCWD_bcHz_ygli-lzaIgR04_W4EU5UiQxwbLsQKdX7__2BrH8tPRauBaAJ-5Sm73ybE2_hNyuSuOPPDQp8brjR0mdEY9ymiySLC8nt6YoM5U4nIvWuji8Sd9LaKgGLePNI2XMAgehwjuWiGPx1uC8H59KvezyO4ahAstGYZ-vDo6RwZGvpHPdB9W-YVHgAE9Av5ntSxoDSfPNjNGlRJM9uNSNVdZjEzeNWteLvwfF65SsgrbDcEaw6wj-3Dm7vDvdVHRYwC5V9BFYC0jy-_jD3UXgVmJKVgmEQZyLjUL7G1rEf2lvs0IiQI6b0t-_3F7f6256lhX1frHL8LNoh9B5W6LuRJqvzW5rPDusflsNOv3uTiXJctZMFhy6u04kCevFKrTr2-P6FyXEZp4YvegVZnGtZ1_-Xnnfqz45YTyXFSi7Uw0-0MfhKr6Ml8QhmWdM2tA9Vl4kflK-fWaIcMfMJJsIyL9gg4MtOzjDyKLXN1yaq2XsaJC9yevmrLD6gy2tlGkGM5hTkBDnb2AdBoJMioA0n_4-2ORxdKcfl3EuZE8BhYsOKBFQrOFIQY_9UtwcXzh4XJI3Yok36yZN0aZTrZAky3IPEM_IJk-PHQ44aNWOAZpLYJG9Fbabawz2CtXlZTUx275wO02mtDKxJnFqFdO1a33tVbsnGXXK7gmXgZGtNj7ckMycy_UZUvH-cbTtcgNC0IBnhESYkGozo-03WOprbl8pI15CTuEjYulWLvK8jk4banJcF9z-K3Y9dC7aE06m72sn_WvvTJX-bvIsSlZdztYUUO_AruxHtiPxhX_x-OH6zf5CQii4sT7yqcd6LqjwSPtrFb58JCZVjotJyoZGT9OLL5ZRrEuAHvA4Og9YsJq_0Tu8azP_GW1QCox2-cixPRHVFl5x9EZ4uVR46qWa5x9fy21jNEYlfzD-Vf0b0iNfyGvbeQ0kAjLWIBTndTh1M7b7GY4VsxV9tuxgGJl35zHvEsgD6fQleSiz4PV7rxrRqDle6YrPbE-gNcXU-N5EDktBXC1LTAXwvWnMG3T1XUBNHL_o5OTlUJUYWW-2VLn6JnHfNIkJ2K8KUIXdIM9BoCZBy-TW-wutlyUEqkhryABKBcSsoAiphzrSj4SZ8sfitrM_s9rfRhQU0yX_KTgvTREQGOAhohGxsYgNbf2D2j1hJrNFY_q8QIeSzBA5Q3Gw84lmX_W6qayW4lK1ETGDFLYTvazD3rSmrPtZfCf_qzb1EQfzV_DZhdRdVZ1LLAB1bhtdoNU2CWDqoyeQajn7OqGQoeRaFSlUu2AA6slmSJG5JSuyQajdx8YhBRUX6J1nR0qPKfeggsXCY3sgcKcMMtVtt6s8QBzpHMI7jdMo5CHmk0Vzv2Qair-g5SL-Uf_h66SkWhG4-YUSirqwT6hXazfPAe6AedrLNGSkdbe0VnIdJXZc1vrHjgu2ltP6f8pY0XT5MSNk-rg2kAbUfgCezliksajz1BaIt8CMZ7KBZbXSVyczDdghhhUk6fsVp2GUDaclPH_4fL2NXpD-iqaIxCuLWhBKucMytCZaRXZh0TOpVgHKITLjdteESA2poYCzrbZSVfj7MbPMMXgcx0jbI1R796sOuQsRe0HGo0wR7Ytfhdwcsdqi2vn2mF__CfsLVAE-MfCStHhdjz6TEbUTZ7SXE50JziWFYgAQ-jW88lWQjyN0mBXRz_Q1bexxvoMkH2KOrkShdVd72F6Q4MFkMVycmD512zX5FkeAcLWyD-NaXtSeO_SLUgjEufX8JXsDs4kEkACLxzgPvAPr-vK7w738WCwvuUDKRzbKB5_UAQ-pEd17unP_hvCMHyTtxZNSxf2MvulfBXsUnJ1lKXujH-E-eGzB6dYBAVkF8k1q6RnJHJsbaOXPY-VHl4IombMnhKlOnfCa8GqdgkWVHHNPTCx5S_FmHyvBClCRvGAwv0tsywvT_T3Yr2bbLuNhfZHoyv393f_-qyN6O4adYFdBlFEyVFSZaVirRyPC0K&cid=CAASEuRouhLMHsEit01IAbSdMkM_6w&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7baa8e557147bb60094be17c07ac1ddd6a2e164f525e76f67c548b02739d5a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30259
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 514F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DfUtOI6rauMh18G9w6GdFqRhUWQ7PV7w9SNVhhmd3O5EjkAkxigeI3Ql4RJvo9YRIj4eMfbRwUY_YCLFMYCNjTMRSWSZwJg510G98_ajXgR9_7C9U
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 514F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 03:01:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 514F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Dec 2021 03:02:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 514F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 01:40:29 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6245 		491 B
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUwhN4NO_j5lGqLvHM1LONj7krveRoTN7LFs_r1PE0--OInLuN0Pj-m-KdFypWrX9x2v55b4z023YcoavinmA2oLBAvsvuDQtAuRr4MzRpvE3Ai0hY
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c7f834e42777c25fb6b348a3286ec5d676cdaee610543617c4a9714fcf7dd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 29 Dec 2021 03:02:38 GMT
server
cafe
cache-control
private
content-length
308
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FE07 		72 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqjsBlFqkWe89kexWMFUPPxlgQVneEz_x_0UnzxvA2emNl-8MUo_xhAhGgxiA2HBfgfDCSyEKA8NcyRTRr2-j-ogorCNQLyYjc2K_jGDqRTKKc5zlN20Cdj5hhexQWbU8dH7DMi7HVDVFfmXdYSfoqBvfToA&dbm_d=AKAmf-DXEI6FirI3JLHwJqRxupXfQTTPDeRzDPzvMg3sffn-v8Wo5jmQbIsV1RoZ86vS1Z-3b4IYqHTOWHMQxgXiC7cXvF23qNHBZGX1WJeU6Eyhq_oj8kBa-FTba2FyoZk5M0_KZl4JCFTCftKsPvYVBVtP8M63zHiQ7DIa-m9OXodJfTdpsPxdA6AF7_WkslVpRND7RS10JhvNk-D3sLNhKk8ii5lnioVv3mJfLbW8bjb6q1mTgU8vOCqty_anm98saQ5QRyjjwj-BvjTIBLNzV6YZeqWXoogczp7H_Vk92OjsJlkywzWuKAjke8Gl9LpLkanedA9rU1F6US3-BoTb3GfGBlK_DhUBNezJbfvlcXZivBs3ukuuDv4cckYCIuf6KwKz4Qxzo07CMbDZjjdw1yd8VXNTr90eHF9374LI3TISVXKM4JbtRycbY7uWIog3MTVvGTbzT4DJKPbxx62BeZt9rH2_Wdei9OuYIBhF_1xKngktIgL5Uu-hMgKEXhc0HUNIVJccryIuJ5mdbouPG2rbby1mwmZSTL24JlugAX2lq4REtW8STs72ANY-EMwAf2HPBvEk-iOz1oDIHK31CHqh6X-jZoyaKUcrgkCwtWx-c34uUr04en1gEkLfhZh5-XrbiZBmDDTr7gK8FVxB3xjXA35Drl8RG9WJdUPxaQ4c_ZseMFUpk-nn-xPayfpEnIZ_cg22wFSZKFsiIf70HRkPZ3hhGdaZIwE3uqFqcPz21iK-E4DAaHdavOP01ZNwcAXDvqgu7iUmhYPqpB5aD8xq-Hayi9ltpTqdWg9dt7FjmBnIODMBsYvBOUmn565XzU5X3MdGaq2cGthGDwPIm1778BSoAzI0Vds3RO2OeiZ7zkuwGazX4aMkrDxfu-v1XamYQWyzGwdTvFViSF40PS5B5m-izfk-forUJFBv1bV5nPgHQH7QTkBJm1Ev_5z22sxYZDdOvOlqAp4y5DWxaBP8bq_R_-FeT2x1qf5tMKuPwvshBJdThIPx2Au_LvqJ3fVLh96_erZDdBmrJNMm8t8FJiufr5wEDUqKUM3QVKrorSy7xrnQLiux_w7E0bkzSGgHe_Z-G94b5o737-JTdGJhsTqYIoNoV7n8ISmbmqxxxSgaeVPEuU4yYW4NIe-QJ9w5rGmQCd8786jtIi4o8_ugDzWeH810pXVj594auL3EqottMSoOKQccFvDKOS5MbbUhWn3ybWgV7TgtuakmLwLPfJF9SP2_yfYESwaGQqJjSpIxxKPo6_WXRcnEEI1_PXrs5pAsfW8NGkfq2RKST82FCb1-WNV05VSxc8RbGlOrpu1zfSh_gVTqTTQXXkJcP7W9QR1daEKez9XdgFSjuQBdus5pnWvzEip5ngR7um4wPPQ4yHmneP1YAIL2X9JRE8QdREpFJ_-hxn8j1ihOL6HsFU9p4owlewHLcFK3iKP82DQKWSk38HUphuUh_Ja0u3NnhF4QHw5om6izdCeLhD38F-4mRIzRtfDy_91i7x9rJajNLwcgCejvASFOkoW8ANyCX9RDZhKmTUcackIbjBq_dWi77PudHQb7MgGg81qjHwlet0qXsq8l2p9hBvoHgCGWlTFRCpCbl0Rw4Y6auo3xMMMRYeAsbUde5DJ4PgkcjjVJFSOrhv4-V_BPfjvzOmZz5lBfZEp2U9d6MigKJFSXr7P-5HQNcYoHAWYE2OdlPUR9EfASDi4XizCPgpTqrRlSkR7Vh_0L5RsGxdfi4cLX-r-tANMFPTGHI3X-NCEY5ICuROWpBbDCU69jklmit2wHG6nn9S21UnUdCtqwD2Ho504vGokQ0Q-RWI81NGtTUzbB6CO4kr-FCyyMWqBDffZR_ou9fFD9X5WY1RIpNk5S4u9eXKf4AJ54NoGALgt2n2SLrlx-csIZYHieoL1_bpAxeQpgKgI8R13wTESSeA5JZCzAFZH8HObJwk5VtXUcww9kz6x1o0GrOfqz5P8wtwrZ4DOxIIyX3Bm5LxgupfY1NnrSAW_6wdStu-u4QsHElhU2m-JKTsj_eH9Vt8f-IqBGMqxfZNv8O9XNtmipcMMIjgJM5T0uJwZuaZmt9Cu13GH-s5MJ5_dIGBNvCl5GvbE9TNKO91pyyNsUxTpJzcDIAvWX6p8s4pTVt1GDcBWx1wNt7Aez35VowCEir2rZ2f_sDqW7V_J8jiSJe8q9j-LkEKlzfA5xMROn6AkZGuItrFF741-TnF-_yfKgZRUgA3QQPSYUjbuynzTK2wvgZIJptEuXlE8UNkcgK9m6XGZbgsw-DDO5RhQnTvKoUIPTz6fAZPT-jqrqziWDD_dHgpyVrjNvS5Ii8zaDTNhjYM3B5osKyijx_WLE5D4Q3TsNV9vyegKd4q14-7vk76XgII9PO6GRdOSzKBjVuFbt6So1e-EW8GriMw5ciFnhSDhyLxHdXWZN_FCmHGJgKxlG6iP2PtVcsI1cwsqGdWOCEbPtJSC2I3fjJxNzZm4t7-QXbPG3aylntwflH9qQJnlt-bcbpfBYyQOYS4V1RstOPrxFiJ4KFq4uMyugh3H3x3lKwi1vdrZwCDyCoCKw_FRMvh0Gw95SptMsPHReNjcxUpM7uD4oeKf4ZuXfGIbKjUuxA66ZXYF3EVaN-IAptdL4u7Ro-Z_gJIdtISLEVUKaYEovXLptYcxBrfUCh2x-V_eGLoB5seTAEYs5xckG_ozaVXhkgrPofTsJSQIxyc36ZTyT2LESwi2ksm2KR0KUUzDfNgFfxO-iQrOI5P2eInBt83oVBpSv8uEHqDve2lnrlvU-aaBdgXFcNbnu9UUWRzjeabU_vN9lJNIt5O9fh92MzIsB3ZApk70iv0HexYeVR7ebiP9XiObHa7jxiS1bhRkWUI2rL1PxhZWM8xccdr6ev4wWLT4CzPksjzU2xvsSVP49aQKqUkOWxiGTUVW7Va_gjcXLqufXGZ8X5tCweA0lZMjx3Ma3WTnAQ5Ig6Ov-wja0LrcvVJyuEuWLARgS-orUfZ69FZge&cid=CAASEuRoEwPS5UDFJw6dLqaKTfnGVA&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ccfef2dc947d705894faaf1c30358c3d1b2264f149bc3e4ee1475348f9c6ad1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE07 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPNqzD7M7lOkF1WJMz4-76gq4QaPZCMOHaHbMwrlQWQ_mKbn-TEKuTdfPZXHJbwgP63mO9AesgDQ9j5CC_66wGJnvaadm_C6duhDREoZuF8jmaRcI
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame FE07 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 03:01:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE07 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Dec 2021 03:02:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame FE07 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 01:40:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE07 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20211207&sample=0.01
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC12 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
24442
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 29 Dec 2021 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC12 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
76744
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 29 Dec 2021 05:43:34 GMT
17330724057521692362
tpc.googlesyndication.com/simgad/ Frame A9CE 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17330724057521692362?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnQanpIfowkZt3xsGuRrJA3aZzclw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef1a571cc5fc9fe2069da0071a92a9a5516eadb17861a0ae3703ccb57517acfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 00:13:52 GMT
x-content-type-options
nosniff
age
528526
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64317
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:25:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Dec 2022 00:13:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A9CE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
24442
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 29 Dec 2021 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A9CE 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
76744
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 29 Dec 2021 05:43:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A9CE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Wed, 29 Dec 2021 03:02:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7C2B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Wed, 29 Dec 2021 03:02:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
11223012576750741523
tpc.googlesyndication.com/simgad/ Frame 7C2B 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11223012576750741523?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qml8hjoUl4cVQyTOsAgtIuZWXD7TQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e419d951c819c052caee51f95ea700755fd436c974aafdef2097c8ba48b5753c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 16:24:06 GMT
x-content-type-options
nosniff
age
297512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32741
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:25:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Dec 2022 16:24:06 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7C2B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
24442
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 29 Dec 2021 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7C2B 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Dec 2021 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
76744
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 29 Dec 2021 05:43:34 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 514F 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
Origin
