www.file-upload.in Open in urlscan Pro
104.21.51.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/rjgdqhjt7oy7
Effective URL:
https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Submission: On September 27 via manual (September 27th 2023, 10:52:21 pm UTC) from RO — Scanned from CH

Summary HTTP 193 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 28 domains to perform 193 HTTP transactions. The main IP is 104.21.51.85, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.file-upload.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 27th 2023. Valid for: a year.

This is the only time www.file-upload.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	169.150.247.39 169.150.247.39	60068 (CDN77 ^_^) (CDN77 ^_^)
3	104.21.51.85 104.21.51.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	104.16.133.22 104.16.133.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
3	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
1 16	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	18.66.127.127 18.66.127.127	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.2 178.250.7.2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
1	54.77.82.203 54.77.82.203	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
21	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
18	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 2	54.76.72.139 54.76.72.139	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
4	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
2 3	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
2 3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.177.15.157 108.177.15.157	15169 (GOOGLE) (GOOGLE)
1	13.225.78.121 13.225.78.121	16509 (AMAZON-02) (AMAZON-02)
5	35.166.194.19 35.166.194.19	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
193	39

1 188.114.97.3 (Italy) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 188.114.96.3 (Italy)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.150.247.39 (Charleston, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-39.bunnyinfra.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.51.85 (United States)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.16.133.22 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.251.9 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (Los Gatos, United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.127.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-127.fra60.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.85.20 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.82.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 216.58.206.33 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (Germany)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.72.139 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-72-139.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.46 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f14.1e100.net

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.196 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.26.193 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-121.fra2.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.166.194.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-194-19.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	350 KB
32	demand.supply live.demand.supply — Cisco Umbrella Rank: 42647	40 KB
26	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 bid.g.doubleclick.net — Cisco Umbrella Rank: 1063 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433	320 KB
22	file-upload.org www.file-upload.org — Cisco Umbrella Rank: 775705	548 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	328 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1083 static.adsafeprotected.com — Cisco Umbrella Rank: 851 dt.adsafeprotected.com — Cisco Umbrella Rank: 765	106 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	162 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	114 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	2 KB
4	google.com 2 redirects mts0.google.com — Cisco Umbrella Rank: 6671 www.google.com — Cisco Umbrella Rank: 11	126 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720 fonts.googleapis.com — Cisco Umbrella Rank: 113	33 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 668 www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	38 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	173 KB
3	file-upload.in www.file-upload.in	11 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 178
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	115 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 640	7 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1223 id5-sync.com — Cisco Umbrella Rank: 687	32 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1393 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398	12 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	147 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 12920	10 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 984	566 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2880	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 897	14 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2724	3 KB
1	file-upload.com 1 redirects www.file-upload.com	432 B
0	alexametrics.com Failed certify-js.alexametrics.com Failed
193	28

	Domain	Requested by
32	live.demand.supply	www.file-upload.in live.demand.supply client
22	www.file-upload.org	www.file-upload.org www.file-upload.in
21	tpc.googlesyndication.com	www.file-upload.in securepubads.g.doubleclick.net 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
18	pagead2.googlesyndication.com	264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com pagead2.googlesyndication.com www.file-upload.org tpc.googlesyndication.com fw.adsafeprotected.com www.file-upload.in securepubads.g.doubleclick.net www.googletagservices.com
16	securepubads.g.doubleclick.net	1 redirects live.demand.supply securepubads.g.doubleclick.net www.file-upload.in
15	cdn.ampproject.org	securepubads.g.doubleclick.net
6	s0.2mdn.net	www.file-upload.org s0.2mdn.net
5	dt.adsafeprotected.com	264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	googleads.g.doubleclick.net	264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com www.file-upload.in pagead2.googlesyndication.com
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
3	264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	connect.facebook.net	www.file-upload.in connect.facebook.net
3	www.file-upload.in	www.file-upload.org www.file-upload.in
2	googleads4.g.doubleclick.net	www.file-upload.org
2	www.googleadservices.com	www.file-upload.in
2	www.googletagservices.com	264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.file-upload.in www.googletagmanager.com
2	images.dmca.com	www.file-upload.org www.file-upload.in
1	stags.bluekai.com	264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
1	static.adsafeprotected.com	264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
1	mts0.google.com	264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
1	www.gstatic.com	264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	www.file-upload.in
1	ssl.google-analytics.com	www.file-upload.in
1	www.file-upload.com	1 redirects
0	certify-js.alexametrics.com Failed	www.file-upload.in
193	43

This site contains links to these domains. Also see Links.

Domain
www.file-upload.org
www.facebook.com
www.instagram.com
www.youtube.com
file-upload.org
www.file-up.org
www.dmca.com
safeweb.norton.com
sulvo.com

Subject Issuer	Validity	Valid
file-upload.org E1	`2023-09-25` - `2023-12-24`	3 months	crt.sh
images.dmca.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-25`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-10-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Frame ID: E445041490B36208CDB696647E2DC17D
Requests: 96 HTTP requests in this frame

Frame: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 27E18C05B54EAEE85C45D599186F9DC9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs
Frame ID: 4CCCC8F1102989D55F7AD57FF3798F08
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs
Frame ID: 100D7A962E07E6E704810A2A5AB2E6A4
Requests: 12 HTTP requests in this frame

Frame: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 17F918672FB0F0D98199D5064E1D9A15
Requests: 27 HTTP requests in this frame

Frame: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 87BC012A9414EEE194C2CEDB192FA51C
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs
Frame ID: F515C6AD9FFA83ED27F79DED9C142736
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
Frame ID: 22D010ABE2D861C08BDD299F03E6B524
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCx8IABGNy82eIBMAE&v=APEucNVn3V90_ueEKQbXoJhhQ5JsODH1dnN_cbplAvnLvJgPJIdIC_gZFvU69Gju1cN26tctukubYRMjoDjo0L5--Vna3dxAfA
Frame ID: 78CF79DE5B7AD635CFD059080728D569
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zoJWBzK8T3bx0gS17Fy3cZjSCDkxpLbxY97VcN3Od5s.js
Frame ID: DE192A25C5A131701B15AF0CD7293119
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A5F70C5F4D74FD95578D2E33C72133E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 833AE3BB8306F6D68F32286F9DC9997E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6760547312230464170/_export/index.html?ev=01_250
Frame ID: 3722835A9A1C134A8729EEDDF3EE5BDC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FFD969C401B46251DFDDB03D1F5D77CA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF3A2242A2E937920B888F0DAB664712
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/rjgdqhjt7oy7 HTTP 301
https://www.file-upload.org/rjgdqhjt7oy7 Page URL
https://www.file-upload.in/file.php?get=rjgdqhjt7oy7 Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

193
Requests

95 %
HTTPS

0 %
IPv6

28
Domains

43
Subdomains

39
IPs

6
Countries

2686 kB
Transfer

6926 kB
Size

26
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.org/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=payments
Title: Premium Download

Search URL Search Domain Scan URL

URL: https://file-upload.org/rjgdqhjt7oy7
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.org/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.org/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.org

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://www.file-upload.in/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/rjgdqhjt7oy7 HTTP 301
https://www.file-upload.org/rjgdqhjt7oy7 Page URL
https://www.file-upload.in/file.php?get=rjgdqhjt7oy7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.file-upload.com/rjgdqhjt7oy7 HTTP 301
https://www.file-upload.org/rjgdqhjt7oy7

Request Chain 149

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM3i_9-xN8DP-B1ZWk2MI8M&google_cver=1

Request Chain 156

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRSyIncneGg1-GKRYCVOLgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM3i_9-xN8DP-B1ZWk2MI8M&google_cver=1

Request Chain 162

https://securepubads.g.doubleclick.net/pagead/adview?ai=CDkdAILIUZZr4CPSM1PIPr4imqAHW9eDRccnB6s-BEWQQASCVm8ohYPWVzoHgBKAB3NjF1QPIAQmpAgB3GZzURLI-4AIAqAMByAPLBKoExQJP0MZVtzxn1412Iy-o8f1sNnGTkAqmOdQCAV9eEi9TOlX2V3hZtqbQUF7XzZvlfAehn1eTuq1O88X_pKgiaqMUogttFN5cBLk2dzzrllMow3F4yDiKtE6j-UkCYUq0765ofKQcHp6qbMJN514Dswsz3lXQDNzymslfXWdSUn6hGVuOB1DzkdDrUgMMEX4xnUvRUnG4WBJfFm0rzwQDvLISGDxlkU0eAbJvDYj3Y5M-y1c4BjanTQT5GIHIp9_7O9VC7PR4U-0-blfRkW5HEe1L40qDKP5211_Dmeyo_X9xBmCuTJQzv-fxO05r_JdmmpEDAsbQs7qGJuGO3GxM5pNM1OtMmpdsqd9WkPv4wsX7DBCtYr9hlq59-tmtTEM-_9mX01WaGIdoVnCwnBBT1aSyubxCu9SvdTvy-MS-tGinQ90t4-CAwATu0L7LjQTgBAGIBY3MzKJDkgUECAQYAZIFBAgFGASgBi6AB4ynuiqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD_wwvSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJJ2h0dHBzOi8vd3d3LnBmaXN0ZXIuY2gvZGU_Z2Nsc3JjPWF3LmRzJoAKA8gLAZgMvcL1zf4D2gwQCgoQkJu35bXWq5xwEgIBA-INEwiAy-rX8MuBAxV0BlUIHS-ECRW4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=jYPuIQSd3rQ&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNOMcpEKlyt0oHOAfQk1xmR86Xiw1MGVFts531A7NHVQQQSvJmKMeGk1M3-gueceJflOgaHj5ZF67iW_6PqXncp91TCWlbvxgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7fe09cc22d90d8f50000000000000000%22,%222%22:%220xdd913cbace09cbd90000000000000000%22,%223%22:%220xc54c8c93252f75e70000000000000000%22,%224%22:%220xa90d195c63ba23cb0000000000000000%22,%225%22:%220x1420a8472557dc750000000000000000%22},%22debug_key%22:%221216578075565985896%22,%22debug_reporting%22:true,%22destination%22:%22https://pfister.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22984706140%22],%224%22:[%2209-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210929239230731667313%22}&andc=true

