fastshare.live Open in urlscan Pro
2606:4700:20::681a:877 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fastshare.live/
Effective URL:
https://fastshare.live/
Submission: On June 12 via manual (June 12th 2023, 7:48:27 am UTC) from CZ — Scanned from DE

Summary HTTP 64 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 8 countries across 15 domains to perform 64 HTTP transactions. The main IP is 2606:4700:20::681a:877, located in United States and belongs to CLOUDFLARENET, US. The main domain is fastshare.live.
TLS certificate: Issued by GTS CA 1P5 on June 1st 2023. Valid for: 3 months.

This is the only time fastshare.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:20:... 2606:4700:20::681a:877	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:223... 2600:9000:223f:6400:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	99.83.169.100 99.83.169.100	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	3.125.12.184 3.125.12.184	16509 (AMAZON-02) (AMAZON-02)
9	3.120.85.171 3.120.85.171	16509 (AMAZON-02) (AMAZON-02)
1 1	194.213.62.34 194.213.62.34	13036 (TMOBILE-) (TMOBILE-)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
4	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	52.218.44.114 52.218.44.114	16509 (AMAZON-02) (AMAZON-02)
2 2	52.58.181.73 52.58.181.73	16509 (AMAZON-02) (AMAZON-02)
64	16

14 2606:4700:20::681a:877 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fastshare.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:6400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.169.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3436eee63857ff41.awsglobalaccelerator.com

gaa.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.12.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-12-184.eu-central-1.compute.amazonaws.com

trx.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.120.85.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.213.62.34 (Spomysl, Czech Republic) 1 redirects

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid3.ibillboard.com

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.218.44.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

joyn-creative-hosting.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.181.73 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-181-73.eu-central-1.compute.amazonaws.com

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 tpc.googlesyndication.com — Cisco Umbrella Rank: 154	107 KB
14	adscale.de js.adscale.de — Cisco Umbrella Rank: 6859 gaa.adscale.de — Cisco Umbrella Rank: 168298 trx.adscale.de — Cisco Umbrella Rank: 50092 ih.adscale.de — Cisco Umbrella Rank: 3009	28 KB
14	fastshare.live 1 redirects fastshare.live	2 MB
6	gstatic.com fonts.gstatic.com	48 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 362 cm.g.doubleclick.net — Cisco Umbrella Rank: 248	38 KB
4	amazonaws.com joyn-creative-hosting.s3-eu-west-1.amazonaws.com — Cisco Umbrella Rank: 371478	115 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	121 KB
2	m6r.eu 2 redirects tracking.m6r.eu — Cisco Umbrella Rank: 10488	1 KB
2	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3786	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1360	2 KB
1	mathtag.com sync.mathtag.com — Cisco Umbrella Rank: 548	442 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	55 KB
1	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 602	550 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 385	265 B
1	ibillboard.com 1 redirects bbnaut.ibillboard.com — Cisco Umbrella Rank: 11764	201 B
64	15

	Domain	Requested by
14	fastshare.live	1 redirects fastshare.live
13	pagead2.googlesyndication.com	js.adscale.de pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com fastshare.live s0.2mdn.net www.googletagservices.com
9	ih.adscale.de	js.adscale.de ih.adscale.de
6	fonts.gstatic.com	fastshare.live
4	joyn-creative-hosting.s3-eu-west-1.amazonaws.com	s0.2mdn.net joyn-creative-hosting.s3-eu-west-1.amazonaws.com
4	s0.2mdn.net	fastshare.live s0.2mdn.net
3	tpc.googlesyndication.com	fastshare.live tpc.googlesyndication.com s0.2mdn.net
3	js.adscale.de	fastshare.live js.adscale.de ih.adscale.de
2	tracking.m6r.eu	2 redirects
2	googleads4.g.doubleclick.net	fastshare.live
2	track.adform.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	googleads.g.doubleclick.net	js.adscale.de pagead2.googlesyndication.com
1	cm.g.doubleclick.net	1 redirects
1	sync.mathtag.com	ih.adscale.de
1	www.googletagservices.com	s0.2mdn.net
1	dis.criteo.com	1 redirects
1	match.adsrvr.org	ih.adscale.de
1	bbnaut.ibillboard.com	1 redirects
1	trx.adscale.de	js.adscale.de
1	gaa.adscale.de	js.adscale.de
64	21

This site contains links to these domains. Also see Links.

Domain
fastshare.cz

Subject Issuer	Validity	Valid
fastshare.live GTS CA 1P5	`2023-06-01` - `2023-08-30`	3 months	crt.sh
*.adscale.de Amazon RSA 2048 M01	`2023-06-09` - `2024-07-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-23`	8 months	crt.sh

This page contains 7 frames:

Primary Page: https://fastshare.live/
Frame ID: BED0EE6604259B1B65011151E78A8F50
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhib07JvMAE&v=APEucNXhiPSlgWhmK5RGbEqaBE-VkXc-XZSCHSX8tKv8ylNcwUlyLimubnNFqVQD_VzPRloLHzJUzY211yNXIER2cY6tjbDdngaWsGT0lDJuwITgT0RzSOxW6NO7BQEnd4wI-wI7PHIPAb_OculURcjRAYQv34X5-pI7m7fcg_dwOimiIFkl0ROKqVDpBPhu-AvA0gRkSue29hUt0AV3TekpyT4-5EL3vsQwjsV8SHVqjSiDwqUkfP4
Frame ID: 1EF7FBC3725A565E9C6C46C68EC1C55F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3A223697CA97CC363A4F7B0C1B440A4E
Requests: 16 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1
Frame ID: 6A5F1EB0BC14089E0E7E30011F9F0ED9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D426A776C0A0D3011F644470341604AD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2788831680616817051/index.html?e=69&leftOffset=0&topOffset=0&c=MtVJrhdEaB&t=1&renderingType=2&ev=01_250
Frame ID: 8E56A409CB23255C072EA035DF205FD7
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 53FEEBDCDC371070F2CCC160A513FDB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FastShare.live

Page URL History Show full URLs

http://fastshare.live/ HTTP 301
https://fastshare.live/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

64
Requests

91 %
HTTPS

38 %
IPv6

15
Domains

21
Subdomains

16
IPs

8
Countries

2644 kB
Transfer

3664 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://fastshare.cz/cenik_cs
Title: Využijte časově omezené AKCE! Kupte si tříleté předplatné a stahujte neomezeně za 49 Kč měsíčně.

Search URL Search Domain Scan URL

URL: https://fastshare.cz/login
Title: Můj účet

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fastshare.live/ HTTP 301
https://fastshare.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://bbnaut.ibillboard.com/match/AdScale?partneruid=ee71fb4292144a0a93f3660c2b2a3af9&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID HTTP 302
https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?tpid=101&tpuid=BBID-01-03612701020225408-16942968

Request Chain 30

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=71f2354b521482bc2566681b7b5d5cc48330d4de8e9741354cffca886d0335aa&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fimg HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fimg&s=183592&tpid=63&uid=71f2354b521482bc2566681b7b5d5cc48330d4de8e9741354cffca886d0335aa&C=1 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZIbNxu14gwTPI9QHDTcaIwAA%261188

Request Chain 35

https://track.adform.net/serving/cookie/match/?party=9&uid=72d8301d1a9e5ea5598abfa2ac4de918c15cb959b38666796043efca89640c3c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fimg HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=72d8301d1a9e5ea5598abfa2ac4de918c15cb959b38666796043efca89640c3c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?tpid=42&tpuid=3982707528119929119

Request Chain 40

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=4b1d40f4d0d58621be6e0531321e9641303e94d120e7068643e2c4243047b85c&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=3b85349e-c134-440c-b1db-4f5637208534

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=a5c4b59ed7d994e3d0776b84817e4efb79fd9ca9abea07d9d911219deeef466a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fimg HTTP 302
https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?uid=a5c4b59ed7d994e3d0776b84817e4efb79fd9ca9abea07d9d911219deeef466a&tpid=38&tpuid=CAESEJU04EMjyHHveNzP0VzfTak&google_cver=1

Request Chain 52

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=7e8db0ee6d1f085c8283c2d066369ad2ac7be30ce9194d6e430681a393fe7f09&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fjs HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=7e8db0ee6d1f085c8283c2d066369ad2ac7be30ce9194d6e430681a393fe7f09&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fjs&checkcookies=true HTTP 302
https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/js?tpid=48&tpuid=510f7384ccb865e43b5f5a6bf1e6bc42