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 14:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Dec 2021 14:56:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 514F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AorqT9n1D25C1RuEKtbpTPBbEDO9aB_aZsXBMgRcgaycd7XQ4YtW-nO4GMEfcwjVQiSLrTyqJw4o3L3Tn7DzyrZm5nJ696eniAmUVcSh879B9pbl_bvo4wjSbddyzSRmSB3hEQ3lheqbXPn95ZOsKeoFus8g&dbm_d=AKAmf-AjYfAG2Acvb0LjYr5vBrA-JAR6AT6a3hGbscqG8JHz5CQ-d3RBYiWKQJVSpDVzdEqPEYwIFpdQ--a87DoFTEm0M2GNo9gSlTVRrQGMxM1Wlr_680SfdNYWpfTzFKrtitPVTTj0xIXSiCBAqeP3rpJ_hZOW82lm6FXtmEE7QgFGqc_viuAU4k94HJXktU7-29QI8Ws9FZdnbZImSq0u5qoY1HSiRF40UlQUJYjrqJgLgR9HQNWN_xFng1oDrq7UXg7-xBH-3fBejDp_ApIuxWqNxSJpKAze_PcE_pyVRGln7OqMQSuqxvG0NKBVhrhEbIzrUW1FvWxFknr7pzXZ89yHNy_k2EhJjgXz4he_kW4nOuJrnJcz5F-QAJo_qi8J5DwzMHzgyhu7gVQKi7SDMKfQpSOKpTbfKtRUpTJip6OLhs08drAujPHVn_yAIcMqTQiY2vs6AjrChdxBG0R7Nlz2RHlvy6oJ6OowUv9dGJCiegeq7774NJTauDqmFF5i1Cm1obqnQb5PDR33VQSisYJ11IWV7v75xbyLrIChMoALrgkOeOwC_fMBsd-XXf9eE0IgMdvRy94u0qbYXT9nIb_EKKr3WXeUZkpmU2Dfg1JU0IU7GxnePmO159cFr6oDmx3jOgNDniQEKY0Qay1it-LwwDXqDeo54dm2frdck-JCX5R21EYqfr_GpxT5INnL451AHHZ82CVh7byX5nqNBz5umFJUaAaKgwFzYPTVgCMVIBWoTZpyBy3IRwe6tdwZISgiSrtQCxKqxX3w2sj05Do2a7bfMO0dHBtTMytSKWL7BPduTFYoTQvxZXuPthVoJ410t9DiwoXrspWlMmckOrhZG7q0FRpVEoMPMi3znqfiMQHIg5u5pRh19qj_sFy5AmTxMsF_AzC9TlYM-CfTF39OCA_LcULFImNuPo5A7QCidZWfcR2lUlCymglxdcI-ffh82rsQ-zvnJI-CqnwQbwh90E51v6Ke-GExtt2HznNZGix6WiCWD_bcHz_ygli-lzaIgR04_W4EU5UiQxwbLsQKdX7__2BrH8tPRauBaAJ-5Sm73ybE2_hNyuSuOPPDQp8brjR0mdEY9ymiySLC8nt6YoM5U4nIvWuji8Sd9LaKgGLePNI2XMAgehwjuWiGPx1uC8H59KvezyO4ahAstGYZ-vDo6RwZGvpHPdB9W-YVHgAE9Av5ntSxoDSfPNjNGlRJM9uNSNVdZjEzeNWteLvwfF65SsgrbDcEaw6wj-3Dm7vDvdVHRYwC5V9BFYC0jy-_jD3UXgVmJKVgmEQZyLjUL7G1rEf2lvs0IiQI6b0t-_3F7f6256lhX1frHL8LNoh9B5W6LuRJqvzW5rPDusflsNOv3uTiXJctZMFhy6u04kCevFKrTr2-P6FyXEZp4YvegVZnGtZ1_-Xnnfqz45YTyXFSi7Uw0-0MfhKr6Ml8QhmWdM2tA9Vl4kflK-fWaIcMfMJJsIyL9gg4MtOzjDyKLXN1yaq2XsaJC9yevmrLD6gy2tlGkGM5hTkBDnb2AdBoJMioA0n_4-2ORxdKcfl3EuZE8BhYsOKBFQrOFIQY_9UtwcXzh4XJI3Yok36yZN0aZTrZAky3IPEM_IJk-PHQ44aNWOAZpLYJG9Fbabawz2CtXlZTUx275wO02mtDKxJnFqFdO1a33tVbsnGXXK7gmXgZGtNj7ckMycy_UZUvH-cbTtcgNC0IBnhESYkGozo-03WOprbl8pI15CTuEjYulWLvK8jk4banJcF9z-K3Y9dC7aE06m72sn_WvvTJX-bvIsSlZdztYUUO_AruxHtiPxhX_x-OH6zf5CQii4sT7yqcd6LqjwSPtrFb58JCZVjotJyoZGT9OLL5ZRrEuAHvA4Og9YsJq_0Tu8azP_GW1QCox2-cixPRHVFl5x9EZ4uVR46qWa5x9fy21jNEYlfzD-Vf0b0iNfyGvbeQ0kAjLWIBTndTh1M7b7GY4VsxV9tuxgGJl35zHvEsgD6fQleSiz4PV7rxrRqDle6YrPbE-gNcXU-N5EDktBXC1LTAXwvWnMG3T1XUBNHL_o5OTlUJUYWW-2VLn6JnHfNIkJ2K8KUIXdIM9BoCZBy-TW-wutlyUEqkhryABKBcSsoAiphzrSj4SZ8sfitrM_s9rfRhQU0yX_KTgvTREQGOAhohGxsYgNbf2D2j1hJrNFY_q8QIeSzBA5Q3Gw84lmX_W6qayW4lK1ETGDFLYTvazD3rSmrPtZfCf_qzb1EQfzV_DZhdRdVZ1LLAB1bhtdoNU2CWDqoyeQajn7OqGQoeRaFSlUu2AA6slmSJG5JSuyQajdx8YhBRUX6J1nR0qPKfeggsXCY3sgcKcMMtVtt6s8QBzpHMI7jdMo5CHmk0Vzv2Qair-g5SL-Uf_h66SkWhG4-YUSirqwT6hXazfPAe6AedrLNGSkdbe0VnIdJXZc1vrHjgu2ltP6f8pY0XT5MSNk-rg2kAbUfgCezliksajz1BaIt8CMZ7KBZbXSVyczDdghhhUk6fsVp2GUDaclPH_4fL2NXpD-iqaIxCuLWhBKucMytCZaRXZh0TOpVgHKITLjdteESA2poYCzrbZSVfj7MbPMMXgcx0jbI1R796sOuQsRe0HGo0wR7Ytfhdwcsdqi2vn2mF__CfsLVAE-MfCStHhdjz6TEbUTZ7SXE50JziWFYgAQ-jW88lWQjyN0mBXRz_Q1bexxvoMkH2KOrkShdVd72F6Q4MFkMVycmD512zX5FkeAcLWyD-NaXtSeO_SLUgjEufX8JXsDs4kEkACLxzgPvAPr-vK7w738WCwvuUDKRzbKB5_UAQ-pEd17unP_hvCMHyTtxZNSxf2MvulfBXsUnJ1lKXujH-E-eGzB6dYBAVkF8k1q6RnJHJsbaOXPY-VHl4IombMnhKlOnfCa8GqdgkWVHHNPTCx5S_FmHyvBClCRvGAwv0tsywvT_T3Yr2bbLuNhfZHoyv393f_-qyN6O4adYFdBlFEyVFSZaVirRyPC0K&cid=CAASEuRouhLMHsEit01IAbSdMkM_6w&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 02:29:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 514F 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AorqT9n1D25C1RuEKtbpTPBbEDO9aB_aZsXBMgRcgaycd7XQ4YtW-nO4GMEfcwjVQiSLrTyqJw4o3L3Tn7DzyrZm5nJ696eniAmUVcSh879B9pbl_bvo4wjSbddyzSRmSB3hEQ3lheqbXPn95ZOsKeoFus8g&dbm_d=AKAmf-AjYfAG2Acvb0LjYr5vBrA-JAR6AT6a3hGbscqG8JHz5CQ-d3RBYiWKQJVSpDVzdEqPEYwIFpdQ--a87DoFTEm0M2GNo9gSlTVRrQGMxM1Wlr_680SfdNYWpfTzFKrtitPVTTj0xIXSiCBAqeP3rpJ_hZOW82lm6FXtmEE7QgFGqc_viuAU4k94HJXktU7-29QI8Ws9FZdnbZImSq0u5qoY1HSiRF40UlQUJYjrqJgLgR9HQNWN_xFng1oDrq7UXg7-xBH-3fBejDp_ApIuxWqNxSJpKAze_PcE_pyVRGln7OqMQSuqxvG0NKBVhrhEbIzrUW1FvWxFknr7pzXZ89yHNy_k2EhJjgXz4he_kW4nOuJrnJcz5F-QAJo_qi8J5DwzMHzgyhu7gVQKi7SDMKfQpSOKpTbfKtRUpTJip6OLhs08drAujPHVn_yAIcMqTQiY2vs6AjrChdxBG0R7Nlz2RHlvy6oJ6OowUv9dGJCiegeq7774NJTauDqmFF5i1Cm1obqnQb5PDR33VQSisYJ11IWV7v75xbyLrIChMoALrgkOeOwC_fMBsd-XXf9eE0IgMdvRy94u0qbYXT9nIb_EKKr3WXeUZkpmU2Dfg1JU0IU7GxnePmO159cFr6oDmx3jOgNDniQEKY0Qay1it-LwwDXqDeo54dm2frdck-JCX5R21EYqfr_GpxT5INnL451AHHZ82CVh7byX5nqNBz5umFJUaAaKgwFzYPTVgCMVIBWoTZpyBy3IRwe6tdwZISgiSrtQCxKqxX3w2sj05Do2a7bfMO0dHBtTMytSKWL7BPduTFYoTQvxZXuPthVoJ410t9DiwoXrspWlMmckOrhZG7q0FRpVEoMPMi3znqfiMQHIg5u5pRh19qj_sFy5AmTxMsF_AzC9TlYM-CfTF39OCA_LcULFImNuPo5A7QCidZWfcR2lUlCymglxdcI-ffh82rsQ-zvnJI-CqnwQbwh90E51v6Ke-GExtt2HznNZGix6WiCWD_bcHz_ygli-lzaIgR04_W4EU5UiQxwbLsQKdX7__2BrH8tPRauBaAJ-5Sm73ybE2_hNyuSuOPPDQp8brjR0mdEY9ymiySLC8nt6YoM5U4nIvWuji8Sd9LaKgGLePNI2XMAgehwjuWiGPx1uC8H59KvezyO4ahAstGYZ-vDo6RwZGvpHPdB9W-YVHgAE9Av5ntSxoDSfPNjNGlRJM9uNSNVdZjEzeNWteLvwfF65SsgrbDcEaw6wj-3Dm7vDvdVHRYwC5V9BFYC0jy-_jD3UXgVmJKVgmEQZyLjUL7G1rEf2lvs0IiQI6b0t-_3F7f6256lhX1frHL8LNoh9B5W6LuRJqvzW5rPDusflsNOv3uTiXJctZMFhy6u04kCevFKrTr2-P6FyXEZp4YvegVZnGtZ1_-Xnnfqz45YTyXFSi7Uw0-0MfhKr6Ml8QhmWdM2tA9Vl4kflK-fWaIcMfMJJsIyL9gg4MtOzjDyKLXN1yaq2XsaJC9yevmrLD6gy2tlGkGM5hTkBDnb2AdBoJMioA0n_4-2ORxdKcfl3EuZE8BhYsOKBFQrOFIQY_9UtwcXzh4XJI3Yok36yZN0aZTrZAky3IPEM_IJk-PHQ44aNWOAZpLYJG9Fbabawz2CtXlZTUx275wO02mtDKxJnFqFdO1a33tVbsnGXXK7gmXgZGtNj7ckMycy_UZUvH-cbTtcgNC0IBnhESYkGozo-03WOprbl8pI15CTuEjYulWLvK8jk4banJcF9z-K3Y9dC7aE06m72sn_WvvTJX-bvIsSlZdztYUUO_AruxHtiPxhX_x-OH6zf5CQii4sT7yqcd6LqjwSPtrFb58JCZVjotJyoZGT9OLL5ZRrEuAHvA4Og9YsJq_0Tu8azP_GW1QCox2-cixPRHVFl5x9EZ4uVR46qWa5x9fy21jNEYlfzD-Vf0b0iNfyGvbeQ0kAjLWIBTndTh1M7b7GY4VsxV9tuxgGJl35zHvEsgD6fQleSiz4PV7rxrRqDle6YrPbE-gNcXU-N5EDktBXC1LTAXwvWnMG3T1XUBNHL_o5OTlUJUYWW-2VLn6JnHfNIkJ2K8KUIXdIM9BoCZBy-TW-wutlyUEqkhryABKBcSsoAiphzrSj4SZ8sfitrM_s9rfRhQU0yX_KTgvTREQGOAhohGxsYgNbf2D2j1hJrNFY_q8QIeSzBA5Q3Gw84lmX_W6qayW4lK1ETGDFLYTvazD3rSmrPtZfCf_qzb1EQfzV_DZhdRdVZ1LLAB1bhtdoNU2CWDqoyeQajn7OqGQoeRaFSlUu2AA6slmSJG5JSuyQajdx8YhBRUX6J1nR0qPKfeggsXCY3sgcKcMMtVtt6s8QBzpHMI7jdMo5CHmk0Vzv2Qair-g5SL-Uf_h66SkWhG4-YUSirqwT6hXazfPAe6AedrLNGSkdbe0VnIdJXZc1vrHjgu2ltP6f8pY0XT5MSNk-rg2kAbUfgCezliksajz1BaIt8CMZ7KBZbXSVyczDdghhhUk6fsVp2GUDaclPH_4fL2NXpD-iqaIxCuLWhBKucMytCZaRXZh0TOpVgHKITLjdteESA2poYCzrbZSVfj7MbPMMXgcx0jbI1R796sOuQsRe0HGo0wR7Ytfhdwcsdqi2vn2mF__CfsLVAE-MfCStHhdjz6TEbUTZ7SXE50JziWFYgAQ-jW88lWQjyN0mBXRz_Q1bexxvoMkH2KOrkShdVd72F6Q4MFkMVycmD512zX5FkeAcLWyD-NaXtSeO_SLUgjEufX8JXsDs4kEkACLxzgPvAPr-vK7w738WCwvuUDKRzbKB5_UAQ-pEd17unP_hvCMHyTtxZNSxf2MvulfBXsUnJ1lKXujH-E-eGzB6dYBAVkF8k1q6RnJHJsbaOXPY-VHl4IombMnhKlOnfCa8GqdgkWVHHNPTCx5S_FmHyvBClCRvGAwv0tsywvT_T3Yr2bbLuNhfZHoyv393f_-qyN6O4adYFdBlFEyVFSZaVirRyPC0K&cid=CAASEuRouhLMHsEit01IAbSdMkM_6w&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 02:10:49 GMT
rum
dsum-sec.casalemedia.com/ Frame 7FE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFxmdfqh8X8LuKYMEnGH_c&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFxmdfqh8X8LuKYMEnGH_c&google_cver=1&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFxmdfqh8X8LuKYMEnGH_c&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNXI7KO7UZVCRA-szri8b51xIJvaCFnaPW_OzbXrZhnk-hHk4aSmw9azL4w-2qY5iOdzrz4HABUAnwUUZGUzj6NUj1rfevS92hJxCT3QEe_9bUjNeQc
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 29 Dec 2021 03:02:39 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFxmdfqh8X8LuKYMEnGH_c&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Wed, 29 Dec 2021 03:02:39 GMT
rum
dsum-sec.casalemedia.com/ Frame 7FE5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YcvPziZtjvbL1RXKY0SD4wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFxmdfqh8X8LuKYMEnGH_c&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFxmdfqh8X8LuKYMEnGH_c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNXI7KO7UZVCRA-szri8b51xIJvaCFnaPW_OzbXrZhnk-hHk4aSmw9azL4w-2qY5iOdzrz4HABUAnwUUZGUzj6NUj1rfevS92hJxCT3QEe_9bUjNeQc
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 29 Dec 2021 03:02:39 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFxmdfqh8X8LuKYMEnGH_c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7FE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPuHdcvAmCDuez9eDQOkUZU&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPuHdcvAmCDuez9eDQOkUZU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNXI7KO7UZVCRA-szri8b51xIJvaCFnaPW_OzbXrZhnk-hHk4aSmw9azL4w-2qY5iOdzrz4HABUAnwUUZGUzj6NUj1rfevS92hJxCT3QEe_9bUjNeQc
Protocol
HTTP/1.1
Server
185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:39 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
32869e21-5cbe-45c9-bc90-758fcd0eca86
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPuHdcvAmCDuez9eDQOkUZU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7FE5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNTQzNDM4NDI5MjQ4Njk3Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNTQzNDM4NDI5MjQ4Njk3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNXI7KO7UZVCRA-szri8b51xIJvaCFnaPW_OzbXrZhnk-hHk4aSmw9azL4w-2qY5iOdzrz4HABUAnwUUZGUzj6NUj1rfevS92hJxCT3QEe_9bUjNeQc
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:39 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
17a46b82-3ced-4e2b-9b55-7f4b3d1ccb42
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIyNTQzNDM4NDI5MjQ4Njk3Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
syncframe
gum.criteo.com/ Frame 3934 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=filecr.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
133be2ab152b1c9f408e9a597430361539cf3b8255a0a92f8a8a8a885e079702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2021
date
Wed, 29 Dec 2021 03:02:38 GMT
content-length
4161
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 30 Dec 2021 03:02:38 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame FE07 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
Origin
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 14:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Dec 2021 14:56:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame FE07 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqjsBlFqkWe89kexWMFUPPxlgQVneEz_x_0UnzxvA2emNl-8MUo_xhAhGgxiA2HBfgfDCSyEKA8NcyRTRr2-j-ogorCNQLyYjc2K_jGDqRTKKc5zlN20Cdj5hhexQWbU8dH7DMi7HVDVFfmXdYSfoqBvfToA&dbm_d=AKAmf-DXEI6FirI3JLHwJqRxupXfQTTPDeRzDPzvMg3sffn-v8Wo5jmQbIsV1RoZ86vS1Z-3b4IYqHTOWHMQxgXiC7cXvF23qNHBZGX1WJeU6Eyhq_oj8kBa-FTba2FyoZk5M0_KZl4JCFTCftKsPvYVBVtP8M63zHiQ7DIa-m9OXodJfTdpsPxdA6AF7_WkslVpRND7RS10JhvNk-D3sLNhKk8ii5lnioVv3mJfLbW8bjb6q1mTgU8vOCqty_anm98saQ5QRyjjwj-BvjTIBLNzV6YZeqWXoogczp7H_Vk92OjsJlkywzWuKAjke8Gl9LpLkanedA9rU1F6US3-BoTb3GfGBlK_DhUBNezJbfvlcXZivBs3ukuuDv4cckYCIuf6KwKz4Qxzo07CMbDZjjdw1yd8VXNTr90eHF9374LI3TISVXKM4JbtRycbY7uWIog3MTVvGTbzT4DJKPbxx62BeZt9rH2_Wdei9OuYIBhF_1xKngktIgL5Uu-hMgKEXhc0HUNIVJccryIuJ5mdbouPG2rbby1mwmZSTL24JlugAX2lq4REtW8STs72ANY-EMwAf2HPBvEk-iOz1oDIHK31CHqh6X-jZoyaKUcrgkCwtWx-c34uUr04en1gEkLfhZh5-XrbiZBmDDTr7gK8FVxB3xjXA35Drl8RG9WJdUPxaQ4c_ZseMFUpk-nn-xPayfpEnIZ_cg22wFSZKFsiIf70HRkPZ3hhGdaZIwE3uqFqcPz21iK-E4DAaHdavOP01ZNwcAXDvqgu7iUmhYPqpB5aD8xq-Hayi9ltpTqdWg9dt7FjmBnIODMBsYvBOUmn565XzU5X3MdGaq2cGthGDwPIm1778BSoAzI0Vds3RO2OeiZ7zkuwGazX4aMkrDxfu-v1XamYQWyzGwdTvFViSF40PS5B5m-izfk-forUJFBv1bV5nPgHQH7QTkBJm1Ev_5z22sxYZDdOvOlqAp4y5DWxaBP8bq_R_-FeT2x1qf5tMKuPwvshBJdThIPx2Au_LvqJ3fVLh96_erZDdBmrJNMm8t8FJiufr5wEDUqKUM3QVKrorSy7xrnQLiux_w7E0bkzSGgHe_Z-G94b5o737-JTdGJhsTqYIoNoV7n8ISmbmqxxxSgaeVPEuU4yYW4NIe-QJ9w5rGmQCd8786jtIi4o8_ugDzWeH810pXVj594auL3EqottMSoOKQccFvDKOS5MbbUhWn3ybWgV7TgtuakmLwLPfJF9SP2_yfYESwaGQqJjSpIxxKPo6_WXRcnEEI1_PXrs5pAsfW8NGkfq2RKST82FCb1-WNV05VSxc8RbGlOrpu1zfSh_gVTqTTQXXkJcP7W9QR1daEKez9XdgFSjuQBdus5pnWvzEip5ngR7um4wPPQ4yHmneP1YAIL2X9JRE8QdREpFJ_-hxn8j1ihOL6HsFU9p4owlewHLcFK3iKP82DQKWSk38HUphuUh_Ja0u3NnhF4QHw5om6izdCeLhD38F-4mRIzRtfDy_91i7x9rJajNLwcgCejvASFOkoW8ANyCX9RDZhKmTUcackIbjBq_dWi77PudHQb7MgGg81qjHwlet0qXsq8l2p9hBvoHgCGWlTFRCpCbl0Rw4Y6auo3xMMMRYeAsbUde5DJ4PgkcjjVJFSOrhv4-V_BPfjvzOmZz5lBfZEp2U9d6MigKJFSXr7P-5HQNcYoHAWYE2OdlPUR9EfASDi4XizCPgpTqrRlSkR7Vh_0L5RsGxdfi4cLX-r-tANMFPTGHI3X-NCEY5ICuROWpBbDCU69jklmit2wHG6nn9S21UnUdCtqwD2Ho504vGokQ0Q-RWI81NGtTUzbB6CO4kr-FCyyMWqBDffZR_ou9fFD9X5WY1RIpNk5S4u9eXKf4AJ54NoGALgt2n2SLrlx-csIZYHieoL1_bpAxeQpgKgI8R13wTESSeA5JZCzAFZH8HObJwk5VtXUcww9kz6x1o0GrOfqz5P8wtwrZ4DOxIIyX3Bm5LxgupfY1NnrSAW_6wdStu-u4QsHElhU2m-JKTsj_eH9Vt8f-IqBGMqxfZNv8O9XNtmipcMMIjgJM5T0uJwZuaZmt9Cu13GH-s5MJ5_dIGBNvCl5GvbE9TNKO91pyyNsUxTpJzcDIAvWX6p8s4pTVt1GDcBWx1wNt7Aez35VowCEir2rZ2f_sDqW7V_J8jiSJe8q9j-LkEKlzfA5xMROn6AkZGuItrFF741-TnF-_yfKgZRUgA3QQPSYUjbuynzTK2wvgZIJptEuXlE8UNkcgK9m6XGZbgsw-DDO5RhQnTvKoUIPTz6fAZPT-jqrqziWDD_dHgpyVrjNvS5Ii8zaDTNhjYM3B5osKyijx_WLE5D4Q3TsNV9vyegKd4q14-7vk76XgII9PO6GRdOSzKBjVuFbt6So1e-EW8GriMw5ciFnhSDhyLxHdXWZN_FCmHGJgKxlG6iP2PtVcsI1cwsqGdWOCEbPtJSC2I3fjJxNzZm4t7-QXbPG3aylntwflH9qQJnlt-bcbpfBYyQOYS4V1RstOPrxFiJ4KFq4uMyugh3H3x3lKwi1vdrZwCDyCoCKw_FRMvh0Gw95SptMsPHReNjcxUpM7uD4oeKf4ZuXfGIbKjUuxA66ZXYF3EVaN-IAptdL4u7Ro-Z_gJIdtISLEVUKaYEovXLptYcxBrfUCh2x-V_eGLoB5seTAEYs5xckG_ozaVXhkgrPofTsJSQIxyc36ZTyT2LESwi2ksm2KR0KUUzDfNgFfxO-iQrOI5P2eInBt83oVBpSv8uEHqDve2lnrlvU-aaBdgXFcNbnu9UUWRzjeabU_vN9lJNIt5O9fh92MzIsB3ZApk70iv0HexYeVR7ebiP9XiObHa7jxiS1bhRkWUI2rL1PxhZWM8xccdr6ev4wWLT4CzPksjzU2xvsSVP49aQKqUkOWxiGTUVW7Va_gjcXLqufXGZ8X5tCweA0lZMjx3Ma3WTnAQ5Ig6Ov-wja0LrcvVJyuEuWLARgS-orUfZ69FZge&cid=CAASEuRoEwPS5UDFJw6dLqaKTfnGVA&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 