Request Chain 166

https://fw.adsafeprotected.com/rfw/bgd/1380004/69892548/xbbe/creative/adj?p=APEucNUiTopLG-VrMKP5MiYTBmRgoezRuKpIyD_qe30AXcc71uH839s&d=CokBAKAmf-A_aw9MJVyo-ZSxThmS_bQWGjOt65P2Q_bhU9Gjvtf-a_wh5EX6REUHkEayUFfLm0FfqbXhbopcARSbCcFkopQ0RX0ztZYi5rGn5c9V1MJGZ2BM_nZZ8Q2KlzYZ5jTfFATgmKnjOK3pDcNCInzW15vQmwodf7mv7kp4vLU0rJkS9VI3oJ4S2RcAoCZ_4MNeQDjZd2lbkrD9I28fO1hHoaoGIXnOlcOAaCDFQevy59i42yoRYaNYJ0iXf-h2l2IYPhI9S_Ao0-mN8ylhmIjARAmvAvxHOlhtONi3y54KDyMYL-zCkxcWr7RQ4i8X_kbZ-t4zgBKYv-yqu_0CQZ6CIXPvvXU_w3g_3wNcAMoGGNjjakhQLgZqnwI-sFcg7QKwdd6mqMpuOHfm1RtbBAx5lO9dWx0IRNa8tv1O3jMEtG4Rl7ccJq3Kozid1JnJBLHKsg8Kg3PXdF1qSl64H1-4oN5NGfzkagkqZxK7T0waOsKR5So7US-ti2qLwCz4W6zgPfyDM4rS9EGDtZZR7fnsML9HXWNNqo8eXj-wdJIeJ1TAlrD0Lcj2Ng-PZfEpAYki96HfAcYscvswxAiXGBnBlKfZcrDP1K_sA8eMDho-qjx4C5rMxo03CTbJF-o5RX5M_389l4BjMR257cPsW2IdpxAEeW_VoNV0nX-PQH04iXQ_N0NR83U8c5aL9igTOQWZFEfLpPB42SGxtFr9aRBsd6-ikWUBk1pcCxxoUEL0hdtifw2URpcKPfYjbVU55_UiCprYlzQdit8pJdcCW-Cqp8KRM8kCOcpGHFU__-fxl2Gp8Q2S6UXBMlH81ItarfqkcBnQYkv0zcFFVYgXpZuEYKr_h-eYIUBQVcGWnStqLp5lChcJAjuRU2N42Tssgu3-832pyJoQVuTLC8BU8qX36zUCRR6WwexIPjtC8Cb_703tD8-qS4ohTjGouYm8vG4oDxqIVLx_QjBOnvMTtlG8F31iRTb57KE6aGLJmluFQpCxpcoRfENNQqU8VBYrsFTjL5ZQn5qdZXc1xg230_yUmMFPhOpZdbSxEECqdsEDXyk7nOXilxhIKQu-CXuFSOsClnbceVESLTQnWeXATouG0uOrlgXDC7elgH-z0ZOKfE0XN4ygOr9TtI-Fn11v3vwGxgw4NvzsaW6uYsqduJJKWbD8f7V0leKC2UNiF9Nho5KgX6p7bgvWh9_qQPzS2xtlx5WMnHHQFqe6PypaQu55w3e3AQWVTcM5Xjzd-hrm900VnykMyRmT069MgkycYF5x6SigEIQRlWryjt5-D5qSKTlTN0iMB8r8oyCaVo-Vfx0eCCMdvGyWVty_YTknTe9R_p-3GF195WsOT1B9Xt27rP3Yr94TZstuE9vD5p5-xLJSUSb5uG96ZpD4KWO7InKS0ripufaeDqs-Nxpw4AT7ymHPlPYSedwonUyTKAaXBC-3dyl10OBFec73ppgfq5-BJfVSaahmmXSzsLzSOQ5h8duesCayYhnP81OoSROAfYiYUBQbhwYzfws_6cFkoECl1bh2WYRBX3wRdsxWcQnNdPoHUWB_vdsK8M6rg2R-QnzbXHzyaPxyFmZ4rclsI4BE8Z5DyRYg809cFzuGp8PG-oW1Fc0htt5-gc5-TX32TWntYzlIrwjKviggHIYlEICys6-GKgk-E60YXBEy3A3Bz-TzABWU1FaLibcNZKJ9DSqgGo5qnIVpAGXvtuguUZxO0cBiEHTp4jPsTpJyXwGWGHt8b2gD35QFDlQ_sW2fBRaiZ6CgBa8BKUKL2UrPW4ByExb7smwsuHTEcxHg_D6CO18T77rQHGAGNGC9wtN7Dqv4yOwLPFqXexV3FrrRST6MQyiP6kh01lFwKvLqe8DCrWlfi12pMoxGdTX9fdUCzAlPnWXV2hVLAnalhCk0CzihxcE5kibcWNkNDxgTFZDvh3E90513BIeCd5jLqXZICU6WEA6VqqWlk63fU0YtrraYwlJn8WH46IGCP4UneVwwtu4JD85WNp8PbtJFhE8yKQgm99OpmP3mckLcm56hRXX4bAl2JdpG7NQEMKyWoCy51n4VSuE2JeFgqA0vjLIZNjQWM6gwQYN7mT3BEG2vWoRUur8qVq9kfVlU6p5FgyN1-at-nDPvmqUAEpuWJgQUSQdFFBspsstSp7HyIY_Q5T5Y2-bEu0sAJ7hYC8Jz6b1GTQhW2M2Rg4DpyDTYpjYAWwYtuRXkzqeF0Vt8jHHLs-fbaoyvQ9NjCvG03TJXI37QVWn3wrVM5UHdnUJMHRNUapzgw1iThvdAJCKSnW2E4JVvdcIn2oYpuaFDOFI0-PgOX39rHmIb0rV5HdcR018ecIlhJ39-4-QnYtvI_fbracFiHjQvQIl6YaViQgxo-vqgvKv87R6vQ3OEGOMGz3EUudlU7vMuLP5e39o7q5CdcVxsbymJduNI0_EbAiYU1LHMipuhf2inqJc3K5VO1drsWVMh-CAZ3PG1-RKJc2vqEayKK7Ys8JLpwnmV-aXvEnNJTq29yyTh9_8BZn3mjLAfqXWTiQ-U1dLhFCl0KJKkOTj4RH-rkhDhIDmcV5ezCGhHsq9ZUhHFviM85vtWlWGoZ00lkwyUYGlyZLlEkkeASSoW7Dhj8dIDF98lKlP-XszgKUfDn0BWiJ2yAWsoiWXB_SkduIpuk6H_LqTy_yoAVDoTapmlJ9sFDMPHL7CevtiUvrCfIQpFMgdWjBAsoCb8Vv18mgcZYAEK-kkLCrnaoDnI2pXN84QeP0EEirzdNiajbjSFacwzz1pJv4uhbw_NKq7_lgX7QF3BolGn9bKXLIQKrLy4f3lvLH_aFayalxCZhxINQHKrCxvb8aj1kerNuntZoOH8dWuuyigRxC_ebAek9is8v8i-aQ5go7elxdAVXfGXmRnmMbrZvTzRVNOWk0etH0SYB7EaHy1KSTYOLU6wADUEK4T7oASYRiOg1s49sutM3Oyh-EW31lMQ7Cv12kmLPCNK1byuRTJ_URXD0Tdcz-qOdMJOPOErMFzS_hKnccHw9sKC5lvNa5kFptmaoYykov0apSczpwmw9hyIszXNfMYobF--0cy8PaMXuptD6sOzZmZAU-neTVWuekGXDkIZ9W-FPpZOJPVA37lrFIhepKJJb1LPgcwOaKdQonZftJDzy3dl5g8l8Zsqs9zp4PtYObUaybzMqsr3_0r11ziGEKh86eONDgWNdKTht8jXaiKw3d6-uCEw0dTgcpIiyKTNahRMdZFS3_B1cthwE_JpTjieb1DApxw-yYscl3hSWkZjasZJXxPuErUCfMIFRloOLk25G0egM26dDRJwN3hLbO4YYdztzXmfC1K5pJwEqvXWUzZrQ7cb59l5OVqr0lVTojF7yon-auwjOMuXlDKhVWI74mIW4cyiaTPb4ubTREReVUkICgG55onYe2HRzN5dUXzrS-3aZ-Qdfh4MOYo-F0jSzIXxRztthD5Y71nrvEOy26SlkTRLWOjs0SF5qH6E7jo48pvAPaZVsN21EAXghAgER7DnW15PGcngjR7x3OzEXsbsrXClzDjObjCKgsBASGOyyF7-mVnESXmuMlKUaI-IllrFwn2G8tB5cmJVbEbmGTozEe0oXdg2H3hzyDkCAc4O5wri4px6gTFrLgClSzovYCETDnowulyrqsvztGTHZ1PCJJHQhwG2H94x485UImWoO5eiobEN9XC-m_bv2e3l9DLbly8CazOFTJOFx28-CNL4cuzNieOLfdwbbYAHiEX2xBLla9sOVPKg9ZO2JgQyDr2dg-KgSYOILu_ZepPt0V10ZAEK-euB5ggvyY6GI3FQUwxHp_bNmqcs6A9R7v_pOCGlP2K94vFXdbI4PW781HZnmGOZJcK30NqvaQTut9sggLst6XVVArthxkG7FPngLsnzOEfOpSG0IwkXf2SdDgJSV6vdjGZgp010cnfbIwEUnVg0mAdV3Pi21mcS50385vp8lMHGZAlkdSzu2JRoxXgXRaF3JxMMjAGVJUaNeSmTEmPHp6Xjm9VF0I0n1D2B2EloXwOTaa-x0qJAggvvxzaHlBP4gBreYwAFjRDge9Vj1kHJn9Am_MYE7bERvnP_GrVivBsLlG8tzjZ3WU0888kVzw2ORuc8KtVAZZV9SAI_9OKZahR8tzt-X97qNgdG2Y8U9BdqPTAodnEcgOkzPRal1rJDNZLNaYllCUgpiH6GTZ-SM9H7-sbbS2JiS-gaUQgEEksAyAmmjSWxc7vQsXuwDDUOnlcVuLxV7rT_msKdiSIwgcywASy45NoUuF4zV9gyMWHVDCd-iLKYHMbgLSGHLIhKY_HfgHqZ4GliMFAYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1010763377&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19758437279&bidurl=https://www.file-upload.in/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jW7nSZpzE-2Wr1hAzfcJlY&adsafe_url=https%3A%2F%2Fwww.file-upload.in&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.file-upload.in%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7806fc09-3a36-65c5-5bb6-088ea9aee039,c:psHYjV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-w6lgk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tR6jkMq+11%7C12%7C13%7C14*.1380004-69892548%7C141%7C151%7C16%7C17,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:81d3063d-5d88-11ee-8ab9-1e823bddd2ff,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUiTopLG-VrMKP5MiYTBmRgoezRuKpIyD_qe30AXcc71uH839s&d=CokBAKAmf-A_aw9MJVyo-ZSxThmS_bQWGjOt65P2Q_bhU9Gjvtf-a_wh5EX6REUHkEayUFfLm0FfqbXhbopcARSbCcFkopQ0RX0ztZYi5rGn5c9V1MJGZ2BM_nZZ8Q2KlzYZ5jTfFATgmKnjOK3pDcNCInzW15vQmwodf7mv7kp4vLU0rJkS9VI3oJ4S2RcAoCZ_4MNeQDjZd2lbkrD9I28fO1hHoaoGIXnOlcOAaCDFQevy59i42yoRYaNYJ0iXf-h2l2IYPhI9S_Ao0-mN8ylhmIjARAmvAvxHOlhtONi3y54KDyMYL-zCkxcWr7RQ4i8X_kbZ-t4zgBKYv-yqu_0CQZ6CIXPvvXU_w3g_3wNcAMoGGNjjakhQLgZqnwI-sFcg7QKwdd6mqMpuOHfm1RtbBAx5lO9dWx0IRNa8tv1O3jMEtG4Rl7ccJq3Kozid1JnJBLHKsg8Kg3PXdF1qSl64H1-4oN5NGfzkagkqZxK7T0waOsKR5So7US-ti2qLwCz4W6zgPfyDM4rS9EGDtZZR7fnsML9HXWNNqo8eXj-wdJIeJ1TAlrD0Lcj2Ng-PZfEpAYki96HfAcYscvswxAiXGBnBlKfZcrDP1K_sA8eMDho-qjx4C5rMxo03CTbJF-o5RX5M_389l4BjMR257cPsW2IdpxAEeW_VoNV0nX-PQH04iXQ_N0NR83U8c5aL9igTOQWZFEfLpPB42SGxtFr9aRBsd6-ikWUBk1pcCxxoUEL0hdtifw2URpcKPfYjbVU55_UiCprYlzQdit8pJdcCW-Cqp8KRM8kCOcpGHFU__-fxl2Gp8Q2S6UXBMlH81ItarfqkcBnQYkv0zcFFVYgXpZuEYKr_h-eYIUBQVcGWnStqLp5lChcJAjuRU2N42Tssgu3-832pyJoQVuTLC8BU8qX36zUCRR6WwexIPjtC8Cb_703tD8-qS4ohTjGouYm8vG4oDxqIVLx_QjBOnvMTtlG8F31iRTb57KE6aGLJmluFQpCxpcoRfENNQqU8VBYrsFTjL5ZQn5qdZXc1xg230_yUmMFPhOpZdbSxEECqdsEDXyk7nOXilxhIKQu-CXuFSOsClnbceVESLTQnWeXATouG0uOrlgXDC7elgH-z0ZOKfE0XN4ygOr9TtI-Fn11v3vwGxgw4NvzsaW6uYsqduJJKWbD8f7V0leKC2UNiF9Nho5KgX6p7bgvWh9_qQPzS2xtlx5WMnHHQFqe6PypaQu55w3e3AQWVTcM5Xjzd-hrm900VnykMyRmT069MgkycYF5x6SigEIQRlWryjt5-D5qSKTlTN0iMB8r8oyCaVo-Vfx0eCCMdvGyWVty_YTknTe9R_p-3GF195WsOT1B9Xt27rP3Yr94TZstuE9vD5p5-xLJSUSb5uG96ZpD4KWO7InKS0ripufaeDqs-Nxpw4AT7ymHPlPYSedwonUyTKAaXBC-3dyl10OBFec73ppgfq5-BJfVSaahmmXSzsLzSOQ5h8duesCayYhnP81OoSROAfYiYUBQbhwYzfws_6cFkoECl1bh2WYRBX3wRdsxWcQnNdPoHUWB_vdsK8M6rg2R-QnzbXHzyaPxyFmZ4rclsI4BE8Z5DyRYg809cFzuGp8PG-oW1Fc0htt5-gc5-TX32TWntYzlIrwjKviggHIYlEICys6-GKgk-E60YXBEy3A3Bz-TzABWU1FaLibcNZKJ9DSqgGo5qnIVpAGXvtuguUZxO0cBiEHTp4jPsTpJyXwGWGHt8b2gD35QFDlQ_sW2fBRaiZ6CgBa8BKUKL2UrPW4ByExb7smwsuHTEcxHg_D6CO18T77rQHGAGNGC9wtN7Dqv4yOwLPFqXexV3FrrRST6MQyiP6kh01lFwKvLqe8DCrWlfi12pMoxGdTX9fdUCzAlPnWXV2hVLAnalhCk0CzihxcE5kibcWNkNDxgTFZDvh3E90513BIeCd5jLqXZICU6WEA6VqqWlk63fU0YtrraYwlJn8WH46IGCP4UneVwwtu4JD85WNp8PbtJFhE8yKQgm99OpmP3mckLcm56hRXX4bAl2JdpG7NQEMKyWoCy51n4VSuE2JeFgqA0vjLIZNjQWM6gwQYN7mT3BEG2vWoRUur8qVq9kfVlU6p5FgyN1-at-nDPvmqUAEpuWJgQUSQdFFBspsstSp7HyIY_Q5T5Y2-bEu0sAJ7hYC8Jz6b1GTQhW2M2Rg4DpyDTYpjYAWwYtuRXkzqeF0Vt8jHHLs-fbaoyvQ9NjCvG03TJXI37QVWn3wrVM5UHdnUJMHRNUapzgw1iThvdAJCKSnW2E4JVvdcIn2oYpuaFDOFI0-PgOX39rHmIb0rV5HdcR018ecIlhJ39-4-QnYtvI_fbracFiHjQvQIl6YaViQgxo-vqgvKv87R6vQ3OEGOMGz3EUudlU7vMuLP5e39o7q5CdcVxsbymJduNI0_EbAiYU1LHMipuhf2inqJc3K5VO1drsWVMh-CAZ3PG1-RKJc2vqEayKK7Ys8JLpwnmV-aXvEnNJTq29yyTh9_8BZn3mjLAfqXWTiQ-U1dLhFCl0KJKkOTj4RH-rkhDhIDmcV5ezCGhHsq9ZUhHFviM85vtWlWGoZ00lkwyUYGlyZLlEkkeASSoW7Dhj8dIDF98lKlP-XszgKUfDn0BWiJ2yAWsoiWXB_SkduIpuk6H_LqTy_yoAVDoTapmlJ9sFDMPHL7CevtiUvrCfIQpFMgdWjBAsoCb8Vv18mgcZYAEK-kkLCrnaoDnI2pXN84QeP0EEirzdNiajbjSFacwzz1pJv4uhbw_NKq7_lgX7QF3BolGn9bKXLIQKrLy4f3lvLH_aFayalxCZhxINQHKrCxvb8aj1kerNuntZoOH8dWuuyigRxC_ebAek9is8v8i-aQ5go7elxdAVXfGXmRnmMbrZvTzRVNOWk0etH0SYB7EaHy1KSTYOLU6wADUEK4T7oASYRiOg1s49sutM3Oyh-EW31lMQ7Cv12kmLPCNK1byuRTJ_URXD0Tdcz-qOdMJOPOErMFzS_hKnccHw9sKC5lvNa5kFptmaoYykov0apSczpwmw9hyIszXNfMYobF--0cy8PaMXuptD6sOzZmZAU-neTVWuekGXDkIZ9W-FPpZOJPVA37lrFIhepKJJb1LPgcwOaKdQonZftJDzy3dl5g8l8Zsqs9zp4PtYObUaybzMqsr3_0r11ziGEKh86eONDgWNdKTht8jXaiKw3d6-uCEw0dTgcpIiyKTNahRMdZFS3_B1cthwE_JpTjieb1DApxw-yYscl3hSWkZjasZJXxPuErUCfMIFRloOLk25G0egM26dDRJwN3hLbO4YYdztzXmfC1K5pJwEqvXWUzZrQ7cb59l5OVqr0lVTojF7yon-auwjOMuXlDKhVWI74mIW4cyiaTPb4ubTREReVUkICgG55onYe2HRzN5dUXzrS-3aZ-Qdfh4MOYo-F0jSzIXxRztthD5Y71nrvEOy26SlkTRLWOjs0SF5qH6E7jo48pvAPaZVsN21EAXghAgER7DnW15PGcngjR7x3OzEXsbsrXClzDjObjCKgsBASGOyyF7-mVnESXmuMlKUaI-IllrFwn2G8tB5cmJVbEbmGTozEe0oXdg2H3hzyDkCAc4O5wri4px6gTFrLgClSzovYCETDnowulyrqsvztGTHZ1PCJJHQhwG2H94x485UImWoO5eiobEN9XC-m_bv2e3l9DLbly8CazOFTJOFx28-CNL4cuzNieOLfdwbbYAHiEX2xBLla9sOVPKg9ZO2JgQyDr2dg-KgSYOILu_ZepPt0V10ZAEK-euB5ggvyY6GI3FQUwxHp_bNmqcs6A9R7v_pOCGlP2K94vFXdbI4PW781HZnmGOZJcK30NqvaQTut9sggLst6XVVArthxkG7FPngLsnzOEfOpSG0IwkXf2SdDgJSV6vdjGZgp010cnfbIwEUnVg0mAdV3Pi21mcS50385vp8lMHGZAlkdSzu2JRoxXgXRaF3JxMMjAGVJUaNeSmTEmPHp6Xjm9VF0I0n1D2B2EloXwOTaa-x0qJAggvvxzaHlBP4gBreYwAFjRDge9Vj1kHJn9Am_MYE7bERvnP_GrVivBsLlG8tzjZ3WU0888kVzw2ORuc8KtVAZZV9SAI_9OKZahR8tzt-X97qNgdG2Y8U9BdqPTAodnEcgOkzPRal1rJDNZLNaYllCUgpiH6GTZ-SM9H7-sbbS2JiS-gaUQgEEksAyAmmjSWxc7vQsXuwDDUOnlcVuLxV7rT_msKdiSIwgcywASy45NoUuF4zV9gyMWHVDCd-iLKYHMbgLSGHLIhKY_HfgHqZ4GliMFAYAWAB&cry=1&bundleId=