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fastshare.live/
Redirect Chain

http://fastshare.live/
https://fastshare.live/

156 KB
28 KB

366ms
347ms

Document
text/html

2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1289b0ca0ad0ea781b1b94195bbf47ec2e7f7fee907a6f99856255d4438e02c0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d607dafcaf0048b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Jun 2023 07:48:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9inE0w2VLaTqBuHt%2FQRx6kSS6Zpp5vo7EJb9zbdC6iIYSmtc39jbTyJVdh%2FmRptmF1heo3tx0PVlpjoZO%2BINY4x0D7JmN0Jxh1YB9ZGli3Ec817dnD%2B09dVRDUK6JozMTDZuoIdMAz5JV4FV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7d607daf8e371a7d-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 12 Jun 2023 07:48:21 GMT
Expires: Mon, 12 Jun 2023 08:48:21 GMT
Location: https://fastshare.live/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3bRXBUbzi7kQN8F%2F4Dkn9Om%2BmtNLGvuZoEq5%2FXqdpJgkaxkscEgHmk8J%2B%2BlW1r3hEqdjke%2F%2BQSYv0F5cf3Vyzisk1Jon0hBTuF9hsufMzDpi6pauPOaj1vsgYh5Lu9hj5boUSShOIqNWB8m"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 jquery-1.11.3.min.js Show response
fastshare.live/js/ 94 KB
34 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery-1.11.3.min.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Oct 2015 12:48:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1750
etag: W/"176d5-521832a05aa40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwca5ob11e6uyt0lAf1mCEEDH%2Fq66SvGEnhxONZg7av1DXn3ufowpEWgm%2F78PGOEvQE7OoJEHHPm46dba297Ek%2FIRkR8VUqo1wkDEYSijP%2F70eF%2FJ%2Bje5LUinhq1g%2F0A%2BWyumBhVU%2BtZI0lL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d607db25e36048b-FRA

GET
H2 200 jquery-ui.min.js Show response
fastshare.live/js/ 235 KB
64 KB 20ms
19ms Script
application/javascript 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery-ui.min.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Oct 2015 12:48:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1380
etag: W/"3ab2b-521832a51f580-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEhgmfzwePEW%2Bib%2F3Xp4HA8be5z1FP8FmwwEgMRobXW34DBSPo%2F7yK%2BRFnPYyysxD9beTgpYid%2FIjMicxiToY%2BZUf2uNYLnRN2aTeSo3XQoXyKb%2Bv9h%2F1Ip%2F%2BIeAsgkuxEgKauv5Flgf1qbu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d607db25e38048b-FRA

GET
H2 200 easyResponsiveTabs.js Show response
fastshare.live/js/ 9 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/easyResponsiveTabs.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e430bd1c5cc3d579824822786e7605d36ac37a8b44f8b99480b00cb045917de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 May 2014 08:05:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1380
etag: W/"222d-4fa71484b8580-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FfJrKUjECFtAHK91ABvGVkyaVkyP0C5Td6aPk13kC0bP7CYzs0qCVEde7Ed65SP614xC0Yf%2FKSUoO5b40URzPufvPw11NmnVkl8A6XQ%2FJ2mF4HIEOppigzmBFQ4lUmV5qtqCSkC0XkJfLRm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d607db25e39048b-FRA

GET
H2 200 getads.js Show response
js.adscale.de/ 15 KB
5 KB 54ms
7ms Script
application/javascript 2600:9000:223f:6400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/getads.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e2fe4d6dcbe16c671130fb561b80b79111fd786b83d893e8256ed96b38dd258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: 4egtfO7R3BvJvHkXMhc0Fij6YmlYxAm0
content-encoding: br
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 06:40:44 GMT
last-modified: Fri, 09 Jun 2023 13:10:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 4058
x-amz-server-side-encryption: AES256
etag: W/"85b1a5f755b93b7bfc39409a466d8f36"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, stale-while-revalidate=86400
x-amz-cf-id: xjro8oKVU5u30eA58i1mFtRR6Caw-0S-lfN0qwyj-cON_uQBy2ShCQ==

GET
H2 200 fs-logo-live-2023.jpg
fastshare.live/images/ 5 KB
6 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/fs-logo-live-2023.jpg
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae82507852468a5d918f7be47840b1b507f09e3f7664c8af9f338b804b44f99d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 03 Apr 2023 11:10:56 GMT
server: cloudflare
age: 4846
etag: "15b0-5f86c9ce59000"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfSavHgp0RVf2r%2Bleqe%2BJo1%2B2eqrVUVUUtfBYDELT7H%2FtOm0KZhUHLOYNSZUYChVjT589dxooYQ9Gilau9JyBuvPxAoQHKC0hCehKAEFSg04AL%2BwBY8EHKPFbwc670OmGp29BiqA6D%2BJ2bnQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d607db2ced1048b-FRA
content-length: 5552

GET
H2 200 fastshare_gallery.png
fastshare.live/images/ 1001 KB
1002 KB 281ms
280ms Image
image/png 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/fastshare_gallery.png
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11bde9cf7b5a94f974c24776947ebc94064e857d98453e719058b7498820675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 10:44:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fa39a-5eafc4e304e00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jup62yQXF89jm61F0OR7%2F5afiIdyfYFK3Nh5qUQETIOFRZqxpvqZTehO7m1TjyKJ0KzmkyQAXGR9eow6AVsSkEUepmSRcB9jhiaJBk0oRxeFqzTYeQ%2FT5PRmVVmF3SsuoeE6PXeveYfNQDLZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d607db2ced2048b-FRA
content-length: 1024922

GET
H2 200 fastshare_editace.png
fastshare.live/images/ 885 KB
886 KB 331ms
330ms Image
image/png 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/fastshare_editace.png
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59cd3b2612641454b82e5baf052344779681b87c05a686727a9e79fafc4d1c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 11:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "dd2e9-5eafd03fb9c80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gq95kie0tslsW8kOJHZJkHB%2F5e3xN53cc8gmj2XsjBxezInBiuxg0PkLmm4iaPdJieQdmpsPNmeB%2Bhn4G4%2BNq8VMg%2FLlMJQdZFkEKq2AVTF8xDnpNmmClb5weomVd2w7OopFlNeFYW9VwTpW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d607db2ced4048b-FRA
content-length: 905961

GET
H2 200 jquery.smartbanner.js Show response
fastshare.live/js/ 16 KB
5 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery.smartbanner.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2be2da464f8c287bcde8d46a24c1c6bb2139ecbf17dbe339c26ba76a5c9c0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2017 09:49:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1529
etag: W/"3e2a-54daa2e1d3b40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGzR0F0mAKaG23As1SfYPY6VhQbHr0skj6yUUwdNhsJgJyC6y5sys%2Bb7RoHFMRPcrXVaA1wXBGhFyFLFFHqZmiMVNgDtr0oeTzZTJze41jqeKQZE5JEkgRW081%2B4VMdAwIj28aWFAzHtAd0%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d607db2ae9f048b-FRA

GET
H2 200 scriptsellMenu.js Show response
fastshare.live/js/ 7 KB
2 KB 20ms
18ms Script
application/javascript 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/scriptsellMenu.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39a0175c3d0e75062d1c7e9bda482515e7f25a9a63363de116f416afe821526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Dec 2014 13:24:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1529
etag: W/"1d48-50aa5bd380500-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slSfvXmxLU3ouQIP%2BZs1CiXORBN9aG2H44M4z8fC2ix1nW5O8vqwRwKTXwxVik24OsjPZX%2BoQMtrJaMVk%2F6OLzclNaTi0cSezU4YzlCbhGXTlLi2OFszjzkH0H48Sd%2F1MzGI12SCiXkUmazB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d607db2cecc048b-FRA

GET
H2 200 jquery.cycle.all.js Show response
fastshare.live/js/ 51 KB
14 KB 22ms
20ms Script
application/javascript 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery.cycle.all.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b44d975e1e1f0664d0fb8ab5b2918d08e9497324a021aa93de5894cdb586d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Jul 2013 13:55:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1379
etag: W/"cb3b-4e1791a37ce80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIJSCJQDTijtIqes79sPS9Iw2jE12JPwGsrt5Fuf6J4ihvQlKREVcnPtR3LjvdrtcNi6gYF6LChBpnSCfYQQ%2F3UF1GL6BI%2B26UjWglcNACO1B%2FbMLjzAc%2B%2BLSzCEhnnu4UrUcQtUFqmUaKdm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d607db2cecd048b-FRA

GET
H2 200 jquery.validate.min.js Show response
fastshare.live/js/ 41 KB
12 KB 23ms
21ms Script
application/javascript 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery.validate.min.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3412094a8e56da93c6910b03d47b63d0c4b793cd364e7f23a43020198568701a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Jan 2015 14:32:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1528
etag: W/"a383-50d2a6bec7780-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKicJh9Fl9Z7dKSEIPkTm03CjBd3Xd9NiqC5dvIN5qz1d3LFYwCHQNSZE4snonQlfTLUIP4roXbc%2FAwdI7KA9O8TY5lPwUiirHIhLWjd1PtgXfeRrc%2BgD1szZihzARuJSHSTAVSfOgS8oWgX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d607db2cece048b-FRA

GET
H2 200 func.js Show response
fastshare.live/js/ 2 KB
1002 B 21ms
20ms Script
application/javascript 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/func.js?
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e899c9499a4aca16b1687b5f40517cdc2f5b5ab8b066b28f7b7e4aacd21371e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Mar 2019 12:34:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1341
etag: W/"8a2-583e4e9a155c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXXaihYqfpZFdWnwk88DKFTE8HU08ye1%2Fh0CKA7NIwI96U9N%2FRQ0u2iYKxYsANSwiZykujZyZbDINiFiUM8NVsbh%2BEoZ7L6PAX%2Be1SsyH23Iqp2mUTtZDch%2FwSI4r1lawQyxYKlQ5NnIX9m%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d607db2ced0048b-FRA