02:29:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame FE07 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqjsBlFqkWe89kexWMFUPPxlgQVneEz_x_0UnzxvA2emNl-8MUo_xhAhGgxiA2HBfgfDCSyEKA8NcyRTRr2-j-ogorCNQLyYjc2K_jGDqRTKKc5zlN20Cdj5hhexQWbU8dH7DMi7HVDVFfmXdYSfoqBvfToA&dbm_d=AKAmf-DXEI6FirI3JLHwJqRxupXfQTTPDeRzDPzvMg3sffn-v8Wo5jmQbIsV1RoZ86vS1Z-3b4IYqHTOWHMQxgXiC7cXvF23qNHBZGX1WJeU6Eyhq_oj8kBa-FTba2FyoZk5M0_KZl4JCFTCftKsPvYVBVtP8M63zHiQ7DIa-m9OXodJfTdpsPxdA6AF7_WkslVpRND7RS10JhvNk-D3sLNhKk8ii5lnioVv3mJfLbW8bjb6q1mTgU8vOCqty_anm98saQ5QRyjjwj-BvjTIBLNzV6YZeqWXoogczp7H_Vk92OjsJlkywzWuKAjke8Gl9LpLkanedA9rU1F6US3-BoTb3GfGBlK_DhUBNezJbfvlcXZivBs3ukuuDv4cckYCIuf6KwKz4Qxzo07CMbDZjjdw1yd8VXNTr90eHF9374LI3TISVXKM4JbtRycbY7uWIog3MTVvGTbzT4DJKPbxx62BeZt9rH2_Wdei9OuYIBhF_1xKngktIgL5Uu-hMgKEXhc0HUNIVJccryIuJ5mdbouPG2rbby1mwmZSTL24JlugAX2lq4REtW8STs72ANY-EMwAf2HPBvEk-iOz1oDIHK31CHqh6X-jZoyaKUcrgkCwtWx-c34uUr04en1gEkLfhZh5-XrbiZBmDDTr7gK8FVxB3xjXA35Drl8RG9WJdUPxaQ4c_ZseMFUpk-nn-xPayfpEnIZ_cg22wFSZKFsiIf70HRkPZ3hhGdaZIwE3uqFqcPz21iK-E4DAaHdavOP01ZNwcAXDvqgu7iUmhYPqpB5aD8xq-Hayi9ltpTqdWg9dt7FjmBnIODMBsYvBOUmn565XzU5X3MdGaq2cGthGDwPIm1778BSoAzI0Vds3RO2OeiZ7zkuwGazX4aMkrDxfu-v1XamYQWyzGwdTvFViSF40PS5B5m-izfk-forUJFBv1bV5nPgHQH7QTkBJm1Ev_5z22sxYZDdOvOlqAp4y5DWxaBP8bq_R_-FeT2x1qf5tMKuPwvshBJdThIPx2Au_LvqJ3fVLh96_erZDdBmrJNMm8t8FJiufr5wEDUqKUM3QVKrorSy7xrnQLiux_w7E0bkzSGgHe_Z-G94b5o737-JTdGJhsTqYIoNoV7n8ISmbmqxxxSgaeVPEuU4yYW4NIe-QJ9w5rGmQCd8786jtIi4o8_ugDzWeH810pXVj594auL3EqottMSoOKQccFvDKOS5MbbUhWn3ybWgV7TgtuakmLwLPfJF9SP2_yfYESwaGQqJjSpIxxKPo6_WXRcnEEI1_PXrs5pAsfW8NGkfq2RKST82FCb1-WNV05VSxc8RbGlOrpu1zfSh_gVTqTTQXXkJcP7W9QR1daEKez9XdgFSjuQBdus5pnWvzEip5ngR7um4wPPQ4yHmneP1YAIL2X9JRE8QdREpFJ_-hxn8j1ihOL6HsFU9p4owlewHLcFK3iKP82DQKWSk38HUphuUh_Ja0u3NnhF4QHw5om6izdCeLhD38F-4mRIzRtfDy_91i7x9rJajNLwcgCejvASFOkoW8ANyCX9RDZhKmTUcackIbjBq_dWi77PudHQb7MgGg81qjHwlet0qXsq8l2p9hBvoHgCGWlTFRCpCbl0Rw4Y6auo3xMMMRYeAsbUde5DJ4PgkcjjVJFSOrhv4-V_BPfjvzOmZz5lBfZEp2U9d6MigKJFSXr7P-5HQNcYoHAWYE2OdlPUR9EfASDi4XizCPgpTqrRlSkR7Vh_0L5RsGxdfi4cLX-r-tANMFPTGHI3X-NCEY5ICuROWpBbDCU69jklmit2wHG6nn9S21UnUdCtqwD2Ho504vGokQ0Q-RWI81NGtTUzbB6CO4kr-FCyyMWqBDffZR_ou9fFD9X5WY1RIpNk5S4u9eXKf4AJ54NoGALgt2n2SLrlx-csIZYHieoL1_bpAxeQpgKgI8R13wTESSeA5JZCzAFZH8HObJwk5VtXUcww9kz6x1o0GrOfqz5P8wtwrZ4DOxIIyX3Bm5LxgupfY1NnrSAW_6wdStu-u4QsHElhU2m-JKTsj_eH9Vt8f-IqBGMqxfZNv8O9XNtmipcMMIjgJM5T0uJwZuaZmt9Cu13GH-s5MJ5_dIGBNvCl5GvbE9TNKO91pyyNsUxTpJzcDIAvWX6p8s4pTVt1GDcBWx1wNt7Aez35VowCEir2rZ2f_sDqW7V_J8jiSJe8q9j-LkEKlzfA5xMROn6AkZGuItrFF741-TnF-_yfKgZRUgA3QQPSYUjbuynzTK2wvgZIJptEuXlE8UNkcgK9m6XGZbgsw-DDO5RhQnTvKoUIPTz6fAZPT-jqrqziWDD_dHgpyVrjNvS5Ii8zaDTNhjYM3B5osKyijx_WLE5D4Q3TsNV9vyegKd4q14-7vk76XgII9PO6GRdOSzKBjVuFbt6So1e-EW8GriMw5ciFnhSDhyLxHdXWZN_FCmHGJgKxlG6iP2PtVcsI1cwsqGdWOCEbPtJSC2I3fjJxNzZm4t7-QXbPG3aylntwflH9qQJnlt-bcbpfBYyQOYS4V1RstOPrxFiJ4KFq4uMyugh3H3x3lKwi1vdrZwCDyCoCKw_FRMvh0Gw95SptMsPHReNjcxUpM7uD4oeKf4ZuXfGIbKjUuxA66ZXYF3EVaN-IAptdL4u7Ro-Z_gJIdtISLEVUKaYEovXLptYcxBrfUCh2x-V_eGLoB5seTAEYs5xckG_ozaVXhkgrPofTsJSQIxyc36ZTyT2LESwi2ksm2KR0KUUzDfNgFfxO-iQrOI5P2eInBt83oVBpSv8uEHqDve2lnrlvU-aaBdgXFcNbnu9UUWRzjeabU_vN9lJNIt5O9fh92MzIsB3ZApk70iv0HexYeVR7ebiP9XiObHa7jxiS1bhRkWUI2rL1PxhZWM8xccdr6ev4wWLT4CzPksjzU2xvsSVP49aQKqUkOWxiGTUVW7Va_gjcXLqufXGZ8X5tCweA0lZMjx3Ma3WTnAQ5Ig6Ov-wja0LrcvVJyuEuWLARgS-orUfZ69FZge&cid=CAASEuRoEwPS5UDFJw6dLqaKTfnGVA&rfl=1%2Chttps%253A%252F%252Ffilecr.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Jan 2022 02:10:49 GMT
sd
us-u.openx.net/w/1.0/ Frame 6245
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN9JnYLnbO4y24NLF1YRNVE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN9JnYLnbO4y24NLF1YRNVE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUwhN4NO_j5lGqLvHM1LONj7krveRoTN7LFs_r1PE0--OInLuN0Pj-m-KdFypWrX9x2v55b4z023YcoavinmA2oLBAvsvuDQtAuRr4MzRpvE3Ai0hY
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN9JnYLnbO4y24NLF1YRNVE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 6245 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUwhN4NO_j5lGqLvHM1LONj7krveRoTN7LFs_r1PE0--OInLuN0Pj-m-KdFypWrX9x2v55b4z023YcoavinmA2oLBAvsvuDQtAuRr4MzRpvE3Ai0hY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 6245 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNUwhN4NO_j5lGqLvHM1LONj7krveRoTN7LFs_r1PE0--OInLuN0Pj-m-KdFypWrX9x2v55b4z023YcoavinmA2oLBAvsvuDQtAuRr4MzRpvE3Ai0hY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:38 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame DEDE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhjcp_AL1GcjL-qQBwKbgXsVFvn4SafEn2MZE3oZiODFMcwujFWxi0m1HxFSWcRp0GjjUORi4fdLjHf9ia4BE8T3XoSS-5teZR15PlgoWHpVkmAtqfBg&sai=AMfl-YSOa2ACMOMRGQ-vyJ57QIWKKPDNrdjPeOTp3CVOQXtKAeSqJGNoSgHXfcr9f8kQPHDUgptfjQxmDwwY&sig=Cg0ArKJSzGyXOT7Z0YxOEAE&id=lidar2&mcvt=1023&p=0,0,280,1158&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1623974057&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640746957305&rpt=607&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/14688058458553530591/ Frame FC43 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3adfda563caf8269abcdfa2b4ea2f93e35668c95a6861115350fcd361d9e57c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2146
date
Thu, 23 Dec 2021 18:00:14 GMT
expires
Fri, 23 Dec 2022 18:00:14 GMT
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
464545
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 514F 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdsKOOoUMR9vCwbYmxhwJyiX2HPjv0DHO5OnNttUciUkfiFbFDc6CoZsDFppWkEcdGI-AyyFOB5vXHLRbGD39gUjaV7t9RQlkuoBNq7yiroyujrvXIcYb50ygrAsxAkzONO3qCeNYGGrTlVnrm3gG4tMZjOh-aoc9Rf-m9zeURCD0Vm7oU81Lx3w4KEakEylCy7X8AqiStFS1MgM_U7nWX8m1DJ_IDKl9PQPuDK1XOFxHXKUo7fKKMwo8A7JjF_48ZHe1mYWvIMy2028S8OIqHtF6vSUA9CXLCFoBQbwHYTCDN9wcTfr47xUx5tSfOMBGKq45_eNQI7yb1JPfIKps3iekm-fEnHzhu4z88WfXOMzBLW34-bBXUVwj5ODLPRGubEwN8TbWDavT3QK86bJTt5Z5lP7ulsXBSn0M5kSiDV8To-zelO1TZl1FjPJo2dQUn47QjPi4EZH9g0bxEauk-4qOG8rHH2DlKWLbccqxAkIMeuKQ7H1pG4uoJ1vcOwx5niJnzTlaHpzeFfwbuGAwIm2cp96wpZO3Sz6fAWVjAuI-s_BMfTNbRH6Bw8DnKJunGpwD7fiIu_A5HGfnqanDPqEXPJzTTp22H0Z7Q4rmm4ckzZ47_yaxFv4ovCF7loq3ipUa5clHrsgL8byqtb6PojtknUzAR4l2LoaZW1bwJm8lleTmgzLL2pfhQMxbjOkdcDqlvD_ilv6CQlMj4PG4hMnRaVCa6cWE5WLRNRy5TazUQZToVR9DLmb0H_HFK_LXujNGyb-yV-113I6Tm1Z4Y4jo8wgN6ULL-NnDFKbFig3_TN84Hq6XOwwVk71wL2jaVdlUepjKwtK2X6zF6QNFs-EXt2XaEB1tSOKRkN7kWd81S024qm1bJKBoIqFUgAlG4qW6Q55st33xtEdHmTq9p5CRntDROtcuev_UCvCKOVWXj3-98y9Q9DAdJj3rix51cVlsNWJeAHOJNXrxGEcxAKz2dLSfqdUw1yiMfcfyCIroXTTclrBJ22G5BGCGwl3KJixtkE5aKI3gMaFGO9g1dLxf5n-DcndP-iXV9ep3PvXcV3jxq1B9IbrtSyx0OESPzUvMUnPBhkW8efGYYNnWvFccDeDHfb3jklCZ3GoElTM9_MmylVH5T7OuuGGmwv-I7QWTGMCJ_P6UWW56ySDOEtoTAKCPwTbQGNeXEVyYuHub9EScMUn0-Yw&sai=AMfl-YQczbDey0Q2NBiG6bSLnh7_y8tMZtogdwiRdLHnnDwQS2LG6NgzNTJ8ebeFh6WK4UIAY9PWsYelkDGhi4l4LWYr1XLSB1VJ1AzomYvso8ujnz4sPbEBOqNXB2Qn9VgK9syRh4RqeYOKGqfdSlVeBAOc5bJ1eA&sig=Cg0ArKJSzL0_9E2fhPFQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=122&cbvp=1&cstd=119&cisv=r20211207.79143&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 29 Dec 2021 03:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/14688058458553530591/ Frame F0EE 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3adfda563caf8269abcdfa2b4ea2f93e35668c95a6861115350fcd361d9e57c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2146
date
Thu, 23 Dec 2021 18:00:14 GMT
expires
Fri, 23 Dec 2022 18:00:14 GMT
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
464545
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame FE07 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9RwF9EktmJvGGteKITIt_AWGpTvaYCUJNFB4AFi_bCdHzNyoKOlHD_MOKZnO8u-WKeFjoh_9ZtL9Rwr-jHJGZnSM_LmphFXKQsgCQE0F2oPnvDnLzygUpNdHPXs5gHc0wtBFiufcbTFy3i34gtLW2fPQZa_FRuBgt0ccH7tSgBmvfCmNEoU73fEKcdkV7EKs7Ic8PXkXEovJBgL9pqwcqo8Q6io1hh8efUelaKRq2yzsPRpzF6jhyU7DIa5yutg03VZ84bidqeqmtTc2kpDKCafD8K10X9LfOQ20KIYoj2yOlV7YJQDcTsRTBRN1jPkwFbIVcTL2lCRQN-4QWUNLgSpNzJGSqG1METeZa6OCf2fxBjDjAflammMpmlLmVZi6Vu1Ljm0ZYtiox7kCPbY_EJPCs_8jDc681x8u10OG4BxATgYp0z9mQgO6UZM2GnCP5a2wR1h8HnKVfiNgcaV43zg0CDn7EH23OxYBa8i2AE2j_w4LhvMMPl1v9s_PZur0JFLp4ev9jocCHscRCKBwbEKjk2ocFYMWSuOAihAvCi0YKkjpmedgCKlJmkoItUYjjM4MUBJUsdiqUkRD4s5rXJ1eXI5vPgsInAKQEptRuwgOK2ujkI_1hYNOrYCiG5VqQ6ukLLXlHKK78mi4LW6UzdxprLbk0Lq6s5BSV-Uwd5rrddyy0i-vmLDKDewRKkXW8Cn5BqdyXxwGwkOLmSkHeNN7T9sfMmuHb1lznhib3dtGzcSUtIyewXF94ttpXAMY6cZw33XtnHxdpUPvPH3SvVsp0b-JNMoF7vEC3mL7dbJEygMrhcqRi7hyLVtqb9qKHRIJ1JqGESwMc3fF0mukNTBBKyN50F_PBnCkdmJ20XVnawvNXecgd9BHHHhrY8iZwQnU3ralyZ9Tf8V72DMPd-_OmuSFQm6NHc3QK2lU9hFqsJTaz2NSrXNldrdBfslaI-bS_IYljXtayzVDdh6uYzYDLfkGDr2ldDzNvGWQBhK6FB1L124mxb3v9WZGJKSrJ8584K7A9Q4Zh0t-9Lj7wuuMe9YbRX0_ML01kDM2lWFgkPhw-qJ99jrz00XVAJZd7GGpx_1kE_N8WIVF98QEojszS3LmdcuO2RDr0Z3e5pP92Pp9BvX1cL01n0URA04L9PPnCEtns-Ln3cmrtlVLQpdpc7xt2eqBnQfpO_kCEsWFHUt35jHfhyg&sai=AMfl-YR_yXGNc-inz1TRF_g6UH8Cjz3pTUvAGsfZ3YR_fD1bTvDH2MlT51Pf-0V0bUkiwzlGMjL0K4duU2_9w7NtmswMjxREzhv2pnPWDoZTy00pUudpVVJ923O5nrv_z-7tKCVFv07qVjY-noiC0YOzuo7TFo7XNQ&sig=Cg0ArKJSzF-XX92V7wl6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=117&cbvp=1&cstd=116&cisv=r20211207.21575&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 29 Dec 2021 03:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 514F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 14:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Dec 2022 14:56:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 15AE 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 28 Dec 2021 05:53:44 GMT
expires
Wed, 29 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
76135
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 514F 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d62ad2bf23457cce43360d37b6e14d12a003ad18628b0f2be1615753094cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FE07 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 14:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Dec 2022 14:56:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BE53 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 28 Dec 2021 05:53:44 GMT
expires
Wed, 29 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
76135
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FE07 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96636a86ef33b2addb28845a0de84cb1a954fac692ceceae47b18be3807dc955

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame 3934
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=filecr.com&sn=ChromeSyncframe&so=0&topUrl=filecr.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=QGUnJXxHWm5tNzBnMmdnbnNEN0FyeWwvakQrQnI2NGxaSUZoVkdkYmx5T3pVa0ZHMmF4bTBmRGlMR0kzb0ZoVllhbzhNZFBGOTNEd1VYQ3ZaZktZbzhwRnBGMUtLdGc2MEd1b1Q4VmlRQTR4K0JaZlBpdDEwcG9PbXUyOG...