193 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

rjgdqhjt7oy7 Show response
www.file-upload.org/
Redirect Chain

https://www.file-upload.com/rjgdqhjt7oy7
https://www.file-upload.org/rjgdqhjt7oy7

27 KB
7 KB

570ms
105ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeff6b59707db5ecf56a1bcc8073c800da4778774e5f9a3bb81a3e75dceaebe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80d750d6badd5b8d-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 22:52:13 GMT
expires: Tue, 26 Sep 2023 22:52:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZVFPjpVIvq1j7LT3TQ3fpBM4Zk1LmDz4%2FFoDeBRc3daU1ycoeBcdTe%2Flsu%2FtzLuM41A77ip%2BWtGremqGF6BiIImNkYxKxvK6rHk4QW7jjIcQf%2BObPcIvUlFItltTb1fpR%2FE%2B8Wo"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80d750d359de2297-CDG
content-type: text/html
date: Wed, 27 Sep 2023 22:52:12 GMT
location: https://www.file-upload.org/rjgdqhjt7oy7
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ok7AK836EI%2FhHXMwvbQOC3N1mikSfAImG4zOmxl0qqVdQIstGo0K95NZgfj%2Bh%2BcCNnHU4rDyySIkLeLHnrPPyJSF1dIwXnLMP8HaEdgXYAmWTfqskN4hdDan7x5n3w2Mx29pN5XS"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 70ms
67ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/rjgdqhjt7oy7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788718
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqlOURRIBgtnMInOYptldrs3G8zhs%2FpC%2BgqNwWPLIxkXY0TAPCLwt4uKIbopw6vR6J4H%2BgIJiXXIaTtMMgBtIwrGVrbuDd7JZdnLH8iFJL7mUkEIVCh3JrAwdZB1zztPTLn9RVOa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 80d750d77b4c5b8d-VIE
expires: Fri, 08 Sep 2023 06:00:15 GMT

GET
H2 200 app.js
www.file-upload.org/mngez/js/ 235 KB
80 KB 130ms
129ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/rjgdqhjt7oy7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQhjBoWu6reNO1SWp7VsNQrncY3KzKlfkIbl0eHD9LUaxnLaEXAEby8EhdKUE%2F4Rbfnw%2BybX2FkNGgqXMz67W4e79q5goEufQ1yt0CNeLj0EO3bmIyzViPDVD4UICcfgtPADsMna"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 80d750d77b4d5b8d-VIE
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 45ms
45ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/rjgdqhjt7oy7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788717
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7xuzb7AWZgaWuijp%2BrnWM1w0NjxYP5GdYPTCiZFwYrw3DBtcJVlkm9l2PC6u14l7%2FWJ0KOdGoWQyyB6Gtz5SdLl%2Fy3GkXtHQEqtFge9vm9BRF6DW5NOvlx4%2Fp6kNcsppSWTqxuG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750d8cbdc5b8d-VIE
expires: Thu, 14 Sep 2023 06:00:16 GMT

GET
H2 200 email-decode.min.js
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1011 B 120ms
120ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/rjgdqhjt7oy7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Sep 2023 16:02:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6511af19-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xeoy8ERe3aFooAvaZ6pwPRO6S6kna%2F10VS2HTenNgSrlLZIfv7lnBCtz4Lq3rTai2dc1YGxWdbiWtvICpVwB57xAgw0S6S5E5iI55hkNvcgMDqJK7SlQcPvWMmXTDdzOVHPS9fHM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80d750d80b765b8d-VIE
expires: Fri, 29 Sep 2023 22:52:13 GMT

GET
H2 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 77ms
77ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/rjgdqhjt7oy7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788717
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAGAmTCHAU%2FRod6iOc9bcuy4Qg7kbBR2fQyNYwB7Gow%2BhiY9hrjhRVzhUOuioFsrfH6NT5y4wnxhb61HkLlTujK01xPnymswJl9DTi6hez4XDrc6MWpgzwzaL%2BVdEGOWnz4L%2FPM6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750d8fbf75b8d-VIE
expires: Thu, 14 Sep 2023 06:00:16 GMT

GET
H2 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1 KB 60ms
59ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/rjgdqhjt7oy7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788894
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k76PQrWumPs4thTLOfvBrY8uhmoErXqz1Xjsn2z0Gm4XfTaCyWEwKbggfsXpmza6G8HyGE6NLa5LfpUaVkQRjAQIFph7o2eDjneWw83iui43nH1lgMHdKTUZiPHb8jnY0b8CDguU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750d93c1a5b8d-VIE
expires: Thu, 14 Sep 2023 05:57:19 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 495ms
44ms Image
image/png 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.39 Charleston, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-39.bunnyinfra.net
Software: BunnyCDN-DE1-1082 / ASP.NET
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:45
cdn-pullzone: 1574055
content-length: 4535
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "0abbdbd420cc1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 6e920332f49e09b56e1fba10777df534
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 65ms
64ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/rjgdqhjt7oy7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788894
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95YNks8RArJ5cbPGAcM4BRFP7VPrjj4WB3ORknVFsuhTTyBRsCwtZaNVEdm1phjqPqZznJxb93BlojMYU4ycYGNIlWytgmy2seCh%2BQJn7o4a2cFPPuFgrq3KEH%2FnLPM9TyqVdJxF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750d93c1b5b8d-VIE
expires: Thu, 14 Sep 2023 05:57:19 GMT