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 136ms
41ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 12:05:56 GMT
x-content-type-options: nosniff
age: 157345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8800
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 12:05:56 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 130ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 22:52:16 GMT
x-content-type-options: nosniff
age: 118565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8892
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 22:52:16 GMT

GET
H2 200 fontawesome-webfont.woff2
fastshare.live/fonts/ 55 KB
56 KB 16ms
16ms Font
font/woff2 2606:4700:20::681a:877
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:877 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Jan 2015 12:52:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4846
etag: "ddcc-50d3d2535c400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIbjsbgKg59tVDrMs6drnCzrRCkExEob6qfW3bW%2BygYrDdJZ5ddSldj24PsdArDja2CR9BS6W2tpFox8Jfw1znmb2Wn%2FApZCnUzYDOXKpDnldNzDkvteM%2BkT7gPmRJqzr0ZOUOcumk30V9qv"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d607db2dee7048b-FRA
content-length: 56780

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 139ms
47ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 14:22:09 GMT
x-content-type-options: nosniff
age: 149172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8916
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 14:22:09 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v15/ 7 KB
7 KB 163ms
82ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

676fb70994eb3dc2e6aad2e42e8a027c57c069238a606f7e6bf08099f7d3e0f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 14:21:44 GMT
x-content-type-options: nosniff
age: 149197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7176
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 14:21:44 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v15/ 7 KB
7 KB 155ms
77ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59ad4aa0ce622dfa0ec74844ee996f7a1ef879dca71d4c8513a5ed51b7063fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 16:26:06 GMT
x-content-type-options: nosniff
age: 141735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7084
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 16:26:06 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v15/ 7 KB
7 KB 148ms
72ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOXOhpKKSTj5PW.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fb940b87ed9001f6562d79e7121997ea213f0fb27073348dcf30c51285d7c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 16:22:08 GMT
x-content-type-options: nosniff
age: 141973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7240
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 16:22:08 GMT

GET
H2 200 impr Show response
gaa.adscale.de/ 10 KB
11 KB 216ms
175ms Script
text/javascript 99.83.169.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=40c0455c-bc14-4cc6-a5be-dfe45afa7db9&nu=0&t=1686556101603&ssl=1&pos=above&ws=https%3A%2F%2Ffastshare.live%2F&uuid=68932bfe-cc1b-4476-9bfa-4846fffcdf22
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.169.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: e0facfd3e5a4f567807582ac481d2b84d5b5faf19c4829bbfd4d801bda9cf425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: text/javascript
date: Mon, 12 Jun 2023 07:48:21 GMT
cache-control: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-robots-tag: none
content-length: 10402
p3p: CP=NOI PSA OUR

GET
H2 200 userconnect.js Show response
js.adscale.de/ 11 KB
4 KB 8ms
8ms Script
application/javascript 2600:9000:223f:6400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: LHKY0iewf.4PKvriWOzoWjipoYd1SKgR
content-encoding: br
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 07:10:17 GMT
last-modified: Fri, 09 Jun 2023 13:10:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 2284
x-amz-server-side-encryption: AES256
etag: W/"988fbfb6c270a6080f89deb043243858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, stale-while-revalidate=86400
x-amz-cf-id: GFX39ttFWonNOuopB_hxMU9rLgux-qzIrVqYD3OV-PGglwGPoAO6VQ==

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1EF7 0
466 B 171ms
75ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ2M6oAhib07JvMAE&v=APEucNXhiPSlgWhmK5RGbEqaBE-VkXc-XZSCHSX8tKv8ylNcwUlyLimubnNFqVQD_VzPRloLHzJUzY211yNXIER2cY6tjbDdngaWsGT0lDJuwITgT0RzSOxW6NO7BQEnd4wI-wI7PHIPAb_OculURcjRAYQv34X5-pI7m7fcg_dwOimiIFkl0ROKqVDpBPhu-AvA0gRkSue29hUt0AV3TekpyT4-5EL3vsQwjsV8SHVqjSiDwqUkfP4

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 07:48:21 GMT
expires: Mon, 12 Jun 2023 07:48:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3A22 78 KB
28 KB 189ms
93ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 07:48:21 GMT

GET
H/1.1 204
No Content imp Show response
trx.adscale.de/ Frame 3A22 0
163 B 50ms
12ms Script
application/javascript 3.125.12.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trx.adscale.de/imp?ej=Y2RmNzQ3ZTFjNTUzNDdkYiDNc1y46DVVvm0ce2TF2ysC91Fp3YsFZosJKE4AoekfN5ZpCLy9Ml-8OUkrNMfbKVH1XziekRA20lA9QlWriUwgoTZV--JkV78gH3hknbF6FZQAZMvTUmOHDD0LHfPSLma2OlX962RWsjoMOyzL4xxKlFsxjogFOtd3bUlLoo1ML-Y4VOD8JwDnWV98Z4DsKFyFWTiFuUZyiTAxGxSi1hpytmp9qIxqUOxIUnN1zLF_INceGIq2W37cf2ZERvyCUwKxd2r5whkXuF1cdGjMu2Azgk9d1eB_e9cyLiQapdgFEbh_c-XWSU3hBBkIOMyxYTOCXUKG73F-02J6O138glUBtjsjs45IS-BUSQ1kzbVsZdMLAZ-sISaQJix-F6TaAjGqe2S9lhMKslRJGmLHv2Zz0zYFz_F6ZJBuPWgXopNEELxFce3LQ0qjX3hFIo6xN2P9MVPX-W9o0CwIFUP8xVkGj3QypZcGBrdfKi910vxgQ6JBHofkdXblOltmEfDGQnWaeC21hhMTyFk4V3Pd8nZCrFUU1-ByPvxhDGEVu5QVJspnJvXMUF2TEngoe9j4YEKvFHKauDEx0mccQR62mwVglXIT9stUHfAUcC5q__8nWqZBIsf-Zy7cNgNdGq-eVS7IJFCOmkUU7QQ1cTjb7DRIrk0z2uM1cc8-FyJsmqJwCfwJEfbBUQK_bnZQGPTHAkCYKyvF-X0gzAEDInuRjnJiogka_cxTEv0yLRNOpKBCQI4rfpi6OnGYZlRjK4aaYATLeDXM9WpTtEQ9BUrW6AV3rhZB7s8MMtg3WClouI1yIt1zM8z1eECtUnQLCdzsAla4AXK8hVp6jzUVaivwzm0k0WYb0sY2D_xBcBgJyuwJQb0Pbbe0TyKZNBMpJKnBOHOJLUGV0TdS_EZ6REHHtXYS5Ehjr_MVL3r9WY4=
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.12.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-12-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: Mon, 12 Jun 2023 08:48:21 GMT
Cache-Control: max-age=3600
vary: origin
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A22 42 B
401 B 168ms
72ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMW7MmmzK8B207tR3athpXy5Qg0eAxPCy6o49og9mbsskjrO0MrnBx37qMjPHyAUuHaEiK6fMkS06LKTWtePIMKGv1UEakvWT17qBY8JiQEIxmMng

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A22 0
58 B 173ms
78ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12315770389330393064&x=23&ct=76

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userconnect Show response
ih.adscale.de/ 95 B
170 B 49ms
17ms Script
application/javascript 3.120.85.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=Y2ExZWI0MA%3D%3D&cbfn=stroeerCoreConnect&ts=1686556101854&umd=false&gdpr_err=CMP_CALL_FAILED
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.85.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 70072788613bde80533a3cb95d5a16c924011004b1d861093610379370beb859

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:21 GMT
content-length: 95
content-type: application/javascript

GET
H2 200 map Show response
ih.adscale.de/ Frame 6A5F 3 KB
3 KB 18ms
18ms Document
text/html 3.120.85.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.85.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 09138afb7dac7376290f52d4f5d8682090f05677b96a2465714238563297c33e

Request headers

Referer: https://fastshare.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 2633
content-type: text/html;charset=ISO-8859-1
date: Mon, 12 Jun 2023 07:48:21 GMT

GET
H2 200 match.js Show response
js.adscale.de/ Frame 6A5F 4 KB
2 KB 15ms
15ms Script
application/javascript 2600:9000:223f:6400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: B6gb_NztxH3RMAtg2Z2iwIATa9RK.Cck
content-encoding: br
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 07:10:18 GMT
last-modified: Fri, 09 Jun 2023 13:10:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 2283
x-amz-server-side-encryption: AES256
etag: W/"ff7cce9128150bd82f1a709c03692e3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, stale-while-revalidate=86400
x-amz-cf-id: 1II_X9OBwRGq6jDYgaSUY676-UPGv1CFI1wxqiiYgzuhrwBwI6HoBQ==

GET
H2

200

img
ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/ Frame 6A5F
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=ee71fb4292144a0a93f3660c2b2a3af9&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?tpid=101&tpuid=BBID-01-03612701020225408-16942968