419 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QGUnJXxHWm5tNzBnMmdnbnNEN0FyeWwvakQrQnI2NGxaSUZoVkdkYmx5T3pVa0ZHMmF4bTBmRGlMR0kzb0ZoVllhbzhNZFBGOTNEd1VYQ3ZaZktZbzhwRnBGMUtLdGc2MEd1b1Q4VmlRQTR4K0JaZlBpdDEwcG9PbXUyOGZBS1R0WVJodS9HMFBsc0MyRTcxc0FDa1FDZG5vQ1JFbUFwcW4rWFBHYXpIOXR0T1U4RnJSdEtveVYvRk5XNm1wY05kTWRBclJkd3dqV2dObkxsb3RYOFFNNFV1MFhDbmREV3hjSzczYWpsT284MHZmckZMZHVnQ3duR09NbFl0dVV6RkhGS2I5SWYzMzhkQWNzSm1UVTZwYkJSb0Fkdz09fA&cppv=2
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=filecr.com
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
69a736c89783c7b121b99b49692d5c7875cf00c545b101d311ba38c94385470d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5303
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:38 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=QGUnJXxHWm5tNzBnMmdnbnNEN0FyeWwvakQrQnI2NGxaSUZoVkdkYmx5T3pVa0ZHMmF4bTBmRGlMR0kzb0ZoVllhbzhNZFBGOTNEd1VYQ3ZaZktZbzhwRnBGMUtLdGc2MEd1b1Q4VmlRQTR4K0JaZlBpdDEwcG9PbXUyOGZBS1R0WVJodS9HMFBsc0MyRTcxc0FDa1FDZG5vQ1JFbUFwcW4rWFBHYXpIOXR0T1U4RnJSdEtveVYvRk5XNm1wY05kTWRBclJkd3dqV2dObkxsb3RYOFFNNFV1MFhDbmREV3hjSzczYWpsT284MHZmckZMZHVnQ3duR09NbFl0dVV6RkhGS2I5SWYzMzhkQWNzSm1UVTZwYkJSb0Fkdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1776
content-length
541
expires
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FC43 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Dec 2021 03:02:39 GMT
index.js
s0.2mdn.net/sadbundle/14688058458553530591/ Frame FC43 		353 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a45970eb74a040768676a86704e55b79ea3c4efbe8fc40e9ec2bc88ab176272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88635
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F0EE 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Dec 2021 03:02:39 GMT
index.js
s0.2mdn.net/sadbundle/14688058458553530591/ Frame F0EE 		353 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a45970eb74a040768676a86704e55b79ea3c4efbe8fc40e9ec2bc88ab176272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88635
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5421 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 28 Dec 2021 14:56:46 GMT
expires
Wed, 28 Dec 2022 14:56:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
43553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 46CC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 28 Dec 2021 14:56:46 GMT
expires
Wed, 28 Dec 2022 14:56:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
43553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gg_pixel
sync.adaptv.advertising.com/ Frame 15AE 		0
0
pixel
cm.g.doubleclick.net/ Frame 15AE
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uZXKfI1IT9iCXjSBvn24bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uZXKfI1IT9iCXjSBvn24bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOoFUCvgMFI-QboJO3YtzdT694Q83bhsdU9-HXIVR0-_-ne1Y1NJmT8n8zijpDDwJkdfESsEDXm_sNU3inkP_wagkWB8j2
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uZXKfI1IT9iCXjSBvn24bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOoFUCvgMFI-QboJO3YtzdT694Q83bhsdU9-HXIVR0-_-ne1Y1NJmT8n8zijpDDwJkdfESsEDXm_sNU3inkP_wagkWB8j2
date
Wed, 29 Dec 2021 03:02:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 15AE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJwwolVGh3swjKP6ltB-ivc&google_cver=1&google_push=AYg5qPLdcWBsFzjIL7cVpRBqrnGtdd_XLJ1lts0JF0xlLgMbBVc8iEXQPYyEMvaNqw162vqNLLb...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF&google_push=AYg5qPLdcWBsFzjIL7cVpRBqrnGtdd_XLJ1lts0JF0xlLgMbBVc8iEXQPYyEMvaNqw162vqNLLbIjRquHzcBbcvi7_f26f2ZNmP4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF&google_push=AYg5qPLdcWBsFzjIL7cVpRBqrnGtdd_XLJ1lts0JF0xlLgMbBVc8iEXQPYyEMvaNqw162vqNLLbIjRquHzcBbcvi7_f26f2ZNmP4
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF&google_push=AYg5qPLdcWBsFzjIL7cVpRBqrnGtdd_XLJ1lts0JF0xlLgMbBVc8iEXQPYyEMvaNqw162vqNLLbIjRquHzcBbcvi7_f26f2ZNmP4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 15AE
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESED-JT1FBo_Lz1WciDi7jWSU&google_cver=1&google_push=AYg5qPK9Wj0ooRNFURN6mjy8mWfumdUOiRybJlGYBKziG45FQ7ck63L9qlYLYzgQGKKaCTzXTPPWt170F6Ungv-BdqRvTpcJW0dZ
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjgzNzQ4NTU5OTg2MDIyMjAwMFYxMA%3d%3d&mn_hm=MjgzNzQ4NTU5OTg2MDIyMjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK9Wj0ooRNFURN6mjy8mWfumdU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjgzNzQ4NTU5OTg2MDIyMjAwMFYxMA%3d%3d&mn_hm=MjgzNzQ4NTU5OTg2MDIyMjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK9Wj0ooRNFURN6mjy8mWfumdUOiRybJlGYBKziG45FQ7ck63L9qlYLYzgQGKKaCTzXTPPWt170F6Ungv-BdqRvTpcJW0dZ&gdpr=&gdpr_consent=
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjgzNzQ4NTU5OTg2MDIyMjAwMFYxMA%3d%3d&mn_hm=MjgzNzQ4NTU5OTg2MDIyMjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK9Wj0ooRNFURN6mjy8mWfumdUOiRybJlGYBKziG45FQ7ck63L9qlYLYzgQGKKaCTzXTPPWt170F6Ungv-BdqRvTpcJW0dZ&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Wed, 29 Dec 2021 03:02:39 GMT
sync
ssbsync.smartadserver.com/api/ Frame 15AE 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEaOdxB4sPhuDTonknJWFvc&google_cver=1&google_push=AYg5qPKQToPYMmklF4t8triLu5ut6aLbxoD4FlMQRI3OKudwpkDr279JwTaFkCj-H4Yg9vgHRLgudSeoRQZ1uJi3tjHJFEQQ4YhY
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:39 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 15AE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJrSMRHPeDuq_mN6CVSk-nM&google_cver=1&google_push=AYg5qPIXn7DFAoGUvBX4KXcvTW5ofYOAIqIaXkbe_j_jMvUZXy4ovin5p5TtQcPxrrnvWjSkni...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS04a2Q0X09GRTJ1SFhUdW9Kb3k1bXguc1dCd3BuSTRSeX5B&google_push=AYg5qPIXn7DFAoGUvBX4KXcvTW5ofYOAIqIaXkbe_j_jMvUZXy4ovin5p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS04a2Q0X09GRTJ1SFhUdW9Kb3k1bXguc1dCd3BuSTRSeX5B&google_push=AYg5qPIXn7DFAoGUvBX4KXcvTW5ofYOAIqIaXkbe_j_jMvUZXy4ovin5p5TtQcPxrrnvWjSknidzXGrBjuB8e0Qi_rTrdZz285bq
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS04a2Q0X09GRTJ1SFhUdW9Kb3k1bXguc1dCd3BuSTRSeX5B&google_push=AYg5qPIXn7DFAoGUvBX4KXcvTW5ofYOAIqIaXkbe_j_jMvUZXy4ovin5p5TtQcPxrrnvWjSknidzXGrBjuB8e0Qi_rTrdZz285bq
date
Wed, 29 Dec 2021 03:02:39 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 15AE
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECmF36NjMKpmGuWce8Zy1C4&google_cver=1&google_push=AYg5qPIkgikdFTJfEMtdeU77Ata6ca3SRZdfeJvosVLz7Nrk7FzLXRz6WenDnPjm8n1r3P9LjMfxTPJ1DHsNXR79k...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmI2ZDJhZWUtNzA5ZC00NjEwLWE5MmYtYTdkNzA1Zjk0NDkz&google_push=AYg5qPIkgikdFTJfEMtdeU77Ata6ca3SRZdfeJvosVLz7Nrk7FzLXRz6WenDnPjm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmI2ZDJhZWUtNzA5ZC00NjEwLWE5MmYtYTdkNzA1Zjk0NDkz&google_push=AYg5qPIkgikdFTJfEMtdeU77Ata6ca3SRZdfeJvosVLz7Nrk7FzLXRz6WenDnPjm8n1r3P9LjMfxTPJ1DHsNXR79kgz_w68tuE0vKw
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MmI2ZDJhZWUtNzA5ZC00NjEwLWE5MmYtYTdkNzA1Zjk0NDkz&google_push=AYg5qPIkgikdFTJfEMtdeU77Ata6ca3SRZdfeJvosVLz7Nrk7FzLXRz6WenDnPjm8n1r3P9LjMfxTPJ1DHsNXR79kgz_w68tuE0vKw
date
Wed, 29 Dec 2021 03:02:39 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 15AE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IfHh__pCQ9lW1i1BOJpNAGV6zyUXHcGm5wAGW1qY7wKel-YxsM-po03TNUly5A1aqNzTIBFSE
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame BE53
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDwpQT9BtCF2jRR42dk7KVI&google_cver=1&google_push=AYg5qPJO0xjnAPP-KjiB1OIv4U6BRH65fyef-0quHhVmrZ4SnlXDNMGw_bSkbPw_xT11RMZEJLGeAQ5Bi225s-OpPxh6zDF...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJO0xjnAPP-KjiB1OIv4U6BRH65fyef-0quHhVmrZ4SnlXDNMGw_bSkbPw_xT11RMZEJLGeAQ5Bi225s-OpPxh6zDFGDlq9&google_hm=NTA5NzQ3MDU0MzA2NDk2Nz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJO0xjnAPP-KjiB1OIv4U6BRH65fyef-0quHhVmrZ4SnlXDNMGw_bSkbPw_xT11RMZEJLGeAQ5Bi225s-OpPxh6zDFGDlq9&google_hm=NTA5NzQ3MDU0MzA2NDk2NzczMQ%3D%3D
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 29 Dec 2021 03:02:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJO0xjnAPP-KjiB1OIv4U6BRH65fyef-0quHhVmrZ4SnlXDNMGw_bSkbPw_xT11RMZEJLGeAQ5Bi225s-OpPxh6zDFGDlq9&google_hm=NTA5NzQ3MDU0MzA2NDk2NzczMQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dds
rtb.openx.net/sync/ Frame BE53 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEN5nppqL84kdoJP_DPVUiMk&google_cver=1&google_push=AYg5qPJhE-YMZwpA5oljpAZoy-DBI8CjrI8o5NuVY9wjED2WDI0RrscNiIRkDdWX-dzdUAU0eNJW8OKxTEt4n_7azcrMdOfwrB7F
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
hd0ahpo69ueg5ob08bdnmp8thbtr44h1
pixel
cm.g.doubleclick.net/ Frame BE53
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJwwolVGh3swjKP6ltB-ivc&google_cver=1&google_push=AYg5qPKycSpPB5dUMNIgHQ42CVjRWg7ILhZfuuo--Buty373E9k86uTUx48yce1L3r3zlu-6TW6...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF&google_push=AYg5qPKycSpPB5dUMNIgHQ42CVjRWg7ILhZfuuo--Buty373E9k86uTUx48yce1L3r3zlu-6TW6ktf3uiaIZsmfQcI7xdZBVz80V
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF&google_push=AYg5qPKycSpPB5dUMNIgHQ42CVjRWg7ILhZfuuo--Buty373E9k86uTUx48yce1L3r3zlu-6TW6ktf3uiaIZsmfQcI7xdZBVz80V
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF&google_push=AYg5qPKycSpPB5dUMNIgHQ42CVjRWg7ILhZfuuo--Buty373E9k86uTUx48yce1L3r3zlu-6TW6ktf3uiaIZsmfQcI7xdZBVz80V
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame BE53
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV...