GET
H2 200 Primary Request file.php Show response
www.file-upload.in/ 23 KB
7 KB 641ms
183ms Document
text/html 104.21.51.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.51.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248e2bccf0cffd34d8695da18aa4981ceb6d896074ad398635df84fa18e2e427

Request headers

Referer: https://www.file-upload.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80d750dc0fb15c50-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 22:52:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgKqmnV4UMVzZYimQUPqTxPt1bIwsLKDjOiv3joOY%2FQFxD56CKT1g0BUwVvZUlsw8rY4WxWXZG1ESybMTkk6fTNLrMIDfyi1MhJI7N1y%2BE5yj60A5F272iBPZ7Yvnf5FyL2Deoc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 83ms
82ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788894
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzmsU8JpuQHemyERlfk9HU0cWqXxaCSbcoc4BdqsOK31cczglQOs8GVEAHSysHgGnT5AgFk7mDXvEWsQiI5055%2FedoXP6r1JJZkKW9adOU7KfQnKhNgadIOs2wFMzCDxXt3BEZoQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750d96c325b8d-VIE
expires: Thu, 14 Sep 2023 05:57:19 GMT

GET
H2 200 fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 139ms
139ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1453
etag: "12d68-5fe4d56c8e4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukhQs7uH7fFYSDMRkJ7%2BU93EkbhBdEnecTZ9LtBSf597hhzFyF1qQVdRlaq3xCwllAYM0H2W3h3WABVaim787rKzPCs6jENZleuIyu28u7n%2FgBfhV1rFF%2BgDXzieDtBPy8lVzV5p"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80d750d96c335b8d-VIE
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 181ms
181ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 457
etag: "1ee0-5fe4d56c8f861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCEJGYM5WyMHI6iIilTrRvmt44FK1pDTZXKwiOI%2FJqJuUYo4QyQKCrt3xe3R%2BjdXQU00maxwaFs1h4ml1FB2xnU0ceCpUIRti0GwkqpdqKFmGAu5tO2jeDFR88vlOSrcgEv8%2B8Gl"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80d750d96c345b8d-VIE
alt-svc: h3=":443"; ma=86400
content-length: 7904

GET
H2 200 poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 181ms
181ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:13 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 457
etag: "1ecc-5fe4d56c90801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ex6Q9xf%2BDFNOfV4s55XAdpwFcvUSj1uKdX3lFTpaWsIXXQJJqkVzW89CS3vttuJAOesc0Ync2CjeMHNSd9s85QaEI%2BGc8ChtywEYFo6cUn%2FkbYNC7m1sC2p7qqtW1uf5YwGCKpeH"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80d750d96c365b8d-VIE
alt-svc: h3=":443"; ma=86400
content-length: 7884

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 560ms
154ms Script
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88a864d4e17be5b74694a3f2e7309cca57670db18a9e4f7b1cb7b948807b9167

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01HAAPFKXS6C0TWVX10X7HF12W
date: Wed, 27 Sep 2023 22:52:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 370
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"6eaa5f6c66d357f2e362fb93e5e9eaf5-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 80d750dfa93b2373-ZRH
link: <https://live.demand.supply/impl.v17.15.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 blockadblock.js Show response
www.file-upload.in/ 7 KB
2 KB 48ms
46ms Script
application/javascript 104.21.51.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.in/blockadblock.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.51.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2160282
content-encoding: br
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jul 2023 11:59:30 GMT
server: cloudflare
etag: W/"64afe722-1c1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dH7m2sg%2BXQ5hV7eKcQMdCcpAqqanfWx4%2F%2FG6Nt8S1avRGce%2BiD41EpJ%2Fm45Ud1gsTgMFJpqfSkVpZXTvoKRF%2FLnmJzHTM2jWFVVsnGBSAD%2BYXiheJ5S5NiXFKSP%2FXDjxXjqwTFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80d750dd28605c50-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 623ms
164ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1075a4cb5925a5362bc75ee3d0c3076529d2c487af387f69d24063d6d1cd4386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68989
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 22:08:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Sep 2023 22:52:15 GMT

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 82ms
81ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788719
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dv3bWTg%2FZ1mDKB7hGP9QRYHdUJ%2Bxmb6YSM0BN9Nhus8zz01%2B7PolkVO1kB2%2Fkr3RI273TVWiRPfYTH5%2BH5Pt7N22d8VHvFEmFZ671wW6upxxl1J%2BV5w854m42GbtXutecNHyCANN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 80d750dd3e6d5b8d-VIE
expires: Fri, 08 Sep 2023 06:00:15 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
85 KB 741ms
300ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

5a4d307fe75c54e535a5edcfd0a2d36758cd634b46b6f13cabf0ec0703e18b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.file-upload.in/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 22:52:15 GMT
content-md5: NggRvjEFNEdow3fDHk6JGA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86666
x-fb-debug: MAehGygdIXLPgo06VqLBv8GUoE1vOwF8hCwU2MS901MVeAWMdZooWRi8MLgGFVmkIQ+hKmtb2saBJRTTI0Ygmg==
x-fb-content-md5: 3a7dd6e7cd3a7a03568ef977e31587d8
cross-origin-opener-policy: same-origin-allow-popups
etag: "c526a2dd9a563e084270f1d37821cda9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 20 Sep 2024 18:12:49 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 440ms
30ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

74b11b359d9819e440da4e204e0449ddfa77831084e1979ed9ddf4f87b441e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 22:52:14 GMT
content-md5: jhiOR2iC1efG8/rOxzoAkw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: HT+dfal8fQalfyRSksiBDkwBR9hJ02dkp4bwwfdILHdZ0JoPk+odVemI2n6NC3CFpIWEWUulkW8TDdOINcP6TA==
x-fb-content-md5: 247fbce53cf234435fe3199832b9a77a
cross-origin-opener-policy: same-origin-allow-popups
etag: "9fe1b0358e3e6d9d81c723bdefa69c70"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 27 Sep 2023 22:55:23 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 543ms
84ms Script
text/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 21:51:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3637
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 27 Sep 2023 23:51:38 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 135ms
135ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BR5f3tGfpBPXnRQAf5yz4rzt9UYx0a8tPETkavi0e3iCZTZGVNInY5MVHj9JnMaYxKxfSBE%2F04r6Z9iS7DUPkPTxbR8zohO6bZCu4DwUGApS6DxypbQbjYIePybabUlSFoPhW2c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 80d750dd3e6e5b8d-VIE
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
3 KB 81ms
79ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788718
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1uBbhtzLKpbVw97XREg%2F3a%2Fpx5iUuPdanOEIkNU9%2FDTp745u5kPSPyIs%2Fc5YESv6xzh%2Bl%2BU7eY1hk7Nmiy6z8z69xLp48%2Bb1FuOIchmxzDGESke5EvxzbhKIhjX8OUV1oUs7g3G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750e0282e5b8d-VIE
expires: Thu, 14 Sep 2023 06:00:16 GMT

GET
H2 200 email-decode.min.js Show response
www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 45ms
45ms Script
application/javascript 104.21.51.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.51.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Sep 2023 16:02:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6511af19-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAnnfqHC0UYXX5OYbzgU8nWKscBLOWOYoKe%2BTt2GPOkIPP78Qsm9B3vienFnheBBj032YVHJNMFmBUQCuqHJ3J7NtxDBZzb11V5EMZif1VsXU2Mul39lOZaHTFfUcuPt9OX2nDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80d750dfeaa35c50-FRA
expires: Fri, 29 Sep 2023 22:52:14 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 544ms
83ms Script
text/javascript 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 20:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Sep 2024 20:17:30 GMT

GET
H2 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 82ms
79ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788718
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7eKnsfdJmMSRRz%2BUkznKR3R8OUPyljMIOMKmL%2BE9rt6fAhpgjo8fuY2e8G%2F6VSuvRyXJzWzFMDr2hZqk4unzmToA21b0mufyBci7o0Sv%2Bnpb9WLcIpI5eLplffRocOjvzCEi40T"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750e028305b8d-VIE
expires: Thu, 14 Sep 2023 06:00:16 GMT

GET
H2 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
963 B 80ms
78ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788895
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8TngQuOcrOas2qhtlZoKn3lYA9uOCd0zbVQwJZDrSI3KHhM4WmKcrmy9DKiODSAGiGZwgE5KvNfodfBps4GmS5YqG%2BBsV%2BnkPBlthzOnn7VI6XRgLvLECd8TH4LQNC%2BPkObJU1y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750e028315b8d-VIE
expires: Thu, 14 Sep 2023 05:57:19 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 56ms
54ms Image
image/png 169.150.247.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.39 Charleston, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-39.bunnyinfra.net
Software: BunnyCDN-DE1-1082 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:45
cdn-pullzone: 1574055
content-length: 4535
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "0abbdbd420cc1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 84058c8cf216b1cc017e8af173fba7f8
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 65ms
63ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/file.php?get=rjgdqhjt7oy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788895
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8viGSkhXQALM%2FuysX5eudcl5GpyCF2ue6%2BmqVqxv4Tf%2FMEQS6PqnT5q%2Fw6%2F0K%2FAAdKHyHdeSpMLrWLL0q4zIV7KDYJf%2BYrmivunkAZWSlYgWUkadhj3ZW4Kd6hg6OptC3R83Pw4s"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750e028325b8d-VIE
expires: Thu, 14 Sep 2023 05:57:19 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
85 KB 486ms
47ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f7c466436f9de11adeced80bced54585

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

4cdf22d79129282f0017ae09079ce3d6f19a53a7e88f4bb264b755e5de37f6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.file-upload.in/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 22:52:15 GMT
content-md5: I7hhZyCMn07JxGOsOY/6uQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86666
x-fb-debug: 11y2J55Eo7aKFDAkEVhMlDZJnyNssLx1YaGjyVgKisAIXvOM7VDjNzHwWQgeGUxzJG9y6DsOWBGTo1OsmeXSNg==
x-fb-content-md5: 09cffc1674b367bf2b637ee0a9760451
cross-origin-opener-policy: same-origin-allow-popups
etag: "f5be18ef61d0c4caa5a3af84c223ea90"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 26 Sep 2024 22:30:29 GMT

GET
H2 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 102ms
102ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1788895
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bo1wYzW%2BRWUmOWDibhwv1vvbnrps2WvZjH6Kv1g6wiHqmfLgvmguxqPov3vsTUy%2FXSFBQDSlGVDsu5Knrz8y4TPYHQdybcxDCQJu%2BD5s7rXzzDj23NxjSahH7kVI%2BrSJz0SL0CcY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750e088575b8d-VIE
expires: Thu, 14 Sep 2023 05:57:19 GMT

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET
H2 200 impl.v17.15.0.js Show response
live.demand.supply/ 82 KB
27 KB 65ms
64ms Script
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.15.0.js
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01HAANKZ94E4GT7BEZGRJJD566
date: Wed, 27 Sep 2023 22:52:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 1132130
cf-polished: origSize=84620
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"c4c243e9ca1d0f0ac14511caf420b080-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80d750e0bb442373-ZRH

GET
H2 200 d3d3LmZpbGUtdXBsb2FkLmluLw== Show response
live.demand.supply/p4/v17-10-0/ 2 KB
881 B 102ms
101ms Script
text/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/d3d3LmZpbGUtdXBsb2FkLmluLw==
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09035a19835d1af2033f0b7e4ef852c4a588f2fc2d66b66edf9cf60105938cef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:14 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 80d750e0bb472373-ZRH
alt-svc: h3=":443"; ma=86400

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
498 B 710ms
296ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=561&cs=c&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e489182373-ZRH

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 107 KB
29 KB 671ms
251ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

13bcaed5b90d32eed7139ac90fefff84ab736d4035ae9a845a3bf043b42b045c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29618
x-xss-protection: 0
server: cafe
etag: 390 / 19627 / 31078130 / config-hash: 824152568091751125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 22:52:15 GMT

GET
H2 200 ds.2.html Show response
live.demand.supply/ 413 B
523 B 709ms
296ms XHR
text/html 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQF0XRA6NF4BQ45H74CZGX
date: Wed, 27 Sep 2023 22:52:15 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 787433
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80d750e4891b2373-ZRH
alt-svc: h3=":443"; ma=86400