49 B
466 B

10ms
10ms

Image
image/gif

3.120.85.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?tpid=101&tpuid=BBID-01-03612701020225408-16942968
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 3.120.85.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Mon, 12 Jun 2023 07:48:22 GMT
content-length: 49
content-type: image/gif

Redirect headers

location: https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?tpid=101&tpuid=BBID-01-03612701020225408-16942968
date: Mon, 12 Jun 2023 07:48:22 GMT
cache-control: private, max-age=3600
access-control-allow-credentials: true
server: nginx

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 6A5F
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=71f2354b521482bc2566681b7...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsi...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZIbNxu14gwTPI9QHDTcaIwAA%261188

49 B
486 B

9ms
8ms

Image
image/gif

3.120.85.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZIbNxu14gwTPI9QHDTcaIwAA%261188
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 3.120.85.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Mon, 12 Jun 2023 07:48:22 GMT
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jun 2023 07:48:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZIbNxu14gwTPI9QHDTcaIwAA%261188
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A22 0
56 B 72ms
71ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4068702364423&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A22 0
56 B 72ms
71ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4068702364423&version=m202301230201&ct=76&x=23&cor=12315770389330393000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3A22 91 KB
37 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOSqJiXnwllSBHLGPzBYlXFLOS7Le-aOhh0JkIGxa4lP5SfIDVd4q7Z_aJ5cP0L_2bbtD60JLP8UtM1XQ0GylqRJAjmhITD82FP5zxLW9VG-L3dRgEfvB2JFqYrqIUfSIIfcS5r3vUQVvAi9cMLKPpk3nYfDAKSFdqLhB_1s5bXpXb42g&dbm_d=AKAmf-CXBwhWmO2Yq-KkbXlvXCgrx0a2hPiTlZrc1CgPAo-mqpe7wy7AQgKWxIZIJp34YS2SVbvIhyHIzLWQJq5kehkd4t5m6F-YTzyn5iuf_xy2ip1yFz2g1WcHYfLn2qbj1vZi3kEi6iKCXOXGXus1eMRlAQkTI5hDSXxgk9q-NXILE-Mo_AvMryk4oQxhv9e_w0zDAyq3Drcq_awxixyPHsszfEWBNDJpkghrGrdCe5eR8vigE8CZDySYo4X1gK0O2dxahhTHwjY4kOkNM4s8kpDvUZFPgw4Flm8J1XqLA4rKuLhoZfu4GiWFS3Jn6RXW744PVZ92Ngi2klM45CYeFvAfaiPikzRrLwi7ZlN8m21pA2dddJ-cUAglkMwWNOBMQRerBuLcfAeUSn65d_bQVDpqFVHAeQsiQpRdDy8Nd_YQrBIdMR4ODZzam3VxLCTi03cuvad9XSz6h3I6ye8sfC6X4hQ3o0E-aOYA5AfgSaG_bKxoSWxTK4PqyMBTCnKZmR4-_JLZSf6Xl1ScUpK3Kbi_kWGGD2iCtZ0m8DnmdsElSTe4p_FA1fiRGwA3LxwfUYUfRJinIwmk_kKD9CorOUjs8Zs4j0IYJaZO7FTyucJoh_LwSC1W_jh9809ys_RRIzjiKu3GmkfhmbsIxHTZwUiJxq2xErfuM4QrhnT3CT9QgcqAfMWqI3CKSmtZAogTodmT-qelcrLof2zGuky4Fg8oNW7BBSBQr63vNDrQJJ8PJLDpRh2CJkSDgW3FZ801MpZMiLR6xr-IJPFPeIvbmWvlfpoxtVrUuFZxaQb1OZGQV6aNbY2-1i423Cx2CRLINwOCo7Fn09XLmVqI1CcOUMMdZfUnIo4jOghz1O94-KpGi9dj5kCTUYRIe_E6W2uCEQ4EDqVM6ldUf09LaUG-Cl9RvduBsWK7H0g5abZwSs-eraJHDeMEL1s_bK0KKBmO7B43chMEJn7vRMryQpzrNeqguK5GDxSZ-tKnylT3wA-kFoz9C433Aj0RA-F1BwIBYkEYfM1W8AEwgM2XWbzglasqmiozhi-ihiKW4WmrGPy2UTdnYi292hl_TMrKD4AH1WRmKLw4UAvermBO49s8A-vL-qgOj1XHZk9-Eh3q6o5JplbgzC0eLzFiUzJTh4Dn5f6K7UPZ3F6DjDQ7Q140AMJGBXK7fhV428sN8fUKTI_1y_hPUoLqb724gSYE7R8JRSIUuazO_SeXxPX0HfCxa2oB1--npfUsMv0xJpxxiycp_3C-oQwEpk3CyUaMrkmM7s3owkfqNeW4exqbpN--nlQXX8BfPVy1-bkoI2nwj-yD9_3sjGlTtMqvGFiFu9fZ7KK-UTUVapU09vJDZA4wvFNeDNRVghcw1o1y1-T4XprwgVL8sTq9GkrSqJv7NP0ko3EnYj9xR47Ld3uI3Ktf-Bkp8qkW3BeJJ1DvB0Ujxmg_M-BThvCvXATmhg0rDz7wpf7L9GwTR2PU8DABdktgvvg6oJ8QpbG-rZr2mdP94Tl8-oddFmQXvP1TacT9lTHbiNP9woPaU3nbxfp_oWywxu2PRQiLNv_lWhljUZWfAOfy6Zasj_nn4zM9czSTgW5HlpErbI0cMuKybnn6Wc7HXLe0y7iHmHipOFEcnOSiY2yEB75-QtJM_HdzzNbDlqy9FOvSWls7Y8V8KTWPMtaHEgwfESgLEbvoImep5jNlpW6k3sVjgOkVY-4UDIFPbLnd9RXqYnkhZXSVs9kMDI-mznWDYt8qupskpxGbCX2dDAAPU_c4Dt-wB2eo8ST1HSkWXh_5LoMAEY-7sANuiyI3ynw1sPuGF51nnb8Z0b9VPlfUAhkgAe_ob2DCZuK3dmUrSjrur67Wa7e8zKKDYvnkGwITLXC_CDYqWL73zwkMugxuoqMwytVfzJOs1cw1hY5RcyhCJlfQjMCS0CV_eL0z54aUKIEVHLLXZtNe9n4xH4PW0hNtH9UepIagmHCXaTa_KHu4HjS4QNgy8TEKK6x7EjG8z6jjCyytBOFHdE1f4zZPQuiyH_YaAITCkJ6NwyQ5STsCy7CLoNdKlfXGqtNDTnsIZ0co-JNpn121R_eRiJ0XpH3FggF_huxdUvAFU_OTeL12cr3ph8zh4AqNov2CTRidXKeR3wwYJFwB1c3NTjqPJKB92WRy52Ov4Bil5B4vbwIH09x6FqAQevmSXc7yPaC33oXDid6Vv_jxTGF5QhZcTZtZUNdzR2SqMj8FBz1xgQWgiJbPRwJoLCZutfTLX_5F5PucoM-yM2rXO6b3BHQNNGW6QLIxeQMdPuipF-IGVJob7SnAnGdoM0hH6cWtmb6B_NC7yRVjy2BZOhv5DQfJHDN_O5pC7mUkg9IDCTGN96iLp3014rHYhP5wfXERA2oyFGuo_BlNqrU95RCz0wByWS3iJCyRtL2xiuRQQiGU62-AXb6XmbJFw02SMNC7ovthe_Af8_-4ViXv0FpbrHA-5a_Hb-OwRwNGqAvPO1ZCm-5qUMD44nWtcHIKyapZtPwEWT7qkYzHohxkXw8gVi6ReYcoDgrmyb4M-GE9mG90UdzaX_iHOnmJdJMgwDqvxXQ8GgtOMYNoSIm-PureCh3QGE83c-y4DHUXfQMtjhmmHaBHm_fkBXFyxI3HIhnIc3P_hXligaMpatcJJodhScUjK75wZZdzmCqoLWYa_IrvTAdWWZCwxreXjjnUQGTo7IcYCkvC0HrI6-hLFkQVDe8mhKx1DSRu_In7HOuemvflC-D6xgynl_6qySrA3QpAdny0d8obJKvQE9nVEAKkPRxZ73GUadDqBmNPsgJ1aVKXUOCEv6XiAZ98pAuW1hzxbyTp9EHTXZaffqTNahIMQPz-sO63wTNJodhqpnRUKEMDvX3VCRXRSK_F6cnDl6a_YSWFlo5uGBqA1cgRUWh_j_t0fGhLnqSOIzqmkdMaZe-nqcvmNtNFT7EnuMhQF0LQzw2SRtmGcYifQbQaev9x5WMhihhf8HnkZSYCjTNKKuHRWUe8DRxfTYR1Ehb-yLSiUp-1KSliSTyQMp1k1MmhoLCQhr0b2G9L926xcFnni4sW2CtMe8Pub9uHbOgeuoC3kDqz7y-aVUzpHro0lSa-891KhToW-wUQN7yrbmAa4H1HCJlgB_WGU2_pkwZoEDp-qGSQtHPZPY2ne9iWo7xzYhTlxkaFW-VXKAg8Plgwha4GyLk1RWmaSur0FXaT_5f075jINg7TsyAPLbaMYB4HFbwqDMpVSto&pr=23%3AMWM5ODMyZmMzZTAzNDI0ZjyZvZ5lBu6T8wfwBA&cid=CAQSGwBygQiD6D-eL7P11U4JLLtw0rNOeBFSyztixhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ffastshare.live%2F&ds=l&xdt=0&iif=1&cor=12315770389330393000&adk=3695998273&idt=213&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