0
0
pixel
cm.g.doubleclick.net/ Frame BE53
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEOkSMzpGKuaNO35lTq6C9wo&google_cver=1&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
0
0
pixel
cm.g.doubleclick.net/ Frame BE53
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJrSMRHPeDuq_mN6CVSk-nM&google_cver=1&google_push=AYg5qPJNYPrvwYIKrPckZTGvCpVsZZrA6fqHL3Djl-cwInFhOWE4NvgjXI4alUAsT1mVBnbGQV...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS04a2Q0X09GRTJ1SFhUdW9Kb3k1bXguc1dCd3BuSTRSeX5B&google_push=AYg5qPJNYPrvwYIKrPckZTGvCpVsZZrA6fqHL3Djl-cwInFhOWE4NvgjX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS04a2Q0X09GRTJ1SFhUdW9Kb3k1bXguc1dCd3BuSTRSeX5B&google_push=AYg5qPJNYPrvwYIKrPckZTGvCpVsZZrA6fqHL3Djl-cwInFhOWE4NvgjXI4alUAsT1mVBnbGQVgUbvLC4_fm8vEKb4IWs15eBjdmhg
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS04a2Q0X09GRTJ1SFhUdW9Kb3k1bXguc1dCd3BuSTRSeX5B&google_push=AYg5qPJNYPrvwYIKrPckZTGvCpVsZZrA6fqHL3Djl-cwInFhOWE4NvgjXI4alUAsT1mVBnbGQVgUbvLC4_fm8vEKb4IWs15eBjdmhg
date
Wed, 29 Dec 2021 03:02:39 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame BE53
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECmF36NjMKpmGuWce8Zy1C4&google_cver=1&google_push=AYg5qPLD7pwEJXfEU02BhYry5rQv9Z0CFT0LDbp5ZBYW4FaG9G1gsSAGePlG8xFdaFPk7-lPPcMzaPbIEFI_RA1Rr...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Yzg4YjM4ZGUtMzE4Mi00NjY0LWI2MWMtMzEzNzEwMDliNzZm&google_push=AYg5qPLD7pwEJXfEU02BhYry5rQv9Z0CFT0LDbp5ZBYW4FaG9G1gsSAGePlG8xFd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Yzg4YjM4ZGUtMzE4Mi00NjY0LWI2MWMtMzEzNzEwMDliNzZm&google_push=AYg5qPLD7pwEJXfEU02BhYry5rQv9Z0CFT0LDbp5ZBYW4FaG9G1gsSAGePlG8xFdaFPk7-lPPcMzaPbIEFI_RA1RrxpBHCchv3aa2Q
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Yzg4YjM4ZGUtMzE4Mi00NjY0LWI2MWMtMzEzNzEwMDliNzZm&google_push=AYg5qPLD7pwEJXfEU02BhYry5rQv9Z0CFT0LDbp5ZBYW4FaG9G1gsSAGePlG8xFdaFPk7-lPPcMzaPbIEFI_RA1RrxpBHCchv3aa2Q
date
Wed, 29 Dec 2021 03:02:39 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame BE53 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ick5-V8nIW--bVsJZjpuLkB90CB0PCugGxEPjLYL-8Ab-8cyNKyBC9O5Z5C6ZLn74HKCqeOhs
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
back_728.jpg
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/back_728.jpg?1639492286394
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce63599b0115e8324f6d6dc9dec70b1d3de8a698bab284117f36aade0b1debd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2327
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 514F 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdsKOOoUMR9vCwbYmxhwJyiX2HPjv0DHO5OnNttUciUkfiFbFDc6CoZsDFppWkEcdGI-AyyFOB5vXHLRbGD39gUjaV7t9RQlkuoBNq7yiroyujrvXIcYb50ygrAsxAkzONO3qCeNYGGrTlVnrm3gG4tMZjOh-aoc9Rf-m9zeURCD0Vm7oU81Lx3w4KEakEylCy7X8AqiStFS1MgM_U7nWX8m1DJ_IDKl9PQPuDK1XOFxHXKUo7fKKMwo8A7JjF_48ZHe1mYWvIMy2028S8OIqHtF6vSUA9CXLCFoBQbwHYTCDN9wcTfr47xUx5tSfOMBGKq45_eNQI7yb1JPfIKps3iekm-fEnHzhu4z88WfXOMzBLW34-bBXUVwj5ODLPRGubEwN8TbWDavT3QK86bJTt5Z5lP7ulsXBSn0M5kSiDV8To-zelO1TZl1FjPJo2dQUn47QjPi4EZH9g0bxEauk-4qOG8rHH2DlKWLbccqxAkIMeuKQ7H1pG4uoJ1vcOwx5niJnzTlaHpzeFfwbuGAwIm2cp96wpZO3Sz6fAWVjAuI-s_BMfTNbRH6Bw8DnKJunGpwD7fiIu_A5HGfnqanDPqEXPJzTTp22H0Z7Q4rmm4ckzZ47_yaxFv4ovCF7loq3ipUa5clHrsgL8byqtb6PojtknUzAR4l2LoaZW1bwJm8lleTmgzLL2pfhQMxbjOkdcDqlvD_ilv6CQlMj4PG4hMnRaVCa6cWE5WLRNRy5TazUQZToVR9DLmb0H_HFK_LXujNGyb-yV-113I6Tm1Z4Y4jo8wgN6ULL-NnDFKbFig3_TN84Hq6XOwwVk71wL2jaVdlUepjKwtK2X6zF6QNFs-EXt2XaEB1tSOKRkN7kWd81S024qm1bJKBoIqFUgAlG4qW6Q55st33xtEdHmTq9p5CRntDROtcuev_UCvCKOVWXj3-98y9Q9DAdJj3rix51cVlsNWJeAHOJNXrxGEcxAKz2dLSfqdUw1yiMfcfyCIroXTTclrBJ22G5BGCGwl3KJixtkE5aKI3gMaFGO9g1dLxf5n-DcndP-iXV9ep3PvXcV3jxq1B9IbrtSyx0OESPzUvMUnPBhkW8efGYYNnWvFccDeDHfb3jklCZ3GoElTM9_MmylVH5T7OuuGGmwv-I7QWTGMCJ_P6UWW56ySDOEtoTAKCPwTbQGNeXEVyYuHub9EScMUn0-Yw&sai=AMfl-YQczbDey0Q2NBiG6bSLnh7_y8tMZtogdwiRdLHnnDwQS2LG6NgzNTJ8ebeFh6WK4UIAY9PWsYelkDGhi4l4LWYr1XLSB1VJ1AzomYvso8ujnz4sPbEBOqNXB2Qn9VgK9syRh4RqeYOKGqfdSlVeBAOc5bJ1eA&sig=Cg0ArKJSzL0_9E2fhPFQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=262&vt=11&dtpt=140&dett=3&cstd=119&cisv=r20211207.79143&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 29 Dec 2021 03:02:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
back_728.jpg
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/back_728.jpg?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce63599b0115e8324f6d6dc9dec70b1d3de8a698bab284117f36aade0b1debd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2327
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FE07 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9RwF9EktmJvGGteKITIt_AWGpTvaYCUJNFB4AFi_bCdHzNyoKOlHD_MOKZnO8u-WKeFjoh_9ZtL9Rwr-jHJGZnSM_LmphFXKQsgCQE0F2oPnvDnLzygUpNdHPXs5gHc0wtBFiufcbTFy3i34gtLW2fPQZa_FRuBgt0ccH7tSgBmvfCmNEoU73fEKcdkV7EKs7Ic8PXkXEovJBgL9pqwcqo8Q6io1hh8efUelaKRq2yzsPRpzF6jhyU7DIa5yutg03VZ84bidqeqmtTc2kpDKCafD8K10X9LfOQ20KIYoj2yOlV7YJQDcTsRTBRN1jPkwFbIVcTL2lCRQN-4QWUNLgSpNzJGSqG1METeZa6OCf2fxBjDjAflammMpmlLmVZi6Vu1Ljm0ZYtiox7kCPbY_EJPCs_8jDc681x8u10OG4BxATgYp0z9mQgO6UZM2GnCP5a2wR1h8HnKVfiNgcaV43zg0CDn7EH23OxYBa8i2AE2j_w4LhvMMPl1v9s_PZur0JFLp4ev9jocCHscRCKBwbEKjk2ocFYMWSuOAihAvCi0YKkjpmedgCKlJmkoItUYjjM4MUBJUsdiqUkRD4s5rXJ1eXI5vPgsInAKQEptRuwgOK2ujkI_1hYNOrYCiG5VqQ6ukLLXlHKK78mi4LW6UzdxprLbk0Lq6s5BSV-Uwd5rrddyy0i-vmLDKDewRKkXW8Cn5BqdyXxwGwkOLmSkHeNN7T9sfMmuHb1lznhib3dtGzcSUtIyewXF94ttpXAMY6cZw33XtnHxdpUPvPH3SvVsp0b-JNMoF7vEC3mL7dbJEygMrhcqRi7hyLVtqb9qKHRIJ1JqGESwMc3fF0mukNTBBKyN50F_PBnCkdmJ20XVnawvNXecgd9BHHHhrY8iZwQnU3ralyZ9Tf8V72DMPd-_OmuSFQm6NHc3QK2lU9hFqsJTaz2NSrXNldrdBfslaI-bS_IYljXtayzVDdh6uYzYDLfkGDr2ldDzNvGWQBhK6FB1L124mxb3v9WZGJKSrJ8584K7A9Q4Zh0t-9Lj7wuuMe9YbRX0_ML01kDM2lWFgkPhw-qJ99jrz00XVAJZd7GGpx_1kE_N8WIVF98QEojszS3LmdcuO2RDr0Z3e5pP92Pp9BvX1cL01n0URA04L9PPnCEtns-Ln3cmrtlVLQpdpc7xt2eqBnQfpO_kCEsWFHUt35jHfhyg&sai=AMfl-YR_yXGNc-inz1TRF_g6UH8Cjz3pTUvAGsfZ3YR_fD1bTvDH2MlT51Pf-0V0bUkiwzlGMjL0K4duU2_9w7NtmswMjxREzhv2pnPWDoZTy00pUudpVVJ923O5nrv_z-7tKCVFv07qVjY-noiC0YOzuo7TFo7XNQ&sig=Cg0ArKJSzF-XX92V7wl6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=264&vt=11&dtpt=147&dett=3&cstd=116&cisv=r20211207.21575&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 29 Dec 2021 03:02:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
boost_fx_back.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/boost_fx_back.png?1639492286394
Requested by
Host: 0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
URL: https://0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3988a5ace544c389b7f01ee68dded5ef0c28b08f14d622aca08da1df9f876d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6311
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
boost_fx_back.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/boost_fx_back.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3988a5ace544c389b7f01ee68dded5ef0c28b08f14d622aca08da1df9f876d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6311
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 5421 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 07:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
69804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Dec 2022 07:39:15 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 46CC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 07:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
69804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Dec 2022 07:39:15 GMT
boost_fx_front.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/boost_fx_front.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a37f38de0c5a8a258367fe5c99672629ef0b6475e172e94972e11b296c59aa28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5265
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
boost_fx_front.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/boost_fx_front.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a37f38de0c5a8a258367fe5c99672629ef0b6475e172e94972e11b296c59aa28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5265
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
boost_tauren.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/boost_tauren.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232c119ef7536bf0ffa8d987539dc33fb63a80c2121249d6231a543c3315b8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4443
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
boost_tauren.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/boost_tauren.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232c119ef7536bf0ffa8d987539dc33fb63a80c2121249d6231a543c3315b8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4443
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
coin2.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/coin2.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c80fbc0bd29928126e35c65b182e5d72f3d8eb626ccd0779782ee4add38a01c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6817
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
coin2.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/coin2.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c80fbc0bd29928126e35c65b182e5d72f3d8eb626ccd0779782ee4add38a01c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6817
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
deDE_BUTTON.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/deDE_BUTTON.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9a45dc508beae2b71cc348cb32b4a65950db4fcc2b12e6629f8a3e0d2600dad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2331
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
deDE_BUTTON.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/deDE_BUTTON.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9a45dc508beae2b71cc348cb32b4a65950db4fcc2b12e6629f8a3e0d2600dad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2331
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
gate2_970x250.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/gate2_970x250.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e93eef9c7695bfd0ed8d07107dc973bbd0e82710dc0de0ffb4f0fae868e84f07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17727
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
gate2_970x250.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/gate2_970x250.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e93eef9c7695bfd0ed8d07107dc973bbd0e82710dc0de0ffb4f0fae868e84f07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17727
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
illidanspath.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/illidanspath.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
461bf6010d38c8b7226b73182e7aa4b490cae4a193674a9c0c91838746dee863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5017
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
illidanspath.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/illidanspath.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
461bf6010d38c8b7226b73182e7aa4b490cae4a193674a9c0c91838746dee863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5017
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
illidanspath_trail.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/illidanspath_trail.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4266f0f2dac5a75d4783f6cc002e2ffebe1e91c37cc771138a24ff7522034108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4498
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
illidanspath_trail.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/illidanspath_trail.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4266f0f2dac5a75d4783f6cc002e2ffebe1e91c37cc771138a24ff7522034108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4498
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
LOGO_v2.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/LOGO_v2.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1ba6432aa3f21e613c61c873ad4cc9167bc74f2ab29a5cf4b94ea981794978f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10677
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
LOGO_v2.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/LOGO_v2.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1ba6432aa3f21e613c61c873ad4cc9167bc74f2ab29a5cf4b94ea981794978f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10677
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
MODERN.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/MODERN.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c4b6f136650f05a959e2fdd9a633160ef27cb06eac003727573ca4f2309cd6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18916
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5421 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBoCRzs_LYZfeLM2Q3gOu8o-4CgAAAAA4AeAEAg&bg=!yMuly4_NAAZKWFskSlg7ACkAdvg8Wn6PkLKEgJC6ltNSVUv8fwRcjRa9ZPYfjLjzYVsrwe21tJD1uwIAAABuUgAAABdoAQeZAwx4qokaHR3Z0bsiUFexZr3P8CY3d2P1eSYAc145AKyJMmvSW5_1sTatPm6p-tZlvdV5cDZp0m8Jp4uAv27gIPWs-by6s_Cw4LoM2ndX7wdRLk5fjR3Z_MlgO4doHzD3g0ZVffFLLr5qh56QIQqIADpFuGceS0J41qQGfdWcFi-IoJVlhCpXEo4V_bvrx9LUaz-BSRyV57-br-AGNE_hn-ry9cCnq-ppbS9xS1Cu8gQRe_rhDlO6otouRPBKJFgr4vg7Pv621fdJsU4-6X-r6yKcw-GjcpYY4yLBCZdnF-0Iy_KioIO6WtKkl797I4y9kcsXYIUtjfMKn6TDDjYn4HotZAtfOb6UX2YP4VID8SgLPd6pb3jqmiIuHMQlIN87z3aL8LmO7zY2jKowrzawPzwaMGVCK-DxtRokRinNAS2Sl3UkuoSu2Zte3gd9alkY7thhj71cGO1r8kREIlKJwehL80zPbL2p9EbrrFu-gtTIdmJmiOHpbiWZfCaUVx_76pjYdYnuXIc8I1xb0VNFIsP2NuyNf_99SF_8Se0KriEwsCYZh1ZvmI34g3r1Oc5fX8dDjd3Pdo-6hezJThkPQssE3YGYRBC7MHMM7k1vu3Wm9zKa0lcEV4EFbgway27wi_SRXRvde0SszqnKOnQxjKUsv9_6Bg4Tjc5pxp2LYCRLkSC7Nv3aFPjIktA1M6iLmxZZ8qIh4kTEuT2a5IOhI1Xb9vDeGo5JUqwsUem5wm6NVFXW4GWrpC2NFqA0B1du9JPqT_KDvwyCqb3WLSxqxph0LQFi4m-B02Lgb-l3lL4n_i8KUcoJ4DiKv9Eitd5fKOGTOZuaeKIYhoxPzWuWZtip9BPgCvC5issWKLZOkglYCl__qwqGDSxtFTvpdyMhGJokG7tAD-qZlxxKntO6_tQ-X5kzevh8KC0luQpfGuOwVQep1uHEa0iQbyoguCN1lZGJwrhdlSho7By8D-Yiv0yrTEsaPaKDsbuAryPQ1o9nZxih86OV49nZVkAUEFmvEHaW4eGdpiszwRkE8bk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MODERN.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/MODERN.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c4b6f136650f05a959e2fdd9a633160ef27cb06eac003727573ca4f2309cd6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18916
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
USK_RATING.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/USK_RATING.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c2ad65c1695343ba8108ac9ad46ad52fb45cf848feac2a9a359496bd447e2a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1523
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
USK_RATING.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/USK_RATING.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c2ad65c1695343ba8108ac9ad46ad52fb45cf848feac2a9a359496bd447e2a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:14 GMT
x-content-type-options
nosniff
age
464545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1523
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:14 GMT
WARPSTALKER.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame FC43 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/WARPSTALKER.png?1639492286394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06b91d3ae0d243eb38fb7cbfb037a44510bafbe170e4aed079c70a7a5b5969a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:15 GMT
x-content-type-options
nosniff
age
464544
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19791
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 46CC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLjqazs_LYd3nLpSagQeosbv4DQAAAAA4AeAEAg&bg=!7e6l7qrNAAZKWFskSlg7ACkAdvg8WuKbd_Ca8pSmSGHDeTuAM3HQywup_Ea4Go2crX-2PJjwA-8c7QIAAAB9UgAAAAtoAQcKADHlmvPrrEye8b8LUho5jNkS5CQ7LcdzOyjUQ_SFoR3CwWaNKUkhCmPWz0Cf_K2lZhggmQMDedQDg5Uz5U3CjtA3c4-A9tuSlYi9PBoRWKQRmMnOU6FV4m3rtmnaSr8bFZBxLbW20dhcJpeDeYKnOjH6z61qXyq-CWyBpGQfxeTFKN0DnV68-uDZu5lt3PgNYN7zqII6Kzd9k_D9oS7_cH6xZlTVqSYUKGEXpT6AbhY2lR6CWfxGHni0qkHXVuA3Yj2rqCq0nsdCqaQ5A-bH8aueSm9smKQqaSnJlS-Fsk_6f7EXQ6qa4jxYN8bob-DOB_Aj0ogGOvojQFkx56yFCuiKxXinYseFIHPh34_ErM1w0GxDu-iqQfMUgNq5SqQx9jfjzV4a04U937qTVMTc48YWBZYiGSqmGssHiQq3y2pBXVCouHoEoGY2JUXPXB5H7kjcWT4aqN73R7s_jPHMmG8hcZLqorHOSJ7GCBzLIMdtEctHM22q9kZtO6exvPYvUi9XyDsaT2wiR_ixcFeQ5_XQdBaFpMXVxNADazrH2_J_BAW-X2eYaB5VVOKvj3AX8D7P28E1GpEo43D6Wh277tSf5ohu_eD7AWpHqOOEUqqjE9_GN5OKt68V9GCf5nJFg60ppdl_WLybN4k--dNu6GdEiq713Cvbg3x5H2v91SHa2Kp-FrERsBGOla-1yJh_7UpJ2amis4ze_ie3_adtsw1y9TGrCJC7anUqDsYcTrekml0gs4tzWOoIYaZKIEJWSKtE6hO2W_7wNtGlbqTz397lnQtPfeGM2QQGRBzHScFcplVse3M4QELORVc7mq2EBNKknkK37QrdnbyF12xuDAeAHjL8CUZKPC-tLzPVXBvz6lpbjmyLibqt-K08sSFSMFtZuEMePavwcFv8h1VztGFFss4OlzS_nFHHMSjYrTJrpBt10KugVCvp19KQgjSJDeiHi2a9HtisTuAPlcivhk9ug4HdlGAD90KBN8KZ9zlnAVl8kYjKqijzYZRcrley77JMbn20Rr9u54BzuPSehvqXC5ZbLjTO8mDDo2nkZATP91cMB75JYcHrliK8WK4K1fwsS8j7VAAN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
WARPSTALKER.png
s0.2mdn.net/sadbundle/14688058458553530591/images/ Frame F0EE 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14688058458553530591/images/WARPSTALKER.png?1639492286394
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06b91d3ae0d243eb38fb7cbfb037a44510bafbe170e4aed079c70a7a5b5969a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14688058458553530591/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 18:00:15 GMT
x-content-type-options
nosniff
age
464544
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19791
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 12:27:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 18:00:15 GMT
bids.gif
c.4dex.io/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=bsa-zone_1627508894724-7_123456&evt=auct_2000&ts=1640746959920&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&amts=ban&asizes=728x90%7C970x90%7C970x250&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&auct_start=1640746957726&auct_end=1640746958137&v=1&js_late=1&js_ts=1640746957917&navs_ts=1640746956442&partid=206203&bidders=adagio%2Cnobid%2Cappnexus%2Conemobile%2Csharethrough%2Cadyoulike%2Ctriplelift%2Cmantis%2Ccriteo%2Crubicon%2Conetag&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=188%2C319%2C185%2C183%2C181%2C180%2C179%2C312%2C178%2C395%2C174&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_Leaderboard_ROS_ATF&site=FileCR&subcat=&os=windows&brwsr=chrome&u_ts=1640746957&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=bsa-zone_1627508935810-9_123456&evt=auct_2000&ts=1640746959920&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&amts=ban&asizes=300x250%7C300x600%7C160x600&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&auct_start=1640746957726&auct_end=1640746958137&v=1&js_late=1&js_ts=1640746957917&navs_ts=1640746956442&partid=206203&bidders=adagio%2Cnobid%2Cappnexus%2Conemobile%2Csharethrough%2Cadyoulike%2Ctriplelift%2Cmantis%2Ccriteo%2Crubicon%2Conetag&cpm=%2C%2C%2C0.2496%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C1%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2CUSD%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C134%2C%2C%2C%2C%2C%2C%2C&bttr=188%2C319%2C185%2C183%2C181%2C180%2C179%2C312%2C178%2C395%2C174&sts=%2C%2C%2CBid%20available%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C160%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C600%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&crea_id=%2C%2C%2C409_26915%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2Cban%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_Sidebar_Right_ROS_Pos1&site=FileCR&subcat=&os=windows&brwsr=chrome&u_ts=1640746957&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=bsa-zone_1629214863639-0_123456&evt=auct_2000&ts=1640746959920&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&amts=ban&asizes=728x90&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&auct_start=1640746957726&auct_end=1640746958137&v=1&js_late=1&js_ts=1640746957917&navs_ts=1640746956442&partid=206203&bidders=adagio%2Cnobid%2Cappnexus%2Conemobile%2Cadyoulike%2Ctriplelift%2Cmantis%2Ccriteo%2Crubicon%2Conetag&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=188%2C319%2C185%2C183%2C180%2C179%2C312%2C178%2C395%2C174&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_InContent_ROS_Pos1&site=FileCR&subcat=&os=windows&brwsr=chrome&u_ts=1640746957&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=bsa-zone_1629215045012-3_123456&evt=auct_2000&ts=1640746959920&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&amts=ban&asizes=728x90&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&auct_start=1640746957726&auct_end=1640746958137&v=1&js_late=1&js_ts=1640746957917&navs_ts=1640746956442&partid=206203&bidders=adagio%2Cnobid%2Cappnexus%2Conemobile%2Cadyoulike%2Ctriplelift%2Cmantis%2Ccriteo%2Crubicon%2Conetag&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=188%2C319%2C185%2C183%2C180%2C179%2C312%2C178%2C395%2C174&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_InContent_ROS_Pos2&site=FileCR&subcat=&os=windows&brwsr=chrome&u_ts=1640746957&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=bsa-zone_1629215230348-3_123456&evt=auct_2000&ts=1640746959920&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&amts=ban&asizes=728x90&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&auct_start=1640746957726&auct_end=1640746958137&v=1&js_late=1&js_ts=1640746957917&navs_ts=1640746956442&partid=206203&bidders=adagio%2Cnobid%2Cappnexus%2Conemobile%2Cadyoulike%2Ctriplelift%2Cmantis%2Ccriteo%2Crubicon%2Conetag&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=188%2C319%2C185%2C183%2C180%2C179%2C312%2C178%2C395%2C174&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_InContent_ROS_Pos3&site=FileCR&subcat=&os=windows&brwsr=chrome&u_ts=1640746957&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame A9CE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7px6tjo6ii6E31j6WRcj1OoiEdI833BGZrh1-Gh6fDib2WT62Te7AF7mKWuXQX3wfozJWlQSEEmBkQJ3aAiCp3ePbWtHpHGZwyT1kfFlSeO0PoCxX5g&sai=AMfl-YQLz3gNrjgJ4rxGWUO1hRZk5zTXKczd_1_jtnf1s3MG1x2b_MmQ82SPyXcaqgS4edDSAdlutReOCXOV2gM9Fy8jtadtN0bEbw9zRGz9-qpSczkMJ6tDyjXxKJqe&sig=Cg0ArKJSzCJprDi7k6-rEAE&cid=CAASF-RorVqvNA2e0T9D6MSacnRZDftFiapW&id=ampim&o=1073,453&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=209&tls=1214&g=100&h=100&tt=1214&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1436553605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7C2B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIygxXHHVT2_BYFKV5BZUf77iJ8oNa-Ga6BD7CI4A6GoVRhpW3JbiUPnjKzAOCsF0MLIs2FIG22X6mD3dTMjGPS2DM8WyvOmykON5NpndVyH6o03zPAg&sai=AMfl-YTBK2s1qrqAlm_U6IqRaXEU8LSYGK3_cvOSqklReCUNg2AF248blkgLB4C2lbPOQlwYSdvnRI-USys-EMalzMQgnoZ6278fqJrwJfT5gZoaW3uxMfuqwBaTXimm&sig=Cg0ArKJSzHnTngXinRmIEAE&cid=CAASF-Ro2CWFbkya0x7y_jkWyuy4tsQSOlk4&id=ampim&o=242,522&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=215&tls=1215&g=100&h=100&tt=1215&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1058625133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 74B2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Dec 2021 03:02:41 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 4CE8 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Wed, 15 Dec 2021 19:31:35 GMT