GET
H2 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 30 B
284 B 837ms
527ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934e35d4758a5a103783d0574dd85b36a02c58e5010648e535f52580f4997a00

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80d750e4891c2373-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H2 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 30 B
287 B 837ms
527ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934e35d4758a5a103783d0574dd85b36a02c58e5010648e535f52580f4997a00

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80d750e4891d2373-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H2 200 file-upload.in_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
322 B 831ms
526ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2f42f7788041968ac0aeaf63dba36d5ef022bf9a9314ea195abd0d0eec8505

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80d750e4891a2373-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 30

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
268 B 234ms
233ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQEPMFGRRX2JS85ZQXFHZT
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e4f9982373-ZRH

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
244 B 218ms
217ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQEPMFGRRX2JS85ZQXFHZT
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e4f99b2373-ZRH

GET
H2 200 file-upload.in_fluid_all_fluidallshapes Show response
live.demand.supply/cp/ 31 B
288 B 403ms
403ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_all_fluidallshapes?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc534450e8fceb2562aa45eeeb10aaa96ead2e1163692d47057caa60a223fb27

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80d750e4f99c2373-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 31

GET
H2 200 file-upload.in_fluid_sq_fluidsquare Show response
live.demand.supply/cp/ 30 B
308 B 404ms
403ms XHR
text/plain 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/file-upload.in_fluid_sq_fluidsquare?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934e35d4758a5a103783d0574dd85b36a02c58e5010648e535f52580f4997a00

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80d750e4f99d2373-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H2 200 poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 220ms
219ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2471241
alt-svc: h3=":443"; ma=86400
content-length: 10420
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28b4-5fe4d56c94299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqXHlwvWJsZOefNhWu4cbb%2BsdRwA%2F7Wh5xwuWV8ZxLWU5C1BnIHxB6cp0SAke4JqKD5RlOWPkbo4dsMuHsU1QvxGJnUnnOklYpHLc8WnHEYcsoGYHIiVevqNG1O1ItfDonRX5qQZ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750e51ac40e5d-MXP

GET
H2 200 poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 10 KB
10 KB 310ms
309ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2471241
alt-svc: h3=":443"; ma=86400
content-length: 10400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28a0-5fe4d56c936e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrKSBlzVmEQ%2FTbWsYHFEv2oeJdv2Z5JDN%2BLeiblyCI4KOLATiER4j%2BT6Qp4SpSNlANHJ0Ly1CC8XiuqOrX9TH%2B7FPvt1X9zlENZlEkvJCWDwa%2FaCGWuFHVB8D8hheoyTs6L9a1vV"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750e51ac50e5d-MXP

GET
H2 200 fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 242ms
241ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2471241
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "17ee8-5fe4d56c8f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewMoRW0meIUr6t5xLcEbzXFEW6o%2BLMfSWU5ED2jI4W0s2ZDzdu0pIy%2FfUtTV7FLJptCwPyX77J2RFvLhH5V4u6Y1jquUXzGHqyVN1%2BN5t1h420%2F5Qt6Y7hyc6jroYnegEv4%2FQgEM"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 80d750e51ac60e5d-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 171ms
170ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

810f499c3bf20b6a1da6846970c265b477f2a079179da96387a5fd6303aeae44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Sep 2023 22:52:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 494ms
38ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 21:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3752
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 27 Sep 2023 23:49:43 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ 409 KB
129 KB 276ms
276ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28518
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132106
x-xss-protection: 0
server: cafe
etag: 17184539905708832606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 26 Sep 2024 14:56:57 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
454 B 175ms
174ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.15898724198341369&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e6ecf12373-ZRH

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
241 B 183ms
183ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQEPMFGRRX2JS85ZQXFHZT
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e77e1e2373-ZRH

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
244 B 195ms
195ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.15898724198341369&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e77e212373-ZRH

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
269 B 194ms
194ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQEPMFGRRX2JS85ZQXFHZT
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e77e232373-ZRH

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
240 B 194ms
194ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_728x90_sticky_display_bottom&pdc=0.10599149465560914&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e77e252373-ZRH

GET
H2 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 168ms
167ms Stylesheet
text/css 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H95R0W3H9SMVPKTQMTQBKKQX
date: Wed, 27 Sep 2023 22:52:15 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1219672
etag: W/"ca59855b4714df36e4972d3d4157366d-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 80d750e6ecf32373-ZRH
alt-svc: h3=":443"; ma=86400

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
243 B 189ms
188ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_all_fluidallshapes&pdc=0.024594351649284363&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e77e262373-ZRH

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
245 B 190ms
190ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_fluid_sq_fluidsquare&pdc=0.15898724198341369&ucv=null&e=tcp&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e77e282373-ZRH

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
243 B 190ms
190ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=file-upload.in_fluid_sq_fluidsquare&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQEPMFGRRX2JS85ZQXFHZT
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e77e2b2373-ZRH

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 456ms
47ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je39p0&_p=326781879&cid=1222344937.1695855136&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1695855135&sct=1&seg=0&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
268 B 57ms
56ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:15 GMT
cf-cache-status: HIT
age: 787433
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750e7eed82373-ZRH

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 553ms
83ms Script
text/javascript 18.66.127.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.127.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-127-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Wed, 27 Sep 2023 05:20:17 GMT
Via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 63738
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 0e--u1QZN2zwVe7lZqzrKN9ElxT9QwSMKsRvxaW3Vw33JLJvXmEIWQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 584ms
115ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Sep 2023 22:52:16 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 176ms
69ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:29:16 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 69781
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: _LbCAH8az2Nr_azZ6vxOptMpXoQ0HcJ21SsADZwSB_S_KNfwmQahfQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
32 KB 510ms
65ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076f49c5c4285d33d4367cd4e943aafd74cb2a8faba78eebcdec26c95322bb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 27 Sep 2023 09:24:45 GMT
server: cloudflare
x-amz-request-id: R72RF46G68KEFR5C
age: 2664
etag: W/"dad32e558756cf2e52e60155a9d39f6a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80d750eb7f3d0e2b-MXP
x-amz-id-2: zRPdks1R/YizwbpsvT1CitlBayoEZFHMf9Qls3c4p9HiiekFpNsUugHcoIKdQkc7nLv96ZEx2lo=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 541ms
91ms Script
application/javascript 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17228
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F761VK7EUM21B4rXWERv6ON6tvLAQydxhnt8U%2BhBXHP%2Bi4h1DVFfhBeOJ4bSaU1KZSPLdvEfS7oaDLLytLCqh%2BQjlw5L1vZTnZrZcWpn9RRy%2Fd3wg7VpsLZriQGhAat5gIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80d750eb782c23f7-ZRH

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 142ms
51ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 48c0fd44fa3ae5723e0987bc188330a6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
1 KB 318ms
318ms Fetch
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4108177984119804&correlator=2640673839986232&eid=31078130%2C31077696&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cd0c94ace-e46e-49b4-ad33-00ec0766b4be&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695855136012&lmt=1695847936&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1222344937.1695855136&ga_sid=1695855136&ga_hid=326781879&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiJrfxq0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiImt_GrTFIAFICCGQSGQoKcHViY2lkLm9yZxiImt_GrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiJrfxq0xSABSAghkEhcKCHJ0YmhvdXNlGIia38atMUgAUgIIZBIZCgp1aWRhcGkuY29tGIia38atMUgAUgIIZA..&dlt=1695855134250&idt=1707&prev_scp=ti%3D8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54%26interstitials-bid%3D5%26bid-p%3Dgoogle%26bsc%3D91&adks=79733870&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

af2c49b9c1446b4bef9de10f4d1032a22b2080b0c96d62a5044cd59e30404a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 696
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
17 KB 320ms
320ms Fetch
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4108177984119804&correlator=2538838511663082&eid=31078130%2C31077696&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cbcf1b191-0990-4fe0-90e5-a2e0b1483964&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695855136021&lmt=1695847936&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1222344937.1695855136&ga_sid=1695855136&ga_hid=326781879&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiJrfxq0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiImt_GrTFIAFICCGQSGQoKcHViY2lkLm9yZxiImt_GrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiJrfxq0xSABSAghkEhcKCHJ0YmhvdXNlGIia38atMUgAUgIIZBIZCgp1aWRhcGkuY29tGIia38atMUgAUgIIZA..&dlt=1695855134250&idt=1707&prev_scp=ti%3D8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54%26chrand%3Dy%26pof%3D0%26bid%3D0.06%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D91&adks=2708986379&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

f2b5d028c07a8858c6761f3e74296310738dcb0ce8d8abff3a1cbea2d41deb35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17110
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
17 KB 417ms
416ms Fetch
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4108177984119804&correlator=3395553780645066&eid=31078130%2C31077696&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695855136027&lmt=1695847936&adxs=245&adys=231&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1222344937.1695855136&ga_sid=1695855136&ga_hid=326781879&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiJrfxq0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiImt_GrTFIAFICCGQSGQoKcHViY2lkLm9yZxiImt_GrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiJrfxq0xSABSAghkEhcKCHJ0YmhvdXNlGIia38atMUgAUgIIZBIZCgp1aWRhcGkuY29tGIia38atMUgAUgIIZA..&dlt=1695855134250&idt=1707&prev_scp=ti%3D8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26bsc%3D91&adks=2365977148&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

7c65dc284d235dab1b5b4a5f8290d2611c2aefc201c966504cc043e91e22194c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
14 KB 346ms
345ms Fetch
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4108177984119804&correlator=923240476524404&eid=31078130%2C31077696&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695855136030&lmt=1695847936&adxs=245&adys=611&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1222344937.1695855136&ga_sid=1695855136&ga_hid=326781879&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiJrfxq0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiImt_GrTFIAFICCGQSGQoKcHViY2lkLm9yZxiImt_GrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiJrfxq0xSABSAghkEhcKCHJ0YmhvdXNlGIia38atMUgAUgIIZBIZCgp1aWRhcGkuY29tGIia38atMUgAUgIIZA..&dlt=1695855134250&idt=1707&prev_scp=ti%3D8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26bsc%3D91&adks=554408032&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

fef24e084eb94af90d76c5fd7cf16d1f9b3c6f469ddc2f182e1759fba0aad407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13909
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 148 KB
45 KB 390ms
389ms Fetch
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4108177984119804&correlator=4321055466119102&eid=31078130%2C31077696&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cb6d4a9d1-0710-4eee-90c9-3acb530eed97&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695855136032&lmt=1695847936&adxs=245&adys=1730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x296&msz=1110x296&fws=0&ohw=0&ga_vid=1222344937.1695855136&ga_sid=1695855136&ga_hid=326781879&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiJrfxq0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiImt_GrTFIAFICCGQSGQoKcHViY2lkLm9yZxiImt_GrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiJrfxq0xSABSAghkEhcKCHJ0YmhvdXNlGIia38atMUgAUgIIZBIZCgp1aWRhcGkuY29tGIia38atMUgAUgIIZA..&dlt=1695855134250&idt=1707&prev_scp=ti%3D8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26bsc%3D91&adks=1354342239&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

db5f2f0c8ffb7c264b6a0cb85b01c6779ab4fba795cd8a0d10285b145c946338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46358
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 353ms
352ms Fetch
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4108177984119804&correlator=1260047586338401&eid=31078130%2C31077696&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C106a5b58-c28a-4673-ba5f-7a79f3bf433e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C550x600%7C480x320%7C160x600%7C300x250%7C300x600%7C320x480&fluid=height&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695855136036&lmt=1695847936&adxs=245&adys=1074&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=1110x616&msz=1110x616&fws=0&ohw=0&ga_vid=1222344937.1695855136&ga_sid=1695855136&ga_hid=326781879&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiJrfxq0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiImt_GrTFIAFICCGQSGQoKcHViY2lkLm9yZxiImt_GrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiJrfxq0xSABSAghkEhcKCHJ0YmhvdXNlGIia38atMUgAUgIIZBIZCgp1aWRhcGkuY29tGIia38atMUgAUgIIZA..&dlt=1695855134250&idt=1707&prev_scp=ti%3D8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D91&adks=598638533&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