767cc77d6ceda31c77a4b83c3153d69045643e9b369558a91e385c98769fdee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37528
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6A5F 70 B
265 B 105ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adscale&ttd_tpi=1&uid=9bd8f17123dc44278a06b5b21f7cdbf9a2407c858b7783e64b3ef44306d54bd5&tpid=60&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fimg
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 12 Jun 2023 07:48:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

img
ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/ Frame 6A5F
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=72d8301d1a9e5ea5598abfa2ac4de918c15cb959b38666796043efca89640c3c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144...
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=72d8301d1a9e5ea5598abfa2ac4de918c15cb959b38666796043efca89640c3c&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a89...
https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?tpid=42&tpuid=3982707528119929119

49 B
496 B

18ms
18ms

Image
image/gif

3.120.85.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?tpid=42&tpuid=3982707528119929119
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 3.120.85.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Mon, 12 Jun 2023 07:48:22 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?tpid=42&tpuid=3982707528119929119
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3A22 170 KB
59 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Jun 2023 07:18:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/ Frame 3A22 11 KB
4 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOSqJiXnwllSBHLGPzBYlXFLOS7Le-aOhh0JkIGxa4lP5SfIDVd4q7Z_aJ5cP0L_2bbtD60JLP8UtM1XQ0GylqRJAjmhITD82FP5zxLW9VG-L3dRgEfvB2JFqYrqIUfSIIfcS5r3vUQVvAi9cMLKPpk3nYfDAKSFdqLhB_1s5bXpXb42g&dbm_d=AKAmf-CXBwhWmO2Yq-KkbXlvXCgrx0a2hPiTlZrc1CgPAo-mqpe7wy7AQgKWxIZIJp34YS2SVbvIhyHIzLWQJq5kehkd4t5m6F-YTzyn5iuf_xy2ip1yFz2g1WcHYfLn2qbj1vZi3kEi6iKCXOXGXus1eMRlAQkTI5hDSXxgk9q-NXILE-Mo_AvMryk4oQxhv9e_w0zDAyq3Drcq_awxixyPHsszfEWBNDJpkghrGrdCe5eR8vigE8CZDySYo4X1gK0O2dxahhTHwjY4kOkNM4s8kpDvUZFPgw4Flm8J1XqLA4rKuLhoZfu4GiWFS3Jn6RXW744PVZ92Ngi2klM45CYeFvAfaiPikzRrLwi7ZlN8m21pA2dddJ-cUAglkMwWNOBMQRerBuLcfAeUSn65d_bQVDpqFVHAeQsiQpRdDy8Nd_YQrBIdMR4ODZzam3VxLCTi03cuvad9XSz6h3I6ye8sfC6X4hQ3o0E-aOYA5AfgSaG_bKxoSWxTK4PqyMBTCnKZmR4-_JLZSf6Xl1ScUpK3Kbi_kWGGD2iCtZ0m8DnmdsElSTe4p_FA1fiRGwA3LxwfUYUfRJinIwmk_kKD9CorOUjs8Zs4j0IYJaZO7FTyucJoh_LwSC1W_jh9809ys_RRIzjiKu3GmkfhmbsIxHTZwUiJxq2xErfuM4QrhnT3CT9QgcqAfMWqI3CKSmtZAogTodmT-qelcrLof2zGuky4Fg8oNW7BBSBQr63vNDrQJJ8PJLDpRh2CJkSDgW3FZ801MpZMiLR6xr-IJPFPeIvbmWvlfpoxtVrUuFZxaQb1OZGQV6aNbY2-1i423Cx2CRLINwOCo7Fn09XLmVqI1CcOUMMdZfUnIo4jOghz1O94-KpGi9dj5kCTUYRIe_E6W2uCEQ4EDqVM6ldUf09LaUG-Cl9RvduBsWK7H0g5abZwSs-eraJHDeMEL1s_bK0KKBmO7B43chMEJn7vRMryQpzrNeqguK5GDxSZ-tKnylT3wA-kFoz9C433Aj0RA-F1BwIBYkEYfM1W8AEwgM2XWbzglasqmiozhi-ihiKW4WmrGPy2UTdnYi292hl_TMrKD4AH1WRmKLw4UAvermBO49s8A-vL-qgOj1XHZk9-Eh3q6o5JplbgzC0eLzFiUzJTh4Dn5f6K7UPZ3F6DjDQ7Q140AMJGBXK7fhV428sN8fUKTI_1y_hPUoLqb724gSYE7R8JRSIUuazO_SeXxPX0HfCxa2oB1--npfUsMv0xJpxxiycp_3C-oQwEpk3CyUaMrkmM7s3owkfqNeW4exqbpN--nlQXX8BfPVy1-bkoI2nwj-yD9_3sjGlTtMqvGFiFu9fZ7KK-UTUVapU09vJDZA4wvFNeDNRVghcw1o1y1-T4XprwgVL8sTq9GkrSqJv7NP0ko3EnYj9xR47Ld3uI3Ktf-Bkp8qkW3BeJJ1DvB0Ujxmg_M-BThvCvXATmhg0rDz7wpf7L9GwTR2PU8DABdktgvvg6oJ8QpbG-rZr2mdP94Tl8-oddFmQXvP1TacT9lTHbiNP9woPaU3nbxfp_oWywxu2PRQiLNv_lWhljUZWfAOfy6Zasj_nn4zM9czSTgW5HlpErbI0cMuKybnn6Wc7HXLe0y7iHmHipOFEcnOSiY2yEB75-QtJM_HdzzNbDlqy9FOvSWls7Y8V8KTWPMtaHEgwfESgLEbvoImep5jNlpW6k3sVjgOkVY-4UDIFPbLnd9RXqYnkhZXSVs9kMDI-mznWDYt8qupskpxGbCX2dDAAPU_c4Dt-wB2eo8ST1HSkWXh_5LoMAEY-7sANuiyI3ynw1sPuGF51nnb8Z0b9VPlfUAhkgAe_ob2DCZuK3dmUrSjrur67Wa7e8zKKDYvnkGwITLXC_CDYqWL73zwkMugxuoqMwytVfzJOs1cw1hY5RcyhCJlfQjMCS0CV_eL0z54aUKIEVHLLXZtNe9n4xH4PW0hNtH9UepIagmHCXaTa_KHu4HjS4QNgy8TEKK6x7EjG8z6jjCyytBOFHdE1f4zZPQuiyH_YaAITCkJ6NwyQ5STsCy7CLoNdKlfXGqtNDTnsIZ0co-JNpn121R_eRiJ0XpH3FggF_huxdUvAFU_OTeL12cr3ph8zh4AqNov2CTRidXKeR3wwYJFwB1c3NTjqPJKB92WRy52Ov4Bil5B4vbwIH09x6FqAQevmSXc7yPaC33oXDid6Vv_jxTGF5QhZcTZtZUNdzR2SqMj8FBz1xgQWgiJbPRwJoLCZutfTLX_5F5PucoM-yM2rXO6b3BHQNNGW6QLIxeQMdPuipF-IGVJob7SnAnGdoM0hH6cWtmb6B_NC7yRVjy2BZOhv5DQfJHDN_O5pC7mUkg9IDCTGN96iLp3014rHYhP5wfXERA2oyFGuo_BlNqrU95RCz0wByWS3iJCyRtL2xiuRQQiGU62-AXb6XmbJFw02SMNC7ovthe_Af8_-4ViXv0FpbrHA-5a_Hb-OwRwNGqAvPO1ZCm-5qUMD44nWtcHIKyapZtPwEWT7qkYzHohxkXw8gVi6ReYcoDgrmyb4M-GE9mG90UdzaX_iHOnmJdJMgwDqvxXQ8GgtOMYNoSIm-PureCh3QGE83c-y4DHUXfQMtjhmmHaBHm_fkBXFyxI3HIhnIc3P_hXligaMpatcJJodhScUjK75wZZdzmCqoLWYa_IrvTAdWWZCwxreXjjnUQGTo7IcYCkvC0HrI6-hLFkQVDe8mhKx1DSRu_In7HOuemvflC-D6xgynl_6qySrA3QpAdny0d8obJKvQE9nVEAKkPRxZ73GUadDqBmNPsgJ1aVKXUOCEv6XiAZ98pAuW1hzxbyTp9EHTXZaffqTNahIMQPz-sO63wTNJodhqpnRUKEMDvX3VCRXRSK_F6cnDl6a_YSWFlo5uGBqA1cgRUWh_j_t0fGhLnqSOIzqmkdMaZe-nqcvmNtNFT7EnuMhQF0LQzw2SRtmGcYifQbQaev9x5WMhihhf8HnkZSYCjTNKKuHRWUe8DRxfTYR1Ehb-yLSiUp-1KSliSTyQMp1k1MmhoLCQhr0b2G9L926xcFnni4sW2CtMe8Pub9uHbOgeuoC3kDqz7y-aVUzpHro0lSa-891KhToW-wUQN7yrbmAa4H1HCJlgB_WGU2_pkwZoEDp-qGSQtHPZPY2ne9iWo7xzYhTlxkaFW-VXKAg8Plgwha4GyLk1RWmaSur0FXaT_5f075jINg7TsyAPLbaMYB4HFbwqDMpVSto&pr=23%3AMWM5ODMyZmMzZTAzNDI0ZjyZvZ5lBu6T8wfwBA&cid=CAQSGwBygQiD6D-eL7P11U4JLLtw0rNOeBFSyztixhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ffastshare.live%2F&ds=l&xdt=0&iif=1&cor=12315770389330393000&adk=3695998273&idt=213&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:43:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:43:41 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 3A22 29 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11256
x-xss-protection: 0
server: cafe
etag: 10389968670829887652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:44:54 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A22 41 KB
15 KB 137ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 07:39:33 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 6A5F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=3b85349e-c134-440c-b1db-4f5637208534