accept-ranges
bytes
etag
"32347ab14bd5257f1f3d2e210ba82276"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
G8yUZj2Ov0B6m/aEou3KBrX3vx5SaKt/9BVsfCiumvvmzZuXmo0CszzSqlhIWOC8VDOcK0Qmv18=
x-amz-request-id
16GAH19EHY1XC8S4
x-amz-meta-codebuild-content-sha256
8644b4f52d5a37b8f0b84f0bbcfa66f9e0f7f97407e4d25c13a055f86b22baed
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0897103a-6355-4b89-92f6-53a82b1da700
x-amz-meta-codebuild-content-md5
276cf0a41034befc9a603617ae1a1731
x-azure-ref-originshield
0Z0XLYQAAAAD8roidFvUvQYJfxUq6SP86TE9OMjFFREdFMDExMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
00c/LYQAAAADwm2Od6as0SpOiKTqW8qgPRlJBRURHRTEwMTUAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Wed, 29 Dec 2021 03:02:40 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 58F0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 29 Dec 2021 02:32:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 29 Dec 2021 03:02:41 GMT
Age
1827
X-Served-By
cache-lga21949-LGA, cache-fra19151-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 2330
X-Timer
S1640746961.176193,VS0,VE0
Vary
Accept-Encoding
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 7FC4 		233 B
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1640746958054&secure=true&version=9&uuid=87237068-ec04-412e-bff0-c0f9aeeaf403&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.217.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-217-176.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8852dc4007339811b06753da707b4815bb8f2abb9e46eb84a7d6a77949638bed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
text/html; charset=utf-8
content-length
233
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"e9-GZ2E7tKvySh01E1LZd6JDT9X13Q"
/
onetag-sys.com/usync/ Frame 96BB 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1640746957854
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 61C8
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/filecr.js?1640746800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
950db17a6f239c1d64d67c1c19719bdb972ac66a605bee1defaf625a6fa2eb6e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
text/html; charset=utf-8
content-length
459
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
usync.js
eus.rubiconproject.com/ Frame 74B2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 03:02:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37629
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Wed, 29 Dec 2021 13:29:50 GMT
generic
match.adsrvr.org/track/cmf/ Frame 61C8 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=EEwhVDbfp&dongle=u6nf
eb2.3lift.com/ Frame 61C8
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=EEwhVDbfp&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=EEwhVDbfp&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=EEwhVDbfp&dongle=u6nf
date
Wed, 29 Dec 2021 03:02:41 GMT
via
1.1 google
alt-svc
clear
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 61C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIiYJk-M4owWPo82ybyK-v8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIiYJk-M4owWPo82ybyK-v8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIiYJk-M4owWPo82ybyK-v8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 61C8
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMjQ1NjY2MjEyMzgzMDU5OTM%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMjQ1NjY2MjEyMzgzMDU5OTM%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAzMjQ1NjY2MjEyMzgzMDU5OTM%3D
date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 61C8 		0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=10324566621238305993&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:40 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9CE2194570A948B5944385BB4122FCE7 Ref B: FRAEDGE0717 Ref C: 2021-12-29T03:02:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXUQCvLpJetBXqHpSayBA==
xuid
eb2.3lift.com/ Frame 61C8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/10324566621238305993?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-L_aJ5xZE2oSYkR1k4S3X7829aEayu4RQvdOQGST6CQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-L_aJ5xZE2oSYkR1k4S3X7829aEayu4RQvdOQGST6CQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 29 Dec 2021 03:02:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-L_aJ5xZE2oSYkR1k4S3X7829aEayu4RQvdOQGST6CQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 61C8 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=10324566621238305993&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.132.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-132-244.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 03:02:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 61C8 		42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=10324566621238305993&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
etag
"f95a3e4769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3A238761B1074C2E945B5AB7B92B054A Ref B: FRAEDGE1221 Ref C: 2021-12-29T03:02:41Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 61C8
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=10324566621238305993
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10324566621238305993&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10324566621238305993&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SWDKFEWQBVM9PG01YHVC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=10324566621238305993&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 61C8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
async_usersync
ib.adnxs.com/ Frame 58F0 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c783a4b3-6ef8-472c-a2f4-b7d66afd53fd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fltiu.js
pixel.yabidos.com/ Frame 7FC4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=filecr.com
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1640746958054&secure=true&version=9&uuid=87237068-ec04-412e-bff0-c0f9aeeaf403&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Dec 2021 16:27:27 GMT
server
cloudflare
age
1535
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6c4fca7bfc8e42f1-FRA
content-length
1168
expires
Wed, 29 Dec 2021 05:02:41 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame 7FC4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=34e83a71-ac15-43fc-a517-573939a26801
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=34e83a71-ac15-43fc-a517-573939a26801
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1640746958054&secure=true&version=9&uuid=87237068-ec04-412e-bff0-c0f9aeeaf403&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256
Protocol
H2
Server
35.174.217.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-217-176.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=34e83a71-ac15-43fc-a517-573939a26801
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
13926
g2.gumgum.com/usync/ Frame 1EE9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3ca15db6333a3b6187e052ba4950b4b90d74756ac69ab80760f797a0751b1918

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"08ba08cfcfb2153c8242d91588d84cb1d"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame F3F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Wed, 29 Dec 2021 03:02:40 GMT
/
onetag-sys.com/usync/ Frame 882D 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 6ED1 		690 B
940 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
96288284d9baa3a18c4a649c9a7b2d77287d1160edf3cd5c65fb63485f1c912a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Wed, 29 Dec 2021 03:02:40 GMT
content-type
text/html
content-length
690
usermatch
ssum-sec.casalemedia.com/ Frame FF4C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ba23b65689961cdba26068d8bba46a44ba6fa5bc04023b676cb657eb8a2a6148

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|73|188|195|176|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1570
Expires
Wed, 29 Dec 2021 03:02:41 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
Connection
keep-alive
sync
ads.servenobid.com/ Frame 4CE8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7225434384292486973
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7225434384292486973
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.244.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-244-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cb716a40-25cb-435c-96ec-a02534225b97
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=7225434384292486973
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 4CE8
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 4CE8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1995151955
  • https://sync.1rx.io/usersync/tradedesk/34e83a71-ac15-43fc-a517-573939a26801
  • https://sync.targeting.unrulymedia.com/csync/RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.244.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-244-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
date
Wed, 29 Dec 2021 03:02:41 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf58d1f8b1e194ebdbd0190a6beb91f85003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame 4CE8 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.13.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-13-13.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame 4CE8
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5123196420901286746
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5123196420901286746
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.244.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-244-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5123196420901286746
Date
Wed, 29 Dec 2021 03:02:41 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 4CE8 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 4CE8
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=813d5567-f0da-4ea5-b4bd-5e7d096a7d66&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=813d5567-f0da-4ea5-b4bd-5e7d096a7d66&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.244.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-244-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=813d5567-f0da-4ea5-b4bd-5e7d096a7d66&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 4CE8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-P8dSUM1E2uGORDhmHWRPwMzrcmZamstJ9KfW82M-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-P8dSUM1E2uGORDhmHWRPwMzrcmZamstJ9KfW82M-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.244.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-244-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-P8dSUM1E2uGORDhmHWRPwMzrcmZamstJ9KfW82M-~A
date
Wed, 29 Dec 2021 03:02:41 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
flimpobj.js
pixel.yabidos.com/ Frame 7FC4 		31 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1640746961298&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=p7r1doonlp5j&cid=1041
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=filecr.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Dec 2021 16:27:27 GMT
server
cloudflare
age
2976
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6c4fca7c2cce42f1-FRA
content-length
24217
expires
Wed, 29 Dec 2021 05:02:41 GMT
pixel
cm.g.doubleclick.net/ Frame 74B2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzEzN2NhMzUxNWE3NTA3ZjYzNDllZmZiZTg5NWVlMjA4ZDM5MmY1ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzEzN2NhMzUxNWE3NTA3ZjYzNDllZmZiZTg5NWVlMjA4ZDM5MmY1ZA
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzEzN2NhMzUxNWE3NTA3ZjYzNDllZmZiZTg5NWVlMjA4ZDM5MmY1ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 74B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIbRkEtwyiQiMqpS5hMt_gk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIbRkEtwyiQiMqpS5hMt_gk&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIbRkEtwyiQiMqpS5hMt_gk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 74B2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YcvP0QABcWXrMwAF
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YcvP0QABcWXrMwAF&_test=YcvP0QABcWXrMwAF
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YcvP0QABcWXrMwAF&_test=YcvP0QABcWXrMwAF
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1640746961.444411,VS0,VE0
x-served-by
cache-fra19162-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YcvP0QABcWXrMwAF&_test=YcvP0QABcWXrMwAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame 74B2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 74B2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXQYDJBC-Q-JMKE&sigv=1&esig=2~3782bd80cda1e0154be95901d50402f850a1949a
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXQYDJBC-Q-JMKE&sigv=1&esig=2~3782bd80cda1e0154be95901d50402f850a1949a
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXQYDJBC-Q-JMKE&sigv=1&esig=2~3782bd80cda1e0154be95901d50402f850a1949a
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 74B2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3njT9jXCHBfbrExhBWekVA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5097470543064967731
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5097470543064967731
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

date
Wed, 29 Dec 2021 03:02:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5097470543064967731
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 74B2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hRWURKQkMtUS1KTUtF
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 74B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
casale
match.adsrvr.org/track/cmf/ Frame FF4C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame FF4C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 29 Dec 2021 03:02:41 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame FF4C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GFKCDHCS0V6PD68VQ27C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7DAAZ4EV7WV0803G5SDY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FF4C 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:dff7:6d91:8da4:96a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
CookieIndex
rtb.adentifi.com/ Frame FF4C 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.254.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-254-117.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
crum
dsum-sec.casalemedia.com/ Frame FF4C
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ebb80216-4ab3-4a05-a045-2bd9aa9242a3
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ebb80216-4ab3-4a05-a045-2bd9aa9242a3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 29 Dec 2021 03:02:41 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ebb80216-4ab3-4a05-a045-2bd9aa9242a3
date
Wed, 29 Dec 2021 03:02:41 GMT
server
Apache-Coyote/1.1
content-length
0
113
match.deepintent.com/usersync/ Frame FF4C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:40 GMT
content-length
0
server
a
index
dmp.brand-display.com/cm/api/ Frame FF4C 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
via
1.1 google
last-modified
Wed, 29 Dec 2021 03:02:41 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Wed, 29 Dec 2021 03:02:42 GMT
sync
ads.servenobid.com/ Frame FF4C 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.244.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-244-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 6ED1 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7740630433259304669&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.244.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-244-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 6ED1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=KRxk1EzJ5W1Q&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=KRxk1EzJ5W1Q&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=KRxk1EzJ5W1Q&ev=1&pid=560288&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-685df6f7b9-pjz5j
expires
-1
redir
rtb-csync.smartadserver.com/ Frame 6ED1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=ADnlKE7Dl6AAAEtrjHsDFQ&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=ADnlKE7Dl6AAAEtrjHsDFQ&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=ADnlKE7Dl6AAAEtrjHsDFQ&gdpr=0
Date
Wed, 29 Dec 2021 03:02:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
/
rtb-csync.smartadserver.com/redir/ Frame 6ED1
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=GqjiG0__5UgBr7AdTf-sTxupt0ABqrFKSK6dzkCQ
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=GqjiG0__5UgBr7AdTf-sTxupt0ABqrFKSK6dzkCQ
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=GqjiG0__5UgBr7AdTf-sTxupt0ABqrFKSK6dzkCQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 6ED1
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7225434384292486973&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7225434384292486973&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
80c57316-cc95-4cdc-91b5-13a1e3e575fb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7225434384292486973&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vbl.gif
pre.glotgrx.com/ Frame 7FC4 		26 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1640746961370&rnd=p7r1doonlp5j&ifm=1&uai=1&cid=1041&s=filecr.com&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1640746958054&secure=true&version=9&uuid=87237068-ec04-412e-bff0-c0f9aeeaf403&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:76c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Dec 2021 16:23:59 GMT
server
cloudflare
age
3351
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6c4fca7ccd874eda-FRA
content-length
26
expires
Wed, 29 Dec 2021 05:02:41 GMT
nflrc.gif
pre.glotgrx.com/ Frame 7FC4 		26 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1640746961359421&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=filecr.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=p7r1doonlp5j&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=4d40a17eeb0d15981cfbb4227c36c806&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=23&icp=https%253A//filecr.com/&irfl=23&irf=https%253A//filecr.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-10-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=19
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1640746958054&secure=true&version=9&uuid=87237068-ec04-412e-bff0-c0f9aeeaf403&title=FileCR%20-%20THE%20BIGGEST%20SOFTWARE%20STORE&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:76c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Dec 2021 16:23:59 GMT
server
cloudflare
age
6877
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6c4fca7ccd8c4eda-FRA
content-length
26
expires
Wed, 29 Dec 2021 05:02:41 GMT
usersync
rtb.gumgum.com/ Frame 1EE9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7225434384292486973
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7225434384292486973
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:41 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4c85ac3c-7b56-430f-84ac-b6d5dafed5d9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7225434384292486973
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 1EE9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6d60707b-f46c-48ff-9d11-78f46152ddec
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=6d60707b-f46c-48ff-9d11-78f46152ddec
  • https://rtb.gumgum.com/usersync?b=bsw&i=6d60707b-f46c-48ff-9d11-78f46152ddec
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=6d60707b-f46c-48ff-9d11-78f46152ddec
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=6d60707b-f46c-48ff-9d11-78f46152ddec
Date
Wed, 29 Dec 2021 03:02:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cm
u.openx.net/w/1.0/ Frame 1EE9
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28wxm99jZ-E768Tzz4ZJv0zJJNlX54wAFZI4Qnyck8R6YpybcMiGHohMjFD8zgI0wp%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f&obuid=ENC(wxm99jZ-E768Tzz4ZJv0zJJNlX54wAFZI4Qnyck8R6YpybcMiGHohMjFD8zgI0wp)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3Dwxm99jZ-E768Tzz4ZJv0zJJNlX54wAFZI4Qnyck8R6YpybcMiGHohMjFD8...