19b68ea8aaa2603358d262a1c417465686716857cc5f8d6800c902b31d7e80fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13221
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 27E1 6 KB
3 KB 594ms
118ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 22:52:16 GMT
expires: Thu, 26 Sep 2024 22:52:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ 38 KB
13 KB 52ms
51ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl_page_level_ads.js?cb=31078130

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

2cd3f05decb1d9c26bd68a2cd2d13b1584eebbb92f78c15adbc894d02c6d4307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:40:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22320
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13631
x-xss-protection: 0
server: cafe
etag: 18158545400869290159
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 26 Sep 2024 16:40:16 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 46ms
45ms XHR
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=326781879&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file-upload.in%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1890000377&gjid=1482401956&cid=1222344937.1695855136&tid=UA-119779859-1&_gid=1883015737.1695855136&_r=1&gtm=457e39p0&jsscut=1&z=888455540

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
617 B 359ms
144ms XHR
application/json 54.77.82.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.82.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0be981521e808229828fd10dd3a8eef3e3d94dea380f9cfbf6d07334dccdfe5e

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:16 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache
x-server: 10.45.3.136
access-control-allow-credentials: true
content-length: 156
expires: 0

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
477 B 97ms
96ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:16 GMT
cf-cache-status: HIT
age: 787434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750eaebcf2373-ZRH

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
245 B 102ms
100ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:16 GMT
cf-cache-status: HIT
age: 787434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750eb2c362373-ZRH

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 904 B
779 B 109ms
108ms Fetch
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4108177984119804&correlator=2726466113119401&eid=31078130%2C31077696&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2C35c3e781-1e45-4079-92a7-84ee84a2671a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D858c2d1cd46cee57%3AT%3D1695855136%3ART%3D1695855136%3AS%3DALNI_MZssNP2J_cJCi-ZEvQ3oyWQqwwPJQ&gpic=UID%3D00000c87e2cbcc98%3AT%3D1695855136%3ART%3D1695855136%3AS%3DALNI_MaZ63YTRklHdKimXisigcGGne9ETA&abxe=1&dt=1695855136439&lmt=1695847936&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1222344937.1695855136&ga_sid=1695855136&ga_hid=326781879&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiJrfxq0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiImt_GrTFIAFICCGQSGQoKcHViY2lkLm9yZxiImt_GrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiJrfxq0xSABSAghkEhcKCHJ0YmhvdXNlGOqb38atMUgAUgIIahIZCgp1aWRhcGkuY29tGIia38atMUgAUgIIZA..&dlt=1695855134250&idt=1707&prev_scp=ti%3D8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D91&adks=3111070440&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

66227c832281a82a239eddbd5a5edfbaa80bb0502fed88cc9c15e28546bd0a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309151607000/ Frame 4CCC 223 KB
62 KB 653ms
182ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62227
x-xss-protection: 0
server: sffe
etag: "41242159531b2c89"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 4CCC 15 KB
5 KB 1040ms
569ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "62ebb0de0df26f82"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 4CCC 94 KB
28 KB 1015ms
544ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29001
x-xss-protection: 0
server: sffe
etag: "c5564a9c7a93c19c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 4CCC 5 KB
2 KB 1038ms
568ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "dde9f9175af3842f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 4CCC 40 KB
13 KB 1092ms
622ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "97cee024b23d3389"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4CCC 14 KB
2 KB 593ms
126ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 22:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 21:59:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 22:52:17 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4CCC 2 KB
3 KB 644ms
179ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 77088
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 28 Sep 2023 01:27:29 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4CCC 295 B
353 B 622ms
159ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 27058
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 28 Sep 2023 15:21:19 GMT

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
243 B 54ms
54ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.06&b=2&r=file-upload.in_auto_728x90_sticky_display_bottom&sy=f3f590da-fb39-43ac-b392-436420cb4f8c&ts=91&cd=2&pud=561&pus=c&pue=1207&pid=96&pis=c&pie=1304&ppd=103&pps=a&ppe=1311&pcl=1756&ttc=1317&tti=2893&ttif=0&lca=1311&lcak=ppe&lct=1311&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:16 GMT
cf-cache-status: HIT
age: 787434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750eb3c532373-ZRH

GET
DATA 200
OK truncated
/ Frame 4CCC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ff596e28b0ec6c2719f3c39633b967ca20d661f2c75959f903f39d0b7b63d6f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309151607000/ Frame 100D 223 KB
61 KB 721ms
282ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62227
x-xss-protection: 0
server: sffe
etag: "41242159531b2c89"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 100D 15 KB
5 KB 499ms
494ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "62ebb0de0df26f82"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 100D 94 KB
28 KB 501ms
496ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29001
x-xss-protection: 0
server: sffe
etag: "c5564a9c7a93c19c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 100D 5 KB
2 KB 528ms
523ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "dde9f9175af3842f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 100D 40 KB
13 KB 528ms
524ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "97cee024b23d3389"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 100D 2 KB
3 KB 616ms
181ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 77088
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 28 Sep 2023 01:27:29 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 100D 295 B
353 B 595ms
160ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 27058
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 28 Sep 2023 15:21:19 GMT

GET
DATA 200
OK truncated
/ Frame 100D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0da03f3d8712ab3617c63802b18f25906fdf2ff72849eb774153714514347e0f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 18008447432478789687
tpc.googlesyndication.com/simgad/ Frame 100D 103 KB
103 KB 615ms
204ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18008447432478789687?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnpU8T35U29t6MFkNcOOqXWvn0U-w

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

sffe /

Resource Hash

03582a6df025a7e7d3bba224becc0833131216206f50b9f6d9cce0f6dd775f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 22:05:35 GMT
x-content-type-options: nosniff
age: 175602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105254
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 14:25:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Sep 2024 22:05:35 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
246 B 43ms
42ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.14&b=1&r=file-upload.in_fluid_sq_fluidsquare&sy=f3f590da-fb39-43ac-b392-436420cb4f8c&ts=91&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:16 GMT
cf-cache-status: HIT
age: 787434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750eb6c8d2373-ZRH

GET
H2 200 container.html Show response
264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 17F9 6 KB
3 KB 157ms
123ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 22:52:16 GMT
expires: Thu, 26 Sep 2024 22:52:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
244 B 38ms
38ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=file-upload.in_fluid_all_fluidallshapes&sy=f3f590da-fb39-43ac-b392-436420cb4f8c&ts=91&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:16 GMT
cf-cache-status: HIT
age: 787434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750eb7ca02373-ZRH

GET
H2 200 container.html Show response
264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 87BC 6 KB
3 KB 132ms
123ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 22:52:16 GMT
expires: Thu, 26 Sep 2024 22:52:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
245 B 62ms
61ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.14&b=1&r=file-upload.in_fluid_sq_fluidsquare&sy=f3f590da-fb39-43ac-b392-436420cb4f8c&ts=91&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:16 GMT
cf-cache-status: HIT
age: 787434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750eb9cc42373-ZRH

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309151607000/ Frame F515 223 KB
61 KB 755ms
374ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62227
x-xss-protection: 0
server: sffe
etag: "41242159531b2c89"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame F515 15 KB
5 KB 536ms
531ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "62ebb0de0df26f82"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame F515 94 KB
28 KB 537ms
532ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29001
x-xss-protection: 0
server: sffe
etag: "c5564a9c7a93c19c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame F515 5 KB
2 KB 542ms
538ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "dde9f9175af3842f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame F515 40 KB
13 KB 547ms
543ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 193279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "97cee024b23d3389"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F515 4 KB
728 B 539ms
163ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 22:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 21:57:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 22:52:17 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F515 2 KB
3 KB 541ms
165ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 77088
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 28 Sep 2023 01:27:29 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F515 295 B
424 B 523ms
157ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 27058
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 28 Sep 2023 15:21:19 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
244 B 71ms
71ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.14&b=1&r=file-upload.in_fluid_sq_fluidsquare&sy=f3f590da-fb39-43ac-b392-436420cb4f8c&ts=91&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.file-upload.in&mlre=www.file-upload.org&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54&e=lm&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:16 GMT
cf-cache-status: HIT
age: 787434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750ebdd152373-ZRH

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4352891337474903323/ Frame F515 62 KB
62 KB 549ms
183ms Image
image/jpeg 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4352891337474903323/14763004658117789537?w=600&h=314

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

sffe /

Resource Hash

5a4c0724686b69371e770feac7509aa929a9873136e4f8c8042fb774570d447e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 22:05:34 GMT
x-content-type-options: nosniff
age: 175603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63219
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 16:11:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Sep 2024 22:05:34 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2479662266238816222/ Frame F515 1 KB
1 KB 544ms
178ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2479662266238816222/14763004658117789537?w=100&h=100

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

sffe /

Resource Hash

ca34cacc5c35eb51c708e9b8836b18ce066af1c0a68c3f6c2de93a2886957689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 22:04:08 GMT
x-content-type-options: nosniff
age: 175689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 16:11:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Sep 2024 22:04:08 GMT

GET
DATA 200
OK truncated
/ Frame F515 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6ba11b150dbd837d55dc1a48e8166542d30a8d241d81e61814f612367fdee4a

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
244 B 78ms
78ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:16 GMT
cf-cache-status: HIT
age: 787434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750ec0d5c2373-ZRH

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
244 B 76ms
75ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:16 GMT
cf-cache-status: HIT
age: 787434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750ec0d5f2373-ZRH

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 904 B
551 B 72ms
72ms Fetch
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4108177984119804&correlator=3304044927771701&eid=31078130%2C31077696&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=44890869%3A22720847994%2Cca-pub-3831894559014614-tag%2Cc80319cf-2567-4473-aa70-ede725041f47&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D3319c6334f9fdf40%3AT%3D1695855136%3ART%3D1695855136%3AS%3DALNI_MZ6Lew3pffV5eAM4cQUqCTpceiArQ&gpic=UID%3D00000c87e2f279b8%3AT%3D1695855136%3ART%3D1695855136%3AS%3DALNI_MYCOKoJnyp8MUTRR1Cq8EDSnIJsKQ&abxe=1&dt=1695855136613&lmt=1695847936&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file-upload.in%2F&ref=https%3A%2F%2Fwww.file-upload.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1222344937.1695855136&ga_sid=1695855136&ga_hid=326781879&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYiJrfxq0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiImt_GrTFIAFICCGQSGQoKcHViY2lkLm9yZxiImt_GrTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YiJrfxq0xSABSAghkEhcKCHJ0YmhvdXNlGOqb38atMUgAUgIIahIZCgp1aWRhcGkuY29tGIia38atMUgAUgIIZA..&dlt=1695855134250&idt=1707&prev_scp=ti%3D8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D91&adks=3607019325&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

f5377180e65619efdc1da7547144ffad4b6ce58d9c4f5c9ac624b9186766acf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 475
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.file-upload.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 159ms
35ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.file-upload.in/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.file-upload.in
date: Wed, 27 Sep 2023 22:52:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 22D0 15 KB
6 KB 1139ms
312ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 22:52:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 334288
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
246 B 33ms
32ms XHR
application/javascript 104.16.133.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=file-upload.in_auto_interstitial_desktop&e=nai&dsReferer=ZmlsZS11cGxvYWQuaW4v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.133.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01H9TQENNC7822TRJXWD82AZ94
date: Wed, 27 Sep 2023 22:52:16 GMT
cf-cache-status: HIT
age: 787434
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0189f0f87e454fe50787f97993385017-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80d750ec5ddb2373-ZRH

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 78CF 478 B
531 B 968ms
110ms Document
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCx8IABGNy82eIBMAE&v=APEucNVn3V90_ueEKQbXoJhhQ5JsODH1dnN_cbplAvnLvJgPJIdIC_gZFvU69Gju1cN26tctukubYRMjoDjo0L5--Vna3dxAfA

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 22:52:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 17F9 89 KB
31 KB 1048ms
189ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 22:52:17 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17F9 42 B
110 B 1114ms
256ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dv1B2J61dWkSozaTdM5-A5jO4_IrkZRCD2eds4_LOeDdM5WxxIOU5QutnkXDW25ewxJ-fHjdg8Ugt1lrfxlf2bpiupMufZwVqUiiW-mmpSjldM_yk

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17F9 0
121 B 1112ms
254ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17790655462619903578&x=1&ct=76