49 B
518 B

10ms
10ms

Image
image/gif

3.120.85.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=3b85349e-c134-440c-b1db-4f5637208534
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 3.120.85.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Mon, 12 Jun 2023 07:48:22 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=3b85349e-c134-440c-b1db-4f5637208534
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1430391
content-length: 0
expires: Mon, 12 Jun 2023 00:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D426 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 177855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 06:24:07 GMT
expires: Sun, 09 Jun 2024 06:24:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A22 175 KB
55 KB 135ms
51ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 07:48:22 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2788831680616817051/ Frame 8E56 4 KB
1 KB 126ms
47ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2788831680616817051/index.html?e=69&leftOffset=0&topOffset=0&c=MtVJrhdEaB&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1050165dcc099defdc2401c20a0083d6784c21e46ef87ef1cfb310794cfa1494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1412
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 07:48:22 GMT
expires: Tue, 11 Jun 2024 07:48:22 GMT
last-modified: Fri, 30 Apr 2021 15:11:59 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3A22 0
0 195ms
90ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmzzBE09yDc9MJkqgav-o84D46WXoklOGdNSpOkVrvWEUWK4wRj7t76ESgvQtwdoV0ViSwzqIsElvNI2Hh0zC85vtA4Hu_E9NfDjwkfdTMI0mos5F8y4n66PBhsqdrI_fJDMiU1CCePyuCduBCN8AdwCu1huMxo0SM0mmFfcKf6zjMxt-5QZTpssYReVPoSguV1V94Wx3FOnyDfsXLMdrIH_y_vUgzFIdpoQGn6_NL8r0dFwiBt89QKIOf8ykH2H0xleoKTSt-RIkKuL4tz6yHnpnvXGwt1UIqdETX3um9VZIGn0zlq2L3amyyhE8EVIo-olUkClMH4clx09gYgdnPnveoYNXZ9bjwoFDIpcg3dU-CjIr_8dgBS_1c9yvksDd5Do8KdxaRFTL2qSVDPph4AdaBRdEyJlHBuH3VUiKs1KMS3LaxDjgeBeJkHzJXQlPU9T14rLNohY27AWXd8xNS2bUhAK-G0UZD6DnApWqh8I1jH1ffBRUvC1HqzTt676gKYQ-qddGI5ZRgnl9u0N9wrB_P7PrwSzlMWBl8JvhrvmBeM3Akdbx_uYVkRgIO35tmwR_sT9eJge9DQGAXbID1AnC8VVqPrwa3xuieySGJl0j6lQsMl8eDuNzFohtoQtn5fFVQIsh7IDkIZ7jy8-6WokBTqK78BuYzzGbsxLv4S-y83QyZAOUFixU0RAvgwAMfkID6mT-sGD-mvZNRTOH4Zzf-YPlZ5eTjDQP0jtud3FIV7zjDPSE2VbkfNdjmxTZTfeqUDXj-yF6RWc0Wo_0ealeaA-nxk_s03ZMl-TagH8lCvMbJQzvhR3KFNwfYFz4CxS9zFQugEr7xSN9gk8o4MM2riVYlI4_4H-reWgD5e1YoU0wlJSIuNCUyikZDyryBvB50chXHHs8b6XCbNdRgUi1tgynu41rSxq7uXNDv_CehSO9CQL1l3iadfHkKe31vJaiCIEvHgXmQVF6HiyJKr_wjAv9tDttkcQ86zhIhitarQ2RDVruZ9L-qFA9lGDwYCcfkeoyfxSk4DZvFscev1wya3ZIo-L40G3UJFlHoXT40g6EoD4AqtLM_9kdTw6xLbOPqPNt3XHb_ySvPivgjE_ZQu2X3xOPXXC7rLgH_L6f3UBSTI-QaL-jjrwRcQ_eORg09ACqR-SxhWrqr_EXmG7QeCjMCaZI0HrZKMsD5CYsJmJJ8uOPZHlPhcJJXTbrlmqRR41sDZDvlrzTaKQfg_SqWtcr34A&sai=AMfl-YQ6RuISL3ONAMKQrcH_Tq_67jLXtb1KoW2QWsxiz77nGZpLUmIaYQ5hpXr2zKc-zO1PBED4Af7YwO0CdhocLUgs5kTcy35C5yrQfkB4zi5WlkK1hPxm21g-naw0fRBfpZT20n-eAs31D7ACqc73W6BXJH9anWw1kZryWPbLs7vEwbio7FsCO6nSBNzfTNepBFSv-W2fxMVp&sig=Cg0ArKJSzGK3ZHyaAFyCEAE&uach_m=[UACH]&pr=23:MWM5ODMyZmMzZTAzNDI0ZjyZvZ5lBu6T8wfwBA&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=195&cisv=r20230607.80223&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 12 Jun 2023 07:48:22 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 12 Jun 2023 07:48:22 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 6A5F 43 B
442 B 61ms
25ms Image
image/gif 185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=b25388f9584fc3a735e1f4e46f7ed7be8ecb11c47baa84dd329e28aea84cbf3d&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46a8910144c46d17e41a%2F1686556101921%2F0%2Fimg
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 986 b247903 master cdg cdg-pixel-x29 config_version:"3795" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 07:48:22 GMT
Server: MT3 986 b247903 master cdg cdg-pixel-x29 config_version:"3795"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 12 Jun 2023 07:48:21 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame D426 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 14:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jun 2024 14:44:40 GMT

GET
H2

200

img
ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/ Frame 6A5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=a5c4b59ed7d994e3d0776b84817e4efb79fd9ca9abea07d9d911219deeef466a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F420...
https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?uid=a5c4b59ed7d994e3d0776b84817e4efb79fd9ca9abea07d9d911219deeef466a&tpid=38&tpuid=CAESEJU04EMjyHHveNzP0VzfTak&google...

49 B
537 B

8ms
8ms

Image
image/gif

3.120.85.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?uid=a5c4b59ed7d994e3d0776b84817e4efb79fd9ca9abea07d9d911219deeef466a&tpid=38&tpuid=CAESEJU04EMjyHHveNzP0VzfTak&google_cver=1
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 3.120.85.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Mon, 12 Jun 2023 07:48:22 GMT
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/img?uid=a5c4b59ed7d994e3d0776b84817e4efb79fd9ca9abea07d9d911219deeef466a&tpid=38&tpuid=CAESEJU04EMjyHHveNzP0VzfTak&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8E56 57 KB
23 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2788831680616817051/index.html?e=69&leftOffset=0&topOffset=0&c=MtVJrhdEaB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2788831680616817051/index.html?e=69&leftOffset=0&topOffset=0&c=MtVJrhdEaB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Jun 2023 07:48:22 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 8E56 110 KB
38 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2788831680616817051/index.html?e=69&leftOffset=0&topOffset=0&c=MtVJrhdEaB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2788831680616817051/index.html?e=69&leftOffset=0&topOffset=0&c=MtVJrhdEaB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Jun 2023 20:32:47 GMT

GET
H/1.1 200
OK polite.js Show response
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/ Frame 8E56 85 KB
86 KB 252ms
45ms Script
application/javascript 52.218.44.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/polite.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2788831680616817051/index.html?e=69&leftOffset=0&topOffset=0&c=MtVJrhdEaB&t=1&renderingType=2&ev=01_250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.44.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b2dc8641cae7c9da5e18a7136802a48be4d9aa19368eeb606e01f6158e9577b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 07:48:23 GMT
Last-Modified: Wed, 23 Nov 2022 14:43:22 GMT
Server: AmazonS3
x-amz-request-id: S86B4BKQHHM4A58D
ETag: "435dc186bf88171b2fb4446a3eef3a74"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 87538
x-amz-id-2: OLn3WvonmqKeNhF9eyT4NkhEB5NAG/JMgZUbEpgYJ+woT+U9qyCjEyhcZG3W3XJQPPfiZyihuAA=