43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3Dwxm99jZ-E768Tzz4ZJv0zJJNlX54wAFZI4Qnyck8R6YpybcMiGHohMjFD8zgI0wp%26uid%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:42 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3Dwxm99jZ-E768Tzz4ZJv0zJJNlX54wAFZI4Qnyck8R6YpybcMiGHohMjFD8zgI0wp%26uid%3D
Date
Wed, 29 Dec 2021 03:02:42 GMT
X-TraceId
48bdb3a23f8db00731c27f377b2832d9
Content-Length
0
usersync
rtb.gumgum.com/ Frame 1EE9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=4d462119-c6ee-48d5-8599-72a6f8a96c07
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=4d462119-c6ee-48d5-8599-72a6f8a96c07
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=4d462119-c6ee-48d5-8599-72a6f8a96c07
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 1EE9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-2cd3ef61-c47a-4400-67b0-3b0397e5eecc$ip$91.199.118.74
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-2cd3ef61-c47a-4400-67b0-3b0397e5eecc$ip$91.199.118.74
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-2cd3ef61-c47a-4400-67b0-3b0397e5eecc$ip$91.199.118.74
Date
Wed, 29 Dec 2021 03:02:41 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 1EE9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-bFcSU5JE2peJg.D281Z1d8k2BN1rIrzZSGxu~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-bFcSU5JE2peJg.D281Z1d8k2BN1rIrzZSGxu~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 29 Dec 2021 03:02:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-bFcSU5JE2peJg.D281Z1d8k2BN1rIrzZSGxu~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame 1EE9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=c9c0261a-6853-11ec-993e-eb5bec7e4584
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=c9c0261a-6853-11ec-993e-eb5bec7e4584
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=c9c0261a-6853-11ec-993e-eb5bec7e4584
Date
Wed, 29 Dec 2021 03:02:41 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
c9c0261b-6853-11ec-993e-eb5bec7e4584
services
sync.technoratimedia.com/ Frame 1EE9 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
120128582
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 1EE9 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 1EE9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=k1cj8SIVmZWULBMlX7o0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22ZRMNVDQU2JKZWVUV2VJRBE23CYG5XTAJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=k1cj8SIVmZWULBMlX7o0&us_privacy=1---
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=k1cj8SIVmZWULBMlX7o0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:42 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:42 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=k1cj8SIVmZWULBMlX7o0&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 1EE9
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=dc2fdacf-c43e-4b8e-b5a5-125f2b9a21d3
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=dc2fdacf-c43e-4b8e-b5a5-125f2b9a21d3
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=dc2fdacf-c43e-4b8e-b5a5-125f2b9a21d3
date
Wed, 29 Dec 2021 03:02:41 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 1EE9
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003&rndcb=2213315336
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=6d60707b-f46c-48ff-9d11-78f46152ddec&google_hm=NmQ2MDcwN2ItZjQ2Yy00OGZmLTlkMTEtNzhmNDYxNTJk...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEG8XJvKEESEZdlZ3qDGByEs&google_cver=1&ssp=adconductor&bsw_param=6d60707b-f46c-48ff-9d11-78f46152ddec
  • https://sync.1rx.io/usersync/bidswitch/6d60707b-f46c-48ff-9d11-78f46152ddec?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
date
Wed, 29 Dec 2021 03:02:41 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf58d1f8b1e194ebdbd0190a6beb91f85003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 1EE9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=lAAzrWCN5soI&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=lAAzrWCN5soI&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=lAAzrWCN5soI&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-685df6f7b9-qjhv5
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 1EE9 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-length
0
sync
ads.servenobid.com/ Frame 1EE9 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.244.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-244-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 9133
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=c52061cb-cfd1-4600-a448-0399dd0bfb45&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=c52061cb-cfd1-4600-a448-0399dd0bfb45&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 29 Dec 2021 03:02:41 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x12 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=c52061cb-cfd1-4600-a448-0399dd0bfb45&gdpr=0&gdpr_consent=
Expires
Wed, 29 Dec 2021 03:02:40 GMT
usersync
rtb.gumgum.com/ Frame 1BAF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=YcvP0QABcWXrMwAF&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YcvP0QABcWXrMwAF&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YcvP0QABcWXrMwAF&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Wed, 29 Dec 2021 03:02:41 GMT
via
1.1 varnish
x-served-by
cache-fra19162-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1640746961.477230,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3417 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mMzUxM2JiZi01YmNiLTRiZDUtOGIyMi0yMWZkY2M3ZTZkMmY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Wed, 29 Dec 2021 03:02:41 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1838 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=53064
expires
Wed, 29 Dec 2021 17:47:05 GMT
date
Wed, 29 Dec 2021 03:02:41 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 8FBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Wed, 29 Dec 2021 03:02:41 GMT
usersync
rtb.gumgum.com/ Frame 6583
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=34e83a71-ac15-43fc-a517-573939a26801&t=1643338961
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=34e83a71-ac15-43fc-a517-573939a26801&t=1643338961
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=34e83a71-ac15-43fc-a517-573939a26801&t=1643338961
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame AF14
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Dec 2021 03:02:41 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Wed, 29 Dec 2021 03:02:41 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
um
cs.emxdgt.com/ Frame 429D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Wed, 29 Dec 2021 03:02:41 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame A738
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YcvP0sCo8YQAAESP3.kAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YcvP0sCo8YQAAESP3.kAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 29 Dec 2021 03:02:42 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 29 Dec 2021 03:02:42 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YcvP0sCo8YQAAESP3.kAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
2
X-SO-HostName
a-ad40343.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":27,"gdpr":true,"ipv4":"0.0.0.0","key":"YcvP0sCo8YQAAESP3.kAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40343"}
X-SO-Key
YcvP0sCo8YQAAESP3.kAAAAA
X-SO-IP
91.199.118.74
X-SO-Cluster-ID
27
X-SO-Upstream-ID
a-ad40343
usersync
rtb.gumgum.com/ Frame EA4B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=Y1x5ssw45UM0ZE4Jcyw5&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=Y1x5ssw45UM0ZE4Jcyw5&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 29 Dec 2021 03:02:41 GMT Wed, 29 Dec 2021 03:02:41 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=Y1x5ssw45UM0ZE4Jcyw5&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1838 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5512938&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame AF14 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 03:02:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37629
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Wed, 29 Dec 2021 13:29:50 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame AF14 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=KXQYDJBC-Q-JMKE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
avw.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=bsa-zone_1627508894724-7_123456&evt=start&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&adu_el_id=bsa-zone_1627508894724-7_123456&v=0&tz_off=0&js_late=1&js_ts=1640746957917&size=970x250&pbjs_sizes=728x90%2C970x90%2C970x250&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4623&pg_paused=0&pg_exp=4623&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1640746956442&trgr_ts=1640746958614&init_ts=1640746958615&start_ts=1640746958616&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&featv=1&pn=1&pg_dims=1600x3703&vp_dims=1600x1200&dom_l=266&adu_pos=800x3100&u_ts=1640746957&dvc=2&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&brwsr=chrome&os=windows&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_Leaderboard_ROS_ATF&site=FileCR&subcat=&adsrv=dfp&adsrv_advrt_id=13383540&adsrv_cmpgn_id=2706385359&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=970x250&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
avw.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=bsa-zone_1627508935810-9_123456&evt=vsbl_actvw&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&adu_el_id=bsa-zone_1627508935810-9_123456&v=0&tz_off=0&js_late=1&js_ts=1640746957917&size=300x600&pbjs_sizes=300x250%2C300x600%2C160x600&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2902&pg_durat=4658&pg_paused=0&pg_exp=4658&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=93&clk_time=&reset=0&adsrv_adu_exp=2678&navs_ts=1640746956442&trgr_ts=1640746958651&init_ts=1640746958652&start_ts=1640746958652&reset_ts=&vsbl_ts=1640746959802&adsrv_vsbl_ts=1640746959844&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&featv=1&pn=1&pg_dims=1600x3703&vp_dims=1600x1200&dom_l=266&adu_pos=1073x453&u_ts=1640746957&dvc=2&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&brwsr=chrome&os=windows&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_Sidebar_Right_ROS_Pos1&site=FileCR&subcat=&adsrv=dfp&adsrv_advrt_id=13383540&adsrv_cmpgn_id=2706385359&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=300x600&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
avw.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=bsa-zone_1629214863639-0_123456&evt=vsbl_actvw&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&adu_el_id=bsa-zone_1629214863639-0_123456&v=0&tz_off=0&js_late=1&js_ts=1640746957917&size=728x90&pbjs_sizes=728x90&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2902&pg_durat=4659&pg_paused=0&pg_exp=4659&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=193&clk_time=&reset=0&adsrv_adu_exp=2678&navs_ts=1640746956442&trgr_ts=1640746958652&init_ts=1640746958652&start_ts=1640746958652&reset_ts=&vsbl_ts=1640746959802&adsrv_vsbl_ts=1640746959928&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&featv=1&pn=1&pg_dims=1600x3703&vp_dims=1600x1200&dom_l=266&adu_pos=200x522&u_ts=1640746957&dvc=2&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&brwsr=chrome&os=windows&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_InContent_ROS_Pos1&site=FileCR&subcat=&adsrv=dfp&adsrv_advrt_id=13383540&adsrv_cmpgn_id=2706385359&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
avw.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=bsa-zone_1629215045012-3_123456&evt=start&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&adu_el_id=bsa-zone_1629215045012-3_123456&v=0&tz_off=0&js_late=1&js_ts=1640746957917&size=728x90&pbjs_sizes=728x90&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4659&pg_paused=0&pg_exp=4659&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1640746956442&trgr_ts=1640746958652&init_ts=1640746958652&start_ts=1640746958652&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&featv=1&pn=1&pg_dims=1600x3703&vp_dims=1600x1200&dom_l=266&adu_pos=200x1540&u_ts=1640746957&dvc=2&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&brwsr=chrome&os=windows&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_InContent_ROS_Pos2&site=FileCR&subcat=&adsrv=dfp&adsrv_advrt_id=13383540&adsrv_cmpgn_id=2706385359&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
avw.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=bsa-zone_1629215230348-3_123456&evt=start&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&adu_el_id=bsa-zone_1629215230348-3_123456&v=0&tz_off=0&js_late=1&js_ts=1640746957917&size=728x90&pbjs_sizes=728x90&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4660&pg_paused=0&pg_exp=4660&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1640746956442&trgr_ts=1640746958652&init_ts=1640746958652&start_ts=1640746958653&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&featv=1&pn=1&pg_dims=1600x3703&vp_dims=1600x1200&dom_l=266&adu_pos=200x2558&u_ts=1640746957&dvc=2&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&brwsr=chrome&os=windows&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_InContent_ROS_Pos3&site=FileCR&subcat=&adsrv=dfp&adsrv_advrt_id=13383540&adsrv_cmpgn_id=2706385359&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:41 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
async_usersync
ib.adnxs.com/ Frame 58F0 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Dec 2021 03:02:42 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
99086d8d-6899-4db8-a5ca-ab9e52b51970
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
admin-ajax.php
filecr.com/wp-admin/ 		15 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://filecr.com/wp-admin/admin-ajax.php
Requested by
Host: filecr.com
URL: https://filecr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27, PleskLin
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://filecr.com/en/?id=94640144256
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 29 Dec 2021 03:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.27, PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ntsao%2BdwNLaXqdO4F1mQtgncEnGDV31VHBsgxf5kpKBP00f%2BA4N1CK150pyBbDgo58qDvujfOE0%2Bw%2FDl5o8Q1dJRsya7YBNt2li5cKf0c%2BwELeH%2FatH0GuZNH78RKFn35cfWgJG4sJU"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://filecr.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c4fca885b055c14-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
avw.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=bsa-zone_1627508935810-9_123456&evt=exp_chg&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&adu_el_id=bsa-zone_1627508935810-9_123456&v=1&tz_off=0&js_late=1&js_ts=1640746957917&size=300x600&pbjs_sizes=300x250%2C300x600%2C160x600&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=6093&pg_durat=7811&pg_paused=0&pg_exp=7811&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=93&clk_time=&reset=0&adsrv_adu_exp=5869&navs_ts=1640746956442&trgr_ts=1640746958651&init_ts=1640746958652&start_ts=1640746958652&reset_ts=&vsbl_ts=1640746959802&adsrv_vsbl_ts=1640746959844&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&featv=1&pn=1&pg_dims=1600x3703&vp_dims=1600x1200&dom_l=266&adu_pos=1073x453&u_ts=1640746957&dvc=2&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&brwsr=chrome&os=windows&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_Sidebar_Right_ROS_Pos1&site=FileCR&subcat=&adsrv=dfp&adsrv_advrt_id=13383540&adsrv_cmpgn_id=2706385359&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=300x600&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:44 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
avw.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=bsa-zone_1629214863639-0_123456&evt=exp_chg&pv_id=928ba565-465e-46f7-8884-f868ce01c5e3&adu_el_id=bsa-zone_1629214863639-0_123456&v=1&tz_off=0&js_late=1&js_ts=1640746957917&size=728x90&pbjs_sizes=728x90&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=6096&pg_durat=7812&pg_paused=0&pg_exp=7812&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=193&clk_time=&reset=0&adsrv_adu_exp=5872&navs_ts=1640746956442&trgr_ts=1640746958652&init_ts=1640746958652&start_ts=1640746958652&reset_ts=&vsbl_ts=1640746959802&adsrv_vsbl_ts=1640746959928&auct_id=769c7910-8c9c-4ca8-a8b8-513a5fca628a&featv=1&pn=1&pg_dims=1600x3703&vp_dims=1600x1200&dom_l=266&adu_pos=200x522&u_ts=1640746957&dvc=2&url=https%3A%2F%2Ffilecr.com%2Fen%2F%3Fid%3D94640144256&brwsr=chrome&os=windows&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=desktop&org_id=1116&pgtyp=&plcmt=FileCR_S2S_InContent_ROS_Pos1&site=FileCR&subcat=&adsrv=dfp&adsrv_advrt_id=13383540&adsrv_cmpgn_id=2706385359&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.13.14
Requested by
Host: filecr.com
URL: https://filecr.com/en/?id=94640144256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://filecr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:02:44 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEKdcJQFV5CuoHAC0qc9Yq-Y&google_cver=1&google_push=AYg5qPLj9Q-YFhJeiQQbkUPTEWC6h_Bup3FFX1J5ou1sJi66tUpeSW_HEc13kdM8p7so2kaDJIK2Qwmr10f-HuFCD2CovFZA0Q-y
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue object| cppVars undefined| $ function| jQuery object| advads_options object| advads number| advadsCfpExpHours number| advadsCfpClickLimit number| advadsCfpBan string| advadsCfpPath string| advadsCfpDomain object| advadsCfpQueue function| advadsCfpAd object| _mNHandle string| medianet_versionId string| medianet_chnm object| medianet_misc function| gtag object| dataLayer object| adsbygoogle object| diVtYLhBwbkJOS$r42e function| _0xe71c function| advanced_ads_check_adblocker object| advanced_ads_responsive number| advanced_ads_resizetimeout number| advanced_ads_cookieexpires number| advanced_ads_browser_width function| advanced_ads_resize_window function| advanced_ads_save_width function| advads_resize_delay function| advanced_ads_get_browser_width object| twemoji object| wp object| __SVG_SPRITE__ object| ratingPlugin object| Confirm object| notification object| ShPublic function| updateQueryStringParameter function| setCookie function| onlyUnique object| advanced_ads_pro_ajax_object object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group function| advads_postscribe object| advads_admin_bar_items object| advads_has_ads object| advadsProCfp object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| _mN object| _mNSrv function| setup string| _mN_Idf undefined| _mN_ctr string| _mN_ctrM object| mnjs object| hbCMBidxc function| _cR function| _cD object| _mNDetails function| _cmL1Require function| _cmL1Define undefined| _mNE object| bsagpt object| bsaheaderbid object| googletag function| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| optimize object| bsas2s object| google_tag_data string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| google_llp object| Criteo object| sas object| apntag object| _ADAGIO string| mantis_uuid object| advads_passive_ads object| advads_passive_groups object| advads_passive_placements object| advads_placement_tests object| advads_ajax_queries object| advads_js_items object| GoogleGcLKhOms object| ONFOCUS object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_pubtag object| criteo_pubtag_prebid_116 object| Criteo_prebid_116