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1380004/69892548/xbbe/creative/ Frame 17F9 258 KB
79 KB 363ms
173ms Script
application/javascript 54.76.72.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1380004/69892548/xbbe/creative/adj?p=APEucNUiTopLG-VrMKP5MiYTBmRgoezRuKpIyD_qe30AXcc71uH839s&d=CokBAKAmf-A_aw9MJVyo-ZSxThmS_bQWGjOt65P2Q_bhU9Gjvtf-a_wh5EX6REUHkEayUFfLm0FfqbXhbopcARSbCcFkopQ0RX0ztZYi5rGn5c9V1MJGZ2BM_nZZ8Q2KlzYZ5jTfFATgmKnjOK3pDcNCInzW15vQmwodf7mv7kp4vLU0rJkS9VI3oJ4S2RcAoCZ_4MNeQDjZd2lbkrD9I28fO1hHoaoGIXnOlcOAaCDFQevy59i42yoRYaNYJ0iXf-h2l2IYPhI9S_Ao0-mN8ylhmIjARAmvAvxHOlhtONi3y54KDyMYL-zCkxcWr7RQ4i8X_kbZ-t4zgBKYv-yqu_0CQZ6CIXPvvXU_w3g_3wNcAMoGGNjjakhQLgZqnwI-sFcg7QKwdd6mqMpuOHfm1RtbBAx5lO9dWx0IRNa8tv1O3jMEtG4Rl7ccJq3Kozid1JnJBLHKsg8Kg3PXdF1qSl64H1-4oN5NGfzkagkqZxK7T0waOsKR5So7US-ti2qLwCz4W6zgPfyDM4rS9EGDtZZR7fnsML9HXWNNqo8eXj-wdJIeJ1TAlrD0Lcj2Ng-PZfEpAYki96HfAcYscvswxAiXGBnBlKfZcrDP1K_sA8eMDho-qjx4C5rMxo03CTbJF-o5RX5M_389l4BjMR257cPsW2IdpxAEeW_VoNV0nX-PQH04iXQ_N0NR83U8c5aL9igTOQWZFEfLpPB42SGxtFr9aRBsd6-ikWUBk1pcCxxoUEL0hdtifw2URpcKPfYjbVU55_UiCprYlzQdit8pJdcCW-Cqp8KRM8kCOcpGHFU__-fxl2Gp8Q2S6UXBMlH81ItarfqkcBnQYkv0zcFFVYgXpZuEYKr_h-eYIUBQVcGWnStqLp5lChcJAjuRU2N42Tssgu3-832pyJoQVuTLC8BU8qX36zUCRR6WwexIPjtC8Cb_703tD8-qS4ohTjGouYm8vG4oDxqIVLx_QjBOnvMTtlG8F31iRTb57KE6aGLJmluFQpCxpcoRfENNQqU8VBYrsFTjL5ZQn5qdZXc1xg230_yUmMFPhOpZdbSxEECqdsEDXyk7nOXilxhIKQu-CXuFSOsClnbceVESLTQnWeXATouG0uOrlgXDC7elgH-z0ZOKfE0XN4ygOr9TtI-Fn11v3vwGxgw4NvzsaW6uYsqduJJKWbD8f7V0leKC2UNiF9Nho5KgX6p7bgvWh9_qQPzS2xtlx5WMnHHQFqe6PypaQu55w3e3AQWVTcM5Xjzd-hrm900VnykMyRmT069MgkycYF5x6SigEIQRlWryjt5-D5qSKTlTN0iMB8r8oyCaVo-Vfx0eCCMdvGyWVty_YTknTe9R_p-3GF195WsOT1B9Xt27rP3Yr94TZstuE9vD5p5-xLJSUSb5uG96ZpD4KWO7InKS0ripufaeDqs-Nxpw4AT7ymHPlPYSedwonUyTKAaXBC-3dyl10OBFec73ppgfq5-BJfVSaahmmXSzsLzSOQ5h8duesCayYhnP81OoSROAfYiYUBQbhwYzfws_6cFkoECl1bh2WYRBX3wRdsxWcQnNdPoHUWB_vdsK8M6rg2R-QnzbXHzyaPxyFmZ4rclsI4BE8Z5DyRYg809cFzuGp8PG-oW1Fc0htt5-gc5-TX32TWntYzlIrwjKviggHIYlEICys6-GKgk-E60YXBEy3A3Bz-TzABWU1FaLibcNZKJ9DSqgGo5qnIVpAGXvtuguUZxO0cBiEHTp4jPsTpJyXwGWGHt8b2gD35QFDlQ_sW2fBRaiZ6CgBa8BKUKL2UrPW4ByExb7smwsuHTEcxHg_D6CO18T77rQHGAGNGC9wtN7Dqv4yOwLPFqXexV3FrrRST6MQyiP6kh01lFwKvLqe8DCrWlfi12pMoxGdTX9fdUCzAlPnWXV2hVLAnalhCk0CzihxcE5kibcWNkNDxgTFZDvh3E90513BIeCd5jLqXZICU6WEA6VqqWlk63fU0YtrraYwlJn8WH46IGCP4UneVwwtu4JD85WNp8PbtJFhE8yKQgm99OpmP3mckLcm56hRXX4bAl2JdpG7NQEMKyWoCy51n4VSuE2JeFgqA0vjLIZNjQWM6gwQYN7mT3BEG2vWoRUur8qVq9kfVlU6p5FgyN1-at-nDPvmqUAEpuWJgQUSQdFFBspsstSp7HyIY_Q5T5Y2-bEu0sAJ7hYC8Jz6b1GTQhW2M2Rg4DpyDTYpjYAWwYtuRXkzqeF0Vt8jHHLs-fbaoyvQ9NjCvG03TJXI37QVWn3wrVM5UHdnUJMHRNUapzgw1iThvdAJCKSnW2E4JVvdcIn2oYpuaFDOFI0-PgOX39rHmIb0rV5HdcR018ecIlhJ39-4-QnYtvI_fbracFiHjQvQIl6YaViQgxo-vqgvKv87R6vQ3OEGOMGz3EUudlU7vMuLP5e39o7q5CdcVxsbymJduNI0_EbAiYU1LHMipuhf2inqJc3K5VO1drsWVMh-CAZ3PG1-RKJc2vqEayKK7Ys8JLpwnmV-aXvEnNJTq29yyTh9_8BZn3mjLAfqXWTiQ-U1dLhFCl0KJKkOTj4RH-rkhDhIDmcV5ezCGhHsq9ZUhHFviM85vtWlWGoZ00lkwyUYGlyZLlEkkeASSoW7Dhj8dIDF98lKlP-XszgKUfDn0BWiJ2yAWsoiWXB_SkduIpuk6H_LqTy_yoAVDoTapmlJ9sFDMPHL7CevtiUvrCfIQpFMgdWjBAsoCb8Vv18mgcZYAEK-kkLCrnaoDnI2pXN84QeP0EEirzdNiajbjSFacwzz1pJv4uhbw_NKq7_lgX7QF3BolGn9bKXLIQKrLy4f3lvLH_aFayalxCZhxINQHKrCxvb8aj1kerNuntZoOH8dWuuyigRxC_ebAek9is8v8i-aQ5go7elxdAVXfGXmRnmMbrZvTzRVNOWk0etH0SYB7EaHy1KSTYOLU6wADUEK4T7oASYRiOg1s49sutM3Oyh-EW31lMQ7Cv12kmLPCNK1byuRTJ_URXD0Tdcz-qOdMJOPOErMFzS_hKnccHw9sKC5lvNa5kFptmaoYykov0apSczpwmw9hyIszXNfMYobF--0cy8PaMXuptD6sOzZmZAU-neTVWuekGXDkIZ9W-FPpZOJPVA37lrFIhepKJJb1LPgcwOaKdQonZftJDzy3dl5g8l8Zsqs9zp4PtYObUaybzMqsr3_0r11ziGEKh86eONDgWNdKTht8jXaiKw3d6-uCEw0dTgcpIiyKTNahRMdZFS3_B1cthwE_JpTjieb1DApxw-yYscl3hSWkZjasZJXxPuErUCfMIFRloOLk25G0egM26dDRJwN3hLbO4YYdztzXmfC1K5pJwEqvXWUzZrQ7cb59l5OVqr0lVTojF7yon-auwjOMuXlDKhVWI74mIW4cyiaTPb4ubTREReVUkICgG55onYe2HRzN5dUXzrS-3aZ-Qdfh4MOYo-F0jSzIXxRztthD5Y71nrvEOy26SlkTRLWOjs0SF5qH6E7jo48pvAPaZVsN21EAXghAgER7DnW15PGcngjR7x3OzEXsbsrXClzDjObjCKgsBASGOyyF7-mVnESXmuMlKUaI-IllrFwn2G8tB5cmJVbEbmGTozEe0oXdg2H3hzyDkCAc4O5wri4px6gTFrLgClSzovYCETDnowulyrqsvztGTHZ1PCJJHQhwG2H94x485UImWoO5eiobEN9XC-m_bv2e3l9DLbly8CazOFTJOFx28-CNL4cuzNieOLfdwbbYAHiEX2xBLla9sOVPKg9ZO2JgQyDr2dg-KgSYOILu_ZepPt0V10ZAEK-euB5ggvyY6GI3FQUwxHp_bNmqcs6A9R7v_pOCGlP2K94vFXdbI4PW781HZnmGOZJcK30NqvaQTut9sggLst6XVVArthxkG7FPngLsnzOEfOpSG0IwkXf2SdDgJSV6vdjGZgp010cnfbIwEUnVg0mAdV3Pi21mcS50385vp8lMHGZAlkdSzu2JRoxXgXRaF3JxMMjAGVJUaNeSmTEmPHp6Xjm9VF0I0n1D2B2EloXwOTaa-x0qJAggvvxzaHlBP4gBreYwAFjRDge9Vj1kHJn9Am_MYE7bERvnP_GrVivBsLlG8tzjZ3WU0888kVzw2ORuc8KtVAZZV9SAI_9OKZahR8tzt-X97qNgdG2Y8U9BdqPTAodnEcgOkzPRal1rJDNZLNaYllCUgpiH6GTZ-SM9H7-sbbS2JiS-gaUQgEEksAyAmmjSWxc7vQsXuwDDUOnlcVuLxV7rT_msKdiSIwgcywASy45NoUuF4zV9gyMWHVDCd-iLKYHMbgLSGHLIhKY_HfgHqZ4GliMFAYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1010763377&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19758437279&bidurl=https://www.file-upload.in/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jW7nSZpzE-2Wr1hAzfcJlY
Requested by: Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.72.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-72-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c277fb6c2467fddd89d0a5c8b8d5f08aea5cafef6c7e62df0d92142cc5d166ea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:17 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 17F9 3 KB
1 KB 343ms
104ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 16:09:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 17F9 20 KB
8 KB 334ms
95ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:55:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:55:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17F9 182 KB
58 KB 956ms
140ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 22:52:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 87BC 14 KB
1 KB 398ms
161ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Sep 2023 22:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 21:56:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Sep 2023 22:52:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 87BC 2 KB
945 B 332ms
102ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:55:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:55:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/ Frame 87BC 23 KB
9 KB 336ms
109ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/abg_lite_fy2021.js

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:55:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:55:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 87BC 3 KB
1 KB 334ms
106ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 16:09:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 87BC 20 KB
8 KB 325ms
98ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:55:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:55:46 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 87BC 225 B
330 B 506ms
280ms Image
image/png 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 12:26:03 GMT
x-content-type-options: nosniff
server: cafe
age: 37574
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Thu, 28 Sep 2023 12:26:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87BC 182 KB
57 KB 1088ms
284ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 22:52:17 GMT

GET
H2 200 c233ef7b00e27d1a3d2fdfcca9f8c94a.js Show response
www.gstatic.com/mysidia/ Frame 87BC 36 KB
15 KB 1046ms
146ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c233ef7b00e27d1a3d2fdfcca9f8c94a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

b8ab5f91903d3ffacb3291e6c04e255b777d32970c2ac56f48e527089044b234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 20:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15198
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 02:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 20:50:01 GMT