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D426 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt7jBxs2GZO7aBfOn9u8PtpmWWAAAAAA4AeAEAg&bg=!aGulaz_NAAaGYqkwpmI7ADkAdvg8Wlg1SREzO40l8vZU-3AIL_7Esz-vk5L-jGmFVfaOiMksxrZrdfWV_-9CT7QiEUgNNMCrMyMCAAAAY1IAAAADaAEHmQL7DXeDedgdLe2-Sghqhdz4XZ2KlD5s9_mAIupYIBo9fzJy2wD0Hd8oDbUimffc3sYGg8ykKhyvBIeGH_EEF9RnvhFZEyqfyAT6ZYPI8_4cYGr9u48cZ481zXtFSVHDMrZoiNX7Z9eJ4HAbp--9ZkUfRvJA8suOWTkpE8HYO2e4_8Bi3-mlkhAKLFKkYfAk67_3DJkG8ulYb97yfcSZM__u-JNWGqyWcoTml_3qVpVspnjeURawT3QdOB8KhupFF6UKEbyXVE2mVLU73thm98RxTRrW3fe_gbuTE7XLgqhL_GWZ_6xVW8ho7SBN4YwyGgHLk4HanvDzXAFeUxxppxoksmNs8qvov64kh5MEJiXxeC8UTN9Nno09XUXfHOT5vUgcWPly039lyq_dl9iToz_aEBwXOymM57e8AWRkOlehSTZjGseTaRTJUbQgYp8kKgByEt9GaJ42gIAghhEsomhVhzJHUlWybvfR6EArb1yUeFV2SU2FXBaTGeQENbpDatc6yUXEf_fD0XjVTYRz6H0BQReq60j_Gnur_BuW5V1xEx6q5tirLcPa2FWjiz4Gh20ThPmObY3ZGU2IE_B0GzIwGvAk11ONPbtpj3riWYGmhibiuQTuat52S2NZtfLUVXC5uuYi6VvrO5twg1rFgYGw3uIrCs6Disj604_CuJD6iYVM1K2McXlLVuuOHNryfLiKnJNrYUApS197sct2aZXKsmyc6nblTitSNo_yMSAZo8AFpZWu3CFj8H8846geapovz7B29NkYRmwhkfhhzJvmz_bzqugVPn2avPrXbLCoE1vngZqBCGCyDU9dCjpVr8O9c1hp988Ltdo9Rgq2VJy78v9CMhLPws-pNcUsPiJe1DNVNhjwhhHsEWQqD5OzFNwStr5zf86VHrBvPPPRFUMG-y28EbSDkf-vTgdKKt27g3Jo-bVv5fMTiPziYaLkfsH8CpOY-xRsJM71_WRt0x3nXKafzYj99DlJoE04wxkH29bxwaMIbfNHTd7ugw

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

js Show response
ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/ Frame 6A5F
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=7e8db0ee6d1f085c8283c2d066369ad2ac7be30ce9194d6e430681a393fe7f09&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=7e8db0ee6d1f085c8283c2d066369ad2ac7be30ce9194d6e430681a393fe7f09&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4208d41e352a46...
https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/js?tpid=48&tpuid=510f7384ccb865e43b5f5a6bf1e6bc42

44 B
554 B

9ms
9ms

Script
text/javascript

3.120.85.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/js?tpid=48&tpuid=510f7384ccb865e43b5f5a6bf1e6bc42
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1
Protocol: H2
Server: 3.120.85.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b4059bde1907b5baf447e190cce3dcce7116814373b985683fde4ca11acecedd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Mon, 12 Jun 2023 07:48:22 GMT
content-length: 44
content-type: text/javascript

Redirect headers

location: https://ih.adscale.de/sium/4208d41e352a46a8910144c46d17e41a/1686556101921/0/js?tpid=48&tpuid=510f7384ccb865e43b5f5a6bf1e6bc42
date: Mon, 12 Jun 2023 07:48:22 GMT
content-type: text/plain; charset=utf-8
content-length: 147
vary: Accept
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8E56 7 KB
6 KB 161ms
83ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff053b557efb62da3a0e423cdb5cad6d0497f0f574aaa2d77d1f2fa71460287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5635
x-xss-protection: 0

POST
H2 200 sium
ih.adscale.de/ Frame 6A5F 0
0 11ms
11ms Fetch
application/json 3.120.85.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.85.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-85-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Mon, 12 Jun 2023 07:48:22 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3A22 0
0 78ms
77ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmzzBE09yDc9MJkqgav-o84D46WXoklOGdNSpOkVrvWEUWK4wRj7t76ESgvQtwdoV0ViSwzqIsElvNI2Hh0zC85vtA4Hu_E9NfDjwkfdTMI0mos5F8y4n66PBhsqdrI_fJDMiU1CCePyuCduBCN8AdwCu1huMxo0SM0mmFfcKf6zjMxt-5QZTpssYReVPoSguV1V94Wx3FOnyDfsXLMdrIH_y_vUgzFIdpoQGn6_NL8r0dFwiBt89QKIOf8ykH2H0xleoKTSt-RIkKuL4tz6yHnpnvXGwt1UIqdETX3um9VZIGn0zlq2L3amyyhE8EVIo-olUkClMH4clx09gYgdnPnveoYNXZ9bjwoFDIpcg3dU-CjIr_8dgBS_1c9yvksDd5Do8KdxaRFTL2qSVDPph4AdaBRdEyJlHBuH3VUiKs1KMS3LaxDjgeBeJkHzJXQlPU9T14rLNohY27AWXd8xNS2bUhAK-G0UZD6DnApWqh8I1jH1ffBRUvC1HqzTt676gKYQ-qddGI5ZRgnl9u0N9wrB_P7PrwSzlMWBl8JvhrvmBeM3Akdbx_uYVkRgIO35tmwR_sT9eJge9DQGAXbID1AnC8VVqPrwa3xuieySGJl0j6lQsMl8eDuNzFohtoQtn5fFVQIsh7IDkIZ7jy8-6WokBTqK78BuYzzGbsxLv4S-y83QyZAOUFixU0RAvgwAMfkID6mT-sGD-mvZNRTOH4Zzf-YPlZ5eTjDQP0jtud3FIV7zjDPSE2VbkfNdjmxTZTfeqUDXj-yF6RWc0Wo_0ealeaA-nxk_s03ZMl-TagH8lCvMbJQzvhR3KFNwfYFz4CxS9zFQugEr7xSN9gk8o4MM2riVYlI4_4H-reWgD5e1YoU0wlJSIuNCUyikZDyryBvB50chXHHs8b6XCbNdRgUi1tgynu41rSxq7uXNDv_CehSO9CQL1l3iadfHkKe31vJaiCIEvHgXmQVF6HiyJKr_wjAv9tDttkcQ86zhIhitarQ2RDVruZ9L-qFA9lGDwYCcfkeoyfxSk4DZvFscev1wya3ZIo-L40G3UJFlHoXT40g6EoD4AqtLM_9kdTw6xLbOPqPNt3XHb_ySvPivgjE_ZQu2X3xOPXXC7rLgH_L6f3UBSTI-QaL-jjrwRcQ_eORg09ACqR-SxhWrqr_EXmG7QeCjMCaZI0HrZKMsD5CYsJmJJ8uOPZHlPhcJJXTbrlmqRR41sDZDvlrzTaKQfg_SqWtcr34A&sai=AMfl-YQ6RuISL3ONAMKQrcH_Tq_67jLXtb1KoW2QWsxiz77nGZpLUmIaYQ5hpXr2zKc-zO1PBED4Af7YwO0CdhocLUgs5kTcy35C5yrQfkB4zi5WlkK1hPxm21g-naw0fRBfpZT20n-eAs31D7ACqc73W6BXJH9anWw1kZryWPbLs7vEwbio7FsCO6nSBNzfTNepBFSv-W2fxMVp&sig=Cg0ArKJSzGK3ZHyaAFyCEAE&uach_m=[UACH]&pr=23:MWM5ODMyZmMzZTAzNDI0ZjyZvZ5lBu6T8wfwBA&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=661&vt=11&dtpt=455&dett=3&cstd=195&cisv=r20230607.80223&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jun 2023 07:48:22 GMT

GET
H/1.1 200
OK logo-joyn.svg Show response
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 8E56 864 B
1 KB 124ms
64ms Fetch
image/svg+xml 52.218.44.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/logo-joyn.svg
Requested by: Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/polite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.44.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 07:48:23 GMT
Last-Modified: Mon, 04 May 2020 20:14:51 GMT
Server: AmazonS3
x-amz-request-id: S860QMJ4Y7RMKXAW
ETag: "4cfbd49bbe5134d80e544db8176b5503"
Access-Control-Max-Age: 0
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 864
x-amz-id-2: 1DH5p4RW5OY+usuJYAX6lzjO3/fKsVSlWhpK9kuKAC4f4xhpPzeOUJL6b2lsTJVTbpuV3+uG/Bo=