77 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQoJKPoeAvCgoI4gEQoJKPoeAvCgoI5gEQoJKPoeAvCgoIhwIQoJKPoeAvCgkICRCgko-h4C8KCQg6EKCSj6HgLwoJCAsQoJKPoeAvCgoIjAIQoJKPoeAvCgoIngIQoJKPoeAvCgkIXxCgko-h4C8=
.mrtnsvr.com/sync Name: userId
Value: EEwhVDbfp
filecr.com/ Name: PHPSESSID
Value: 63uofugv2e68c6cqho3mchqpm6
filecr.com/ Name: advanced_ads_browser_width
Value: 1600
.filecr.com/ Name: _ga
Value: GA1.2.1477690717.1640746957
.filecr.com/ Name: _gid
Value: GA1.2.1272224741.1640746957
.filecr.com/ Name: _gat_gtag_UA_139662474_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmcyHptAiVda_Vi8e1Eud9GWly6KBv4rH-cAC8oiBpGxsE6Fj1Bf-iO_d6fFyw
.rubiconproject.com/ Name: rsid
Value: 1|A9CsNFoQ5K/DWCet2ogsIBP0vIhaOOWfliBRT/qkfmAh+urPaQTjRsKcZLjliObLRXOqtD6qDAuneV3IXSeRTVvE8QI6g1Y1yk4Vad3QREh28zX8YKRfI6r+JKnHMVn/BdTLwVQPPUDx
.rubiconproject.com/ Name: khaos
Value: KXQYDJBC-Q-JMKE
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bFaWzloMzC/IKQ/Fn9jJ2Tlph+Ceuqbr/fkq7MVXQlZn9sya/7CBUiqANnOER36PY/ggJ3pD4CYm1IAbBVu7i8M0A+VO7RH1E0=
.doubleclick.net/ Name: DSID
Value: NO_DATA
.filecr.com/ Name: __gads
Value: ID=ee53b8d6452621f4:T=1640746957:S=ALNI_MbPAs46Zb7U9mjDENJxBrxE6XLk2Q
.adnxs.com/ Name: uuid2
Value: 7225434384292486973
.casalemedia.com/ Name: CMPS
Value: 3252
.criteo.com/ Name: uid
Value: 22907fe8-fcf6-40a0-a472-639ff021c102
.yahoo.com/ Name: A3
Value: d=AQABBM7Py2ECEK69fbmwr4VSJ5DUYhgBXbkFEgEBAQEhzWHVYQAAAAAA_eMAAA&S=AQAAAti_5gJnBJaAAEvNMnTCqYY
.casalemedia.com/ Name: CMPRO
Value: 1174
.casalemedia.com/ Name: CMID
Value: YcvPzyZtjvbL1RXKY0SD5QAA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Ux4PIX!]tbPl1M>e)ZlrFUfJ+tGXvWB[GOV%V>IH.=821.E_EGwMx/P+[829+qmk@`*bpRz*qF1`*b_b$*0?Ow
.media.net/ Name: visitor-id
Value: 2837485599860222000V10
.media.net/ Name: data-g
Value: CAESED-JT1FBo_Lz1WciDi7jWSU~~3
.sharethrough.com/ Name: stx_user_id
Value: c88b38de-3182-4664-b61c-31371009b76f
.filecr.com/ Name: cto_bundle
Value: rYE9PF9CSEcwUlR4U2lackxhOFFLNHF4UEZjOGVnU2sxakZIeVFiaUd5Q2xob0JDbGxKMFpQVWtGOE03cUNOV0lYVFBNRVp3ZEVXWlo0ZFdJZWJkWHdlb2cxYmtXWVVwTTV3UGpjVVklMkYzaTdNSkpzcnhYZW0yOUdIcXhvcTNkeVRsbXIyZklEWnNsSjNpZGIxN01sRyUyRmJ0U2J3JTNEJTNE
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B995CA7C-8D48-4FD8-825E-3481BE7DB86C
.3lift.com/ Name: tluid
Value: 10324566621238305993
.bing.com/ Name: MUID
Value: 06CB41ACBAFF6C52351650B0BB2D6D14
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~22cr:196n~22cr"
.casalemedia.com/ Name: CMST
Value: YcvPz2HLz9EA
.smartadserver.com/ Name: pid
Value: 7740630433259304669
.adsrvr.org/ Name: TDID
Value: 34e83a71-ac15-43fc-a517-573939a26801
.servenobid.com/ Name: pid_312
Value: 7225434384292486973
.servenobid.com/ Name: pid_337
Value: y-P8dSUM1E2uGORDhmHWRPwMzrcmZamstJ9KfW82M-~A
.lijit.com/ Name: ljt_reader
Value: 540005bacd25ec6ead3cbe62
.servenobid.com/ Name: pid_317
Value: 7740630433259304669
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&ddd10a93-6087-4c1b-845a-a04048b8246f"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDA3NDY5NjE7MjswMjGzp7Wr3MPCBwNFa6TGmBAxhyOeEs2/CHti7bs38CsApw==
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2482:u=1:x=1:i=1640746961:t=1640833361:v=2:sig=AQGv1bNtFugH8EbhW0izi7LfeJo_vBBI"
.servenobid.com/ Name: pid_333
Value: YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0Mja0NDMxMrA0MDSyMDM3MRPiM9RNKc40zog0zc0OTkwBALCUGK8lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAADslzmtoZmJgbmJmaWZobGkCACTRUx8QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0Mja0NDMxMrA0MDSyMDM3MRPiM9RNKc40zog0zc0OTkyR4jU0MzEASliaGRpbmgAAmRkuxDQAAAA
.quantserve.com/ Name: d
Value: EEMBDQGJJYir0QA
.quantserve.com/ Name: mc
Value: 61cbcfd1-61daf-67069-303d7
.servenobid.com/ Name: pid_324
Value: 5123196420901286746
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YcvP0QABcWXrMwAF
.gumgum.com/ Name: vst
Value: e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003%22%7D
.bidswitch.net/ Name: tuuid
Value: 6d60707b-f46c-48ff-9d11-78f46152ddec
.bidswitch.net/ Name: c
Value: 1640746961
.bidswitch.net/ Name: tuuid_lu
Value: 1640746961
.servenobid.com/ Name: pid_321
Value: RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003
.openx.net/ Name: i
Value: 69d7ba30-477c-4f74-b834-aaa354de5ebc|1640746961
.servenobid.com/ Name: pid_309
Value: e_f3513bbf-5bcb-4bd5-8b22-21fdcc7e6d2f
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwj2zfWNzaClOhAFOAFaBmd1bWd1bWAC
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bidr.io/ Name: bito
Value: ADnlKE7Dl6AAAEtrjHsDFQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.creativecdn.com/ Name: u
Value: Y1x5ssw45UM0ZE4Jcyw5
.creativecdn.com/ Name: ts
Value: 1640746961
.mathtag.com/ Name: uuid
Value: c52061cb-cfd1-4600-a448-0399dd0bfb45
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f58d1f8b-1e19-4ebd-bd01-90a6beb91f85-003%22%2C%22nxtrdr%22%3Afalse%7D
.postrelease.com/ Name: opt_out
Value: 1
.a-mo.net/ Name: amuid2
Value: 813d5567-f0da-4ea5-b4bd-5e7d096a7d66
.360yield.com/ Name: tuuid
Value: dc2fdacf-c43e-4b8e-b5a5-125f2b9a21d3
.360yield.com/ Name: tuuid_lu
Value: 1640746961
.servenobid.com/ Name: pid_327
Value: 813d5567-f0da-4ea5-b4bd-5e7d096a7d66
.casalemedia.com/ Name: CMRUM3
Value: 2761cbcfd10b40&c361cbcfd12760av-ebb80216-4ab3-4a05-a045-2bd9aa9242a3&bf61cbcfd105a0&b061cbcfd105a00&2d61cbcfcf2760CAESEJFxmdfqh8X8LuKYMEnGH_c&4961cbcfd105a0&e661cbcfd12760&bc61cbcfd105a00&f161cbcfd105a0
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 092efeca3ecc09d0
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.zemanta.com/ Name: zuid
Value: k1cj8SIVmZWULBMlX7o0
.ipredictive.com/ Name: cu
Value: c9c0261a-6853-11ec-993e-eb5bec7e4584|1640746961803
.outbrain.com/ Name: obuid
Value: b77188fb-6a54-46db-80ab-cc6feec8cfba
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2cd3ef61-c47a-4400-67b0-3b0397e5eecc.xSejQ8Td14%2BExQw1w06h7VaIMFbaPpI0CD7aokGyR5I
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-2cd3ef61-c47a-4400-67b0-3b0397e5eecc%24ip%2491.199.118.74.Z48vg5mAyHGqQwTsz1u%2BsJnPBzJTQZLHtw%2B7PIRFmc8
.smartadserver.com/ Name: csync
Value: 92:KRxk1EzJ5W1Q

9 Console Messages

Source Level URL
Text
deprecation warning
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEKdcJQFV5CuoHAC0qc9Yq-Y&google_cver=1&google_push=AYg5qPLj9Q-YFhJeiQQbkUPTEWC6h_Bup3FFX1J5ou1sJi66tUpeSW_HEc13kdM8p7so2kaDJIK2Qwmr10f-HuFCD2CovFZA0Q-y
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJv6QH4txLco-LCSTfotw-nosqHmtPCF_w0WlfCabwzioH0bJe3iU9L-7jHOeFrxE4XE2_bkkQVrqCOnfrkwrrwceURHQc
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcvPzyZtjvbL1RXKY0SD5QAABJYAAAIB&google_gid=CAESEKX-T4ZqLg6oUvDiU0X3hT0&google_push=AYg5qPKDUnObafuutNJw9mRrRXwPCHjGShBg7nBCAS05mdzL9NV0ID8OYj2XHrm6l62LsqD-AS_cBMoac9AGJptdFFnZg2MApBNx&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=EEwhVDbfp&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0d43f5054cf401881a4b651293a87ee9.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.de
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bidswitch-eu.splicky.com
btlr.sharethrough.com
c.4dex.io
c.bing.com
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
cs.media.net
dmp.brand-display.com
dsum-sec.casalemedia.com
eb2.3lift.com
ecs.mantisadnetwork.com
eus.rubiconproject.com
fastlane.rubiconproject.com
filecr.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
i0.wp.com
i1.wp.com
i2.wp.com
i3.wp.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
jadserve.postrelease.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.33across.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
public.servenobid.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adaptv.advertising.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
webcrx.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net
sync.adaptv.advertising.com
104.109.78.125
104.111.215.191
104.16.200.58
124.146.215.43
142.250.185.130
142.250.185.66
147.75.38.124
150.136.25.38
151.101.129.108
151.101.66.49
157.90.157.235
172.217.18.102
178.162.133.149
178.250.2.131
178.250.2.146
18.195.132.244
18.195.155.181
185.184.8.65
185.255.84.151
185.29.132.241
185.33.220.216
185.33.221.88
185.64.190.78
185.86.138.131
192.0.77.2
193.0.160.129
198.148.27.139
199.187.193.185
2.18.233.180
2.18.234.21
2.18.235.93
2.19.35.65
209.54.176.128
213.19.147.44
216.52.2.19
216.58.212.162
2602:803:c002:200::42
2606:4700:20::ac43:4bf1
2606:4700:3031::6815:4efc
2606:4700:3035::6815:5fcf
2606:4700::6810:135e
2606:4700::6810:76c3
2606:4700::6812:272
2620:116:800d:21:3175:5196:e3fd:8c1d
2620:1ec:21::14
2620:1ec:bdf::60
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a02:2638:1::3
2a02:2638::1c
2a05:d018:d29:3601:dff7:6d91:8da4:96a3
3.126.56.137
3.127.31.101
3.33.220.150
3.67.115.59
34.102.163.6
34.199.172.6
34.246.244.131
34.251.173.19
34.95.81.22
35.156.28.35
35.171.214.154
35.174.217.176
35.186.253.211
35.241.40.233
35.244.159.8
35.244.174.68
38.91.45.7
50.19.13.13
51.89.9.251
52.215.67.233
52.28.203.152
52.31.83.126
54.172.254.117
54.85.186.77
64.74.236.95
67.202.105.21
69.173.144.139
70.42.32.31
76.223.111.18
94.31.29.32
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b91d3ae0d243eb38fb7cbfb037a44510bafbe170e4aed079c70a7a5b5969a6
0afd160f95b6b1a85d3a4ba4af582d3b58e7dca5fc45dfe47478739a86d8e2a5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e88ad62ff0a0c72ef67e1daf40764b12861d27f3c7d1ddce8e7124d69621d59
11cd1e1d49bf0a95c35aeb868dd4673260a225078ed2e054ed0fa6a8cb64e99e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
133be2ab152b1c9f408e9a597430361539cf3b8255a0a92f8a8a8a885e079702
15e116457c9d49a0e37d9128e98dd0da56c3413408aeb2e49903e490e98fc7c7
16a1666c3c3932f35a8875de439142ddcc0e994930c51dbf925e8bdbee0b6585
16b9e32d2030053b8337c5597c606a4903c783429172b9b47375821b60eb8c19
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1a3f754cff28acfc0c470089aa5b73be44b89006fb14faff256aa130f53cb2bd
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1c61a31466f21adef51634ed9a8bfd6b994b1984873956c6e17a3ecfbc87e423
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
208a74702f09b74f87678094c9cf767ba99c4f9fb31162b8edb0970ceee57f28
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
232c119ef7536bf0ffa8d987539dc33fb63a80c2121249d6231a543c3315b8f3
242f551a90edac6a77c2f145b5a05b88d7f321a78873f3b3d19d7c8270041657
27fe98956f9598d6c35cf91f5c3a4b075fdb7ef04989b2b3fa2de3a4ca794269
2a45970eb74a040768676a86704e55b79ea3c4efbe8fc40e9ec2bc88ab176272
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2eb904635f4a0a4fcd66a4ae7d124d6f0fc8083da97a8292eb31357e17845783
2fd2ade140efbafe72c97a7d770ca2b2b62b183e1cb8a752c2652838da4170d9
308c252b2381b887baf74268990c582643dbdaad9e9b332d158112745e2c65ea
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3988a5ace544c389b7f01ee68dded5ef0c28b08f14d622aca08da1df9f876d58
3b28406a6db1220af1f6a30f665513ad88f333659d109f27255cf51984e972d8
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c35a783283c24174cbcb703221dcd86b5b88162ebd297f45e5333f2d93bbfae
3ca15db6333a3b6187e052ba4950b4b90d74756ac69ab80760f797a0751b1918
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d62ad2bf23457cce43360d37b6e14d12a003ad18628b0f2be1615753094cd5d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3d7c4dbc2c2348f475e685fb7f298dbc2f969d7d9433ece7b42d828f3bfdcf4c
3dbfe6eda0abf69eb1901f4696d5daf4e276cb6dd8c30dfaa26b724b60251635
3e4609b61e3f7b1135d9d5dac5113fdeccf8085478d37cea8ea11cf63034e8af
3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40d3ce2a2f381bf2dc39ec4aacf04987e8e56abfbde41b59d95c7179e100682e
422322a5b664a67b41d5548903029f24d41665edf71afa39bc31dc5b03c668c1
4266f0f2dac5a75d4783f6cc002e2ffebe1e91c37cc771138a24ff7522034108
43ff7cbe7e15591cba55f6b29127a9c9a3b1ed48264c165eaaeebd7c36524498
461bf6010d38c8b7226b73182e7aa4b490cae4a193674a9c0c91838746dee863
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
496b171eb6d2f0b2a00351d2c4d159094af7a45c0add41c86adad921b06afc88
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c2ad65c1695343ba8108ac9ad46ad52fb45cf848feac2a9a359496bd447e2a5
4c4b6f136650f05a959e2fdd9a633160ef27cb06eac003727573ca4f2309cd6a
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54ad1caf60fbffae863420db4245b613cfd4793d9fe8cf36b45cf6c95c5819ea
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57431d2af8e927302881ea9960a8da63a7bfcd9e952b6a0772e744e6a5fba552
574f5dc48c403fa7ede2cb0e9bcbc979c2cdf658c2268a4744140f5f174d3e93
59a9469112bdcd4a7fe4a61a5c96d4dd99e04980c9e87a53b863cd4875ea40aa
5b511d9e1b80fc5226b95db7163515ac42c366b14d2eb30431d71c040c89f297
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c09582809757e983f15242f26de4a6f316c87e19ed98800dfee0071820c9b31
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ec0be71516d6508e7cf7c1bbde09efe67844ccd5356366b23fb2975a42ecea9
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60a021aa4820ca71fb46e8982955c578f4d6c87cfad49471f31f0fccce14c8e5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69a736c89783c7b121b99b49692d5c7875cf00c545b101d311ba38c94385470d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc38fed4254a74bd74c738a6dd959a672b9f67e43b651bf871495a47689cb25
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
71f583214fcb1560b3ad698a28a9d949c28f879167c163b3d82ccd391ef8e5bf
7a31b0310331c8959b07a0fffd3bcbc1d7b67100ad78576323a5a0136146a080
7baa8e557147bb60094be17c07ac1ddd6a2e164f525e76f67c548b02739d5a14
7d12ab45eb8649df73cf0d922a29846477bcf22be6ba259ae5443c86b52a9211
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
829c4d5174ddbea97221dafff61a7a208a132f0ecdc7196f1b7011427b34e59f
867929a5db83737a5849a31f013a188b9522e6a0b8455bf9ff4f4c2d9aae624b
8756cacc6f527aa5544e5be7947428723a36be71624a337315c4e4a761edcae0
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8852dc4007339811b06753da707b4815bb8f2abb9e46eb84a7d6a77949638bed
89e267039d32f778ee14f762d623290ef56cc3965c0d8843a9f81d5748322d72
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a7126b46a60d4a6b9bf33541fc5d8860f0cbf4d38fd3b0f499805ce9274519e
8af0b5fd87f0cf0c57915fb6094244ca5c108f21c063fd6917ee809259ae3a97
8ccfef2dc947d705894faaf1c30358c3d1b2264f149bc3e4ee1475348f9c6ad1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f163fdb0d575831a79f5c34111a9d3a1a71d564e643fd08ef4495791743d13e
8f8d5fcd4681ac486397403560d37ea970005d65e965705c193e1e6dc02d7d72
8fc00d8824032a8e3e17e51a2e38afd6ab6d5aac1e796ed36ccc6a728440cb9c
9083eeab46df9f2cfe1548a485742acce97708d8ff901728e692ed9ba6c8e9a9
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
950db17a6f239c1d64d67c1c19719bdb972ac66a605bee1defaf625a6fa2eb6e
96288284d9baa3a18c4a649c9a7b2d77287d1160edf3cd5c65fb63485f1c912a
96636a86ef33b2addb28845a0de84cb1a954fac692ceceae47b18be3807dc955
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
995dfb0c839090c9461662fca31b3d886f80dd9e881db8ea224374866eade55f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa257c1850506a2fae07305fd07b9fd30da894d386d3775581b947324c2b577
9c243f28e05a28a4ad9180436c1bf4aa6962dec59e38574870059ab303826181
9c5adcaac4bdb1cba54363c8a196177f284017c646c001c07f1cb18d1bb42bee
9c73c5d7e25b6d4bf59b4b87c7cf14d33f0706d36117f231a508bbea85d807b0
9c7f834e42777c25fb6b348a3286ec5d676cdaee610543617c4a9714fcf7dd15
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a37f38de0c5a8a258367fe5c99672629ef0b6475e172e94972e11b296c59aa28
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74f6799343afa74391d7dd24a0a1b505cdf058388ee6eda58ca1dcd646c8ab5
a7a919a68bb4a4ef175504f2bd82d909a5f752bb16cb05e2e5ce607243b29b56
a7b48512042ec39fd8291af5a7ce7004091be27f41efb7122f59820e3ff6ba31
a8db4471eb486bf6ce704a780699beaf321edbc03e9a711a4d12b0089a3f2092
a969b6aad84c69a5a60aa38b1dc211818c0b713f020ae274424e7546c4169501
a99d9a63bc96ec98b7e05f106603236b4d6f5b53bd9d4ebabb25543047b35bef
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd669956964821a13f74ee0786b8d93b4a6a7c4507e5926dd9d741b239fb9a5
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b121affca12c60f2656a8f62a191dcac68eb7aa3edd4f9b50d1cde2af7e7aefb
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1af9aaef658c2ddc16c0fe26521401658b8002a70c28fefcabfec92ec168edd
b1ba6432aa3f21e613c61c873ad4cc9167bc74f2ab29a5cf4b94ea981794978f
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b9a45dc508beae2b71cc348cb32b4a65950db4fcc2b12e6629f8a3e0d2600dad
ba23b65689961cdba26068d8bba46a44ba6fa5bc04023b676cb657eb8a2a6148
ba4c36326ae38fc378e6fbc3321fcd4729d0fe8b7c58840615c035d429d288de
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9bbca62474487d6bfcfd88a8da5d165633d0ccdeb4ae5ecbc9ae963575877b
bbfd30e5fd2bd475d319b5b55ab61469966d1517b703f9bd830a6f3207387c27
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be5f701f37218795787c585bdac8050f748447d710da0bdf08a22f15ee7b119e
bf1bcf9639febe995799b0428801b7af38d5fd7e3b7249e7a9da6314903d1817
c03a0c272ac4982cee8a10ba55930a4abf2612c8795f39810c8a22364de7c8cb
c04ce8a839e765f19221355c9e912cca1a1e472d2a9e4f0a1d7a921ec9fdd1ec
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2605b319ff5cdee21d71e6b7cf0a187464bafa48b2ba4947bbd52ca1991bb8e
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5c9293a7bd9fb7e0f9d30e981977350a6ae08773847d1af5d3f6abe971caee9
c80fbc0bd29928126e35c65b182e5d72f3d8eb626ccd0779782ee4add38a01c6
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
cc8323b394e8c8422322298c0c2a8564836788c84ceae9150f1410e41bcd5f29
cd2002cdf21b9a1c068b3b6f24ece6d21d00ecdf3b14de9b37372425e8045e90
cd4bc3d38632c492c786a8aee8289354144e0fe91f2844cf3013a95a9ad4873c
ce63599b0115e8324f6d6dc9dec70b1d3de8a698bab284117f36aade0b1debd9
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d4996b52af6d07e8ed85e129fe2d1a9938bf1a1dcea880cb6ec28d541e2c98b4
d63efc31a49898c1e52807c13879e2183b7611543614806100364fbd59f135d2
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
d9c7ced652c966659825962b2c0f79ccbb36d535bb4a61c2ea175eb105690878
db285186cc9299e8485e3836d503b40bcb4356ca86dfea93564f8ee18983d297
de81c47e236c866617601f020aa348c429f1472d8b69249935aa21b29448889f
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2272849553d0470730d49d839a706ed151b7dfbd29fb13f37919d4c273f1ee4
e2b0c644e90d90d54a55d3c7dd7dde3f8897a92f18ee6d69d74d5cab0167405e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e419d951c819c052caee51f95ea700755fd436c974aafdef2097c8ba48b5753c
e60ebb7a34b9e7d06c9c4ddf4a44eb523b03f2826b34159f04a86996625c0a21
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e93eef9c7695bfd0ed8d07107dc973bbd0e82710dc0de0ffb4f0fae868e84f07
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
ec21054660972f2c675da1813bb366e182e7feb94db3086a5f7e694ed68a9213
ec9f2d07e957d112e0a80e5a33439184d9c87a8df31ed2cbc3256a9c293e0e0e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1a571cc5fc9fe2069da0071a92a9a5516eadb17861a0ae3703ccb57517acfb
f312a20c6132b5c1b0ea46ee9d034b4ad198ceefbcf46b8e22672d4604182da5
f3adfda563caf8269abcdfa2b4ea2f93e35668c95a6861115350fcd361d9e57c
f4a15f094792a316a0edfea7d51004147efc1e73a71513929fc299629f0ec759
f5ef63bcd883c3e6ecca9a17785b10ee897b51aec76328706887ceb220742d71
f903b0e68ac1cb80ad56c6da32fa545314baa698fb8f2e6a65b8e33fca427d96
fb776e64506f9d686d536116260ced0186d8ea5f4c7f8360bca19bd18c6862ec
fc1ff38f1bca2b62914aa0295958396d8c3ace42dfd9e53be5c53a860f8f206f
fd805f81a7a8619b5d73bd2dfd2947f185c08bfda8ab58bfe093bcf4fd403849
ff4160d615f9b36447961bdb3f9d364c564132f25415e95ce8b92f44eccfae54
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914