GET
H2 200 data=lT-gGvGHCtVuGGP7cikSmqEsWwG64O7_m4xThpJdaCZv5MoqL9DqRBiSAgLeDmS45cMXkh1sCGIdAz2V57iUF6eRAHv4vKwN5hEORJr0XDYdWals0QCLy0l-
mts0.google.com/vt/ Frame 87BC 124 KB
125 KB 1156ms
271ms Image
image/png 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=lT-gGvGHCtVuGGP7cikSmqEsWwG64O7_m4xThpJdaCZv5MoqL9DqRBiSAgLeDmS45cMXkh1sCGIdAz2V57iUF6eRAHv4vKwN5hEORJr0XDYdWals0QCLy0l-

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

7ee3913ae468128114dde43ed235d0ada52104df9670a8e2e92ecde5995ad108

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:17 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127115
x-xss-protection: 0
x-server-version-bin: CggIBBCQ4MmoBg==
server: scaffolding on HTTPServer2
etag: 0790c5bb2c2948d59
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Wed, 27 Sep 2023 23:52:17 GMT

GET
DATA 200
OK truncated
/ Frame 87BC 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 87BC 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4CCC 33 KB
33 KB 927ms
333ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 409696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 05:04:01 GMT

GET
DATA 200
OK truncated
/ Frame 87BC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0be9b2791485bf94bcab34ffe07480167cbb0d941a57dd40eaa328f60849066

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F515 16 KB
16 KB 806ms
260ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 418628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 02:35:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F515 15 KB
16 KB 794ms
248ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.file-upload.in
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 499525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 04:06:52 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4CCC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

67ms
67ms

Image
text/html

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 27 Sep 2023 22:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 100D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

68ms
68ms

Image
text/html

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 27 Sep 2023 22:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4CCC 0
0 195ms
195ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgjsdILIUZbWgCIHMgAeL3bCwAqD_gOVy9bTwyfkRodmQ2-cNEAEglZvKIWD1lc6B4ASgAevY3-4CyAEBqQJpHWSqaqGxPuACAKgDAcgDCqoExQJP0D6AZIiPFYVr5bcdbxcemgli3x-m-yr76d6H_LbiuG8Ns0snd2-heDWGA-e-VippB5fVHUjN_GCnOd-jDZlhq_oG_oSjJVvBWMiv3bAzZi8m3zo9x79teNZsp6IJN0bltV1rmoEi8yXEFQMwITogNp-ZNit3HV0gmcsUK40N7UoOhLGXnddxjPLOoBD6vBP3B8Ymf-M6SlX7-ara2YW01r2nSQ2G0GXnMH0arOfy-nUJUfb36adxdGO9-yDI8BU3J74qzQZ0B-1gYaOh3nQ8hDRyOUxq0aqyDkeE61sb7nsFTbKR8PrxfJ4nTtjbnGNspIydmqwzbGlWTCeT_GEMZKuVGnv8hivgn0G_BaYKBLOXYlUEqs6VIfP-qRu25TIYndh-3X6n1q6NZaDgzjQ2g1r5FbY8hu89WcefPeYo3XG0DiDhwASn7ZC_twTgBAGIBYr5ybpMgAf9pqCRAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMu1GNIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgnPAWh0dHBzOi8vd3d3LmFyZ2V0YS5jb20vY2gtZGUvYXJnZXRhLWp1bmlvci8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jb250ZW50PXJlc3BvbnNpdmUmdXRtX2NhbXBhaWduPUFUTC1BcmdldGEtQXJnZXRhSnVuaW9yLUp1bmlvckNhbXBhaWduUTMtR0ROLWFyZ2V0YS1yZWFjaC1UT1AtR0VOLWRldS1DSC0wNDA5MjAyMy0xNTEwMjAyM4AKA8gLAdoMEAoKEOCm8qrFov6MChICAQPiDRMIq73q1_DLgQMVASbgCh2LLgwm2BMD0BUBmBYBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=zuHEhrpC7H0&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNoSYJsqhkriQBmcC4S2794UWgbkWd2vDKS9OWj6z46aubtlO0R5p7m6nTTgpqhCkwYwqQutrQdUS5R2ppzWHjgzKIAQqe1iMYAQ&cbvp=2
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 100D 0
0 222ms
222ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4iRxILIUZZa3CNiOgAeIsb-wDqD_gOVyvbbwyfkRodmQ2-cNEAEglZvKIWD1lc6B4ASgAevY3-4CyAECqQJpHWSqaqGxPuACAKgDAcgDCKoEyQJP0CgpeJqMQOx9L3jCShVNB8pbM8J988B1_Bgofhwd-Fy54pvVW1MTvwDReMTU8zSqxrR6f-W76NnBloXTz6B9p5q570-wfPNmWlc9mhtOuSvzHMGOpJx89w1HwrQbSHfhKP2ggnz0-KUnYDN9V3lsp0Np_T7V6f2bIqoPyUj_P0XjF3UFDSj41jh7X-VtCNVklJB4312aRS9KUlMoT4jrBhEyIhFKSVEBEAYuExuHhjQ-6sNJc_YtxY4E4LJhDOTqGVaC3h_C1yKiXTH9kwoETOOh3o8l6dmcNKc_0C_P2KvsGKPiHrjAuNFfVNSW9s73lJyKqXrfq6vz_Ok3YsMfGxFlyq28GrXmS0kqRjTchmOMhmhUrYGbFW79A8_IsQxincEGlFxkPQacUAfKXjQ7Z3FjNMuNRNguli6Lkys38t7GUiFWHxYf_MAEp-2Qv7cE4AQBiAWK-cm6TKAGAoAH_aagkQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDegynSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJzwFodHRwczovL3d3dy5hcmdldGEuY29tL2NoLWRlL2FyZ2V0YS1qdW5pb3IvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY29udGVudD1yZXNwb25zaXZlJnV0bV9jYW1wYWlnbj1BVEwtQXJnZXRhLUFyZ2V0YUp1bmlvci1KdW5pb3JDYW1wYWlnblEzLUdETi1hcmdldGEtcmVhY2gtVE9QLUdFTi1kZXUtQ0gtMDQwOTIwMjMtMTUxMDIwMjOACgPICwHaDBAKChDg0fTXt4etj2gSAgED4g0TCMfY6tfwy4EDFVgH4AodiNgP5tgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=6lR0FrI6zCc&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNIWTFIsWe5L1z76smVJMEhGfCJ50qBetaiw0LOqwY3z-fFpBZOyeudCjWqHdwbmgqDBpiMW9sY8uyVaQ23c_h0S8xdj2tkRgB&cbvp=2
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F515 0
0 207ms
206ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNni7ILIUZaarCNazgAeJz6OwBKD_gOVy9bTwyfkRodmQ2-cNEAEglZvKIWD1lc6B4ASgAevY3-4CyAEJqQJpHWSqaqGxPuACAKgDAcgDCqoExwJP0Jy-uoUukxE71jlfE81nNF11l1UZowCvSN81WNi7S42iVOY-EQRq2RxcBEGu_9ayzC2gI7Wjisi8SV44tjOrnB6W-gHX2vm_xkK2AdfWd53Tc7qg7v9WSE0kRQuuK0j8ntpA3de30uBZJidDgXJU74Uo50RYuzQskbc0iKGy9ShY4TWFpTRs6E4jWMvcPNhyUPyyGSvtpefJFl_HdzxE43LNfksm51tJKkZAqRhvYWFs7jNWmbupWQIyKMZpeSQ5AVRqckRydkhtXgRhMlHglferLP89owWroNLjPjFAN7SDGf2J4k7vs5oRS_fqNLDqK5WZZE6f6p4P554iZNNqMsAddNK1_V7ds9vkgdg95Mr-WkCipkvn6ZrF-ajSs-QEb2D_DqiH1EdWMCu50kwRKtk5APxvFKmsGKMTPZ7rpSe9qm_4QovABKftkL-3BOAEAYgFivnJukygBi6AB_2moJEBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ8owm0ggUCIBhEAEYHTICigI6AoBASL39wTqaCc8BaHR0cHM6Ly93d3cuYXJnZXRhLmNvbS9jaC1kZS9hcmdldGEtanVuaW9yLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NvbnRlbnQ9cmVzcG9uc2l2ZSZ1dG1fY2FtcGFpZ249QVRMLUFyZ2V0YS1BcmdldGFKdW5pb3ItSnVuaW9yQ2FtcGFpZ25RMy1HRE4tYXJnZXRhLXJlYWNoLVRPUC1HRU4tZGV1LUNILTA0MDkyMDIzLTE1MTAyMDIzgAoDyAsB2gwRCgsQwI_Fwcn0t4uYARICAQPiDRMIvMnq1_DLgQMV1hngCh2J5whGuBPkA9gTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=DC5BDYjdiBU&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNdgAZbrbjteyRDqDKrU__cX3x-tnRzz-D_7I4bU2fOr39WUZvZSisa-OFjQ1cFNeSsSu-W8oLJvTqDGxvXT5A7xQAHXBzWxgB&template_id=484&cbvp=2
Requested by: Host: www.file-upload.in
URL: https://www.file-upload.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 78CF 170 B
409 B 481ms
90ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCx8IABGNy82eIBMAE&v=APEucNVn3V90_ueEKQbXoJhhQ5JsODH1dnN_cbplAvnLvJgPJIdIC_gZFvU69Gju1cN26tctukubYRMjoDjo0L5--Vna3dxAfA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 78CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM3i_9-xN8DP-B1ZWk2MI8M&google_cver=1

43 B
342 B

82ms
81ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM3i_9-xN8DP-B1ZWk2MI8M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCx8IABGNy82eIBMAE&v=APEucNVn3V90_ueEKQbXoJhhQ5JsODH1dnN_cbplAvnLvJgPJIdIC_gZFvU69Gju1cN26tctukubYRMjoDjo0L5--Vna3dxAfA
Protocol: H2
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5NM%2B9IxGS%2FPQQ8OSrEIRdjpz5GjYJL9DO40mBgzV4pZkrIXE6BzhB3GZrHngj0lxUYnxPLBtTBlYi6jFnrRtMvMCU6wTgE0wmidSSndFyHJOV%2F%2F8lf5aqxTfJbWoJlXk0PBXof7qba%2B5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d750f608c2233d-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM3i_9-xN8DP-B1ZWk2MI8M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 78CF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRSyIncneGg1-GKRYCVOLgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM3i_9-xN8DP-B1ZWk2MI8M&google_cver=1

43 B
331 B

67ms
66ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM3i_9-xN8DP-B1ZWk2MI8M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBCx8IABGNy82eIBMAE&v=APEucNVn3V90_ueEKQbXoJhhQ5JsODH1dnN_cbplAvnLvJgPJIdIC_gZFvU69Gju1cN26tctukubYRMjoDjo0L5--Vna3dxAfA
Protocol: H2
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeRz%2F65a6aYTYCIJkgn0CP0lhDnBY3wv0WhJ5SmaM%2BXsoeIFtg7eiyUD2zfVdRGHJoj1aB13EikV9NdlLZGomPExVKNZjwJK%2B3TOT%2FVmiv%2BoEcFvDSKYKdiejuplvQrbdZt5wXyHQWWV%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80d750f6b9f5233d-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM3i_9-xN8DP-B1ZWk2MI8M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17F9 0
56 B 249ms
247ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5704674008803&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17F9 0
56 B 228ms
225ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5704674008803&version=m202309120101&ct=76&x=1&cor=17790655462619904000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 17F9 16 KB
12 KB 208ms
207ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6iFhfKjB-bh0KUa55o1LL_EZ9c4lqoMPmvkGtG76SrE_odfk-mrULexFJ6gfaZc5cK_7fUDishLoOEgMF3Gu-wEkB3Ybyb0KdghxEWHCxmW7i2vGBT2uTeMTH6z1pv-s-snGKMN9ribK0m-rbXzyb1PzCbdnb_lAKiLY_MFE4dF5y89g&cry=1&dbm_d=AKAmf-Dmb2xuznlzzpeOqKZlCa8se9v9Y0FXu5fTx5EyFiNZundSg3QYpePf0JOWv1WEaO8QRn8_SbKIYXUQ6vMgPs7gHPfEBMZhY7y-l2NVDGCb42DHUDEU718TIbzqSKpJYH3vu-2YlxOD8u_OWID_grpO_fvcnM8QurrVWl6A9o0SNnw4KNL5k4uktovuYkW7w3zxURQq4F_7ewaxhpw7nuZ9