GET
H/1.1 200
OK baseanimation_tt.js Show response
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/ Frame 8E56 26 KB
26 KB 39ms
39ms Script
application/javascript 52.218.44.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/baseanimation_tt.js
Requested by: Host: joyn-creative-hosting.s3-eu-west-1.amazonaws.com
URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/javascript/polite.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.44.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f456fcb9ff0a5001fc1e5490ac6b00a1ca581be18ce01842b3f4a70e1924396f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 07:48:23 GMT
Last-Modified: Wed, 23 Nov 2022 14:42:48 GMT
Server: AmazonS3
x-amz-request-id: S867HAY5PM4SJ4SE
ETag: "2aab14abba3899a9aad7a13aacfd926a"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 26501
x-amz-id-2: mXK7IRjzOrfLHDCsSnHMQ0O8bMViXk1J5lhnlwxNT3ku/rOAkjMGUvZRqtBNqKpHNOMMylV5lv8=

GET
H/1.1 200
OK logo-plus.svg
joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/ Frame 8E56 1 KB
2 KB 91ms
52ms Image
image/svg+xml 52.218.44.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joyn-creative-hosting.s3-eu-west-1.amazonaws.com/sender/logo-plus.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.44.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f9272dfdf03239cf58af5784397ea6611f8a902c28d21c6a1735b77507283c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 07:48:23 GMT
Last-Modified: Mon, 04 May 2020 20:14:51 GMT
Server: AmazonS3
x-amz-request-id: S8655591PFTPSX16
ETag: "6d3478b94a6fd3697605ca78e6f49b56"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1416
x-amz-id-2: 4dSFNghpdD++lCYZKGbG91A7PGViT8y8j4EJ1pugg3M32zDWo9ItD9FiMfiT+sTQlaeSAExamaA=

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E56 17 KB
6 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 07:48:22 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 53FE 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 14:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jun 2024 14:44:40 GMT

GET
DATA 200
OK truncated
/ Frame 8E56 18 KB
18 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44718d713af08035d3f9d246d249df63ed5d433a1d8571429241de984c0c4dd7

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3A22 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHmL5mzeAxFFCjjZFZIaN0IdN997HQ7hDr6NzWCgYsMWGQgH8Wu8TYX_Uhukm4DHS0vnZOaGrVeIXLdANq2lSAzjzxmJupnZo&sig=Cg0ArKJSzAg8MJP7dNhkEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230607&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686556101827&rpt=829&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A22 0
20 B 72ms
71ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4068702364423&version=m202301230201&ct=76&x=23&cor=12315770389330393000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 07:48:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fastshare.live/	1970-01-20 22:05:16	Name: FS_msg Value: 465f751c637a5a95718c5472b68d19666e6404e8
.fastshare.live/	1969-12-31 23:59:59	Name: PHPSESSID Value: 15mc2d8sqneuakg050otjt15s0
fastshare.live/	1970-01-20 21:14:52	Name: popupseen29 Value: true
.fastshare.live/	1970-01-20 22:05:16	Name: lang Value: cs
fastshare.live/	1970-01-20 22:05:16	Name: FS_bd Value: bbae4d0175f6800f75c8cff6fe9fa48fe556a460
.adscale.de/	1970-01-20 21:11:32	Name: cct Value: 1686556101815
.adscale.de/	1970-01-20 21:11:32	Name: uu Value: ee71fb4292144a0a93f3660c2b2a3af9
.casalemedia.com/	1970-01-20 21:14:52	Name: CMID Value: ZIbNxu14gwTPI9QHDTcaIwAA
.casalemedia.com/	1970-01-20 14:38:52	Name: CMPS Value: 1188
.casalemedia.com/	1970-01-20 14:38:52	Name: CMPRO Value: 1188
.doubleclick.net/	1970-01-20 21:50:52	Name: IDE Value: AHWqTUkGNGTWw74kPUv-QN4Ek7w7H5VyZtUOaGcASSrm0S7WX8af0YlWRUIAqqvKieM
.adform.net/	1970-01-20 13:12:28	Name: C Value: 1
.adform.net/	1970-01-20 13:55:40	Name: uid Value: 3982707528119929119
.criteo.com/	1970-01-20 21:50:52	Name: uid Value: 3b85349e-c134-440c-b1db-4f5637208534
.m6r.eu/	1970-01-20 12:29:19	Name: test Value: true
.m6r.eu/	1970-01-20 14:38:52	Name: cct Value: 1686556102793
.m6r.eu/	1970-01-20 14:38:52	Name: id Value: 510f7384ccb865e43b5f5a6bf1e6bc42
.ih.adscale.de/	1970-01-20 21:11:32	Name: tu Value: 4#4055032132#48~510f7384ccb865e43b5f5a6bf1e6bc42~468487~0~0#101~BBID-01-03612701020225408-16942968~468487~0~0#38~CAESEJU04EMjyHHveNzP0VzfTak~468487~0~0#39~~468487~468487~1#40~3b85349e-c134-440c-b1db-4f5637208534~468487~0~0#42~3982707528119929119~468487~0~0#60~~468487~468487~1#63~ZIbNxu14gwTPI9QHDTcaIwAA&1188~468487~0~0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbnaut.ibillboard.com
cm.g.doubleclick.net
dis.criteo.com
fastshare.live
fonts.gstatic.com
gaa.adscale.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ih.adscale.de
joyn-creative-hosting.s3-eu-west-1.amazonaws.com
js.adscale.de
match.adsrvr.org
pagead2.googlesyndication.com
s0.2mdn.net
ssum.casalemedia.com
sync.mathtag.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trx.adscale.de
www.googletagservices.com
142.250.186.130
142.250.186.98
178.250.7.11
185.29.134.244
185.80.39.216
194.213.62.34
2600:9000:223f:6400:f:4f64:8940:93a1
2606:4700:20::681a:877
2a00:1450:4001:802::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2006
3.120.85.171
3.125.12.184
35.71.131.137
37.157.6.243
52.218.44.114
52.58.181.73
99.83.169.100
04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379
09138afb7dac7376290f52d4f5d8682090f05677b96a2465714238563297c33e
1050165dcc099defdc2401c20a0083d6784c21e46ef87ef1cfb310794cfa1494
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1289b0ca0ad0ea781b1b94195bbf47ec2e7f7fee907a6f99856255d4438e02c0
1e430bd1c5cc3d579824822786e7605d36ac37a8b44f8b99480b00cb045917de
2fb940b87ed9001f6562d79e7121997ea213f0fb27073348dcf30c51285d7c3a
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3412094a8e56da93c6910b03d47b63d0c4b793cd364e7f23a43020198568701a
44718d713af08035d3f9d246d249df63ed5d433a1d8571429241de984c0c4dd7
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
58b44d975e1e1f0664d0fb8ab5b2918d08e9497324a021aa93de5894cdb586d4
59cd3b2612641454b82e5baf052344779681b87c05a686727a9e79fafc4d1c9a
5e2fe4d6dcbe16c671130fb561b80b79111fd786b83d893e8256ed96b38dd258
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
676fb70994eb3dc2e6aad2e42e8a027c57c069238a606f7e6bf08099f7d3e0f8
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
70072788613bde80533a3cb95d5a16c924011004b1d861093610379370beb859
767cc77d6ceda31c77a4b83c3153d69045643e9b369558a91e385c98769fdee2
8695956c55e8679652a5e34279fbcf353078c3883143582a847b8a26a50a3774
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ff053b557efb62da3a0e423cdb5cad6d0497f0f574aaa2d77d1f2fa71460287
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
a59ad4aa0ce622dfa0ec74844ee996f7a1ef879dca71d4c8513a5ed51b7063fc
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
ae82507852468a5d918f7be47840b1b507f09e3f7664c8af9f338b804b44f99d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2be2da464f8c287bcde8d46a24c1c6bb2139ecbf17dbe339c26ba76a5c9c0d9
b2dc8641cae7c9da5e18a7136802a48be4d9aa19368eeb606e01f6158e9577b8
b4059bde1907b5baf447e190cce3dcce7116814373b985683fde4ca11acecedd
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
d11bde9cf7b5a94f974c24776947ebc94064e857d98453e719058b7498820675
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
e0facfd3e5a4f567807582ac481d2b84d5b5faf19c4829bbfd4d801bda9cf425
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e899c9499a4aca16b1687b5f40517cdc2f5b5ab8b066b28f7b7e4aacd21371e7
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39a0175c3d0e75062d1c7e9bda482515e7f25a9a63363de116f416afe821526
f456fcb9ff0a5001fc1e5490ac6b00a1ca581be18ce01842b3f4a70e1924396f
f9272dfdf03239cf58af5784397ea6611f8a902c28d21c6a1735b77507283c31
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

fastshare.live Open in urlscan Pro 2606:4700:20::681a:877 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

91 %HTTPS

38 %IPv6

15 Domains

21 Subdomains

16 IPs

8 Countries

2644 kBTransfer

3664 kBSize

18 Cookies

2 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fastshare.live Open in urlscan Pro
2606:4700:20::681a:877 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

91 %
HTTPS

38 %
IPv6

15
Domains

21
Subdomains

16
IPs

8
Countries

2644 kB
Transfer

3664 kB
Size

18
Cookies

64 HTTP transactions
1 data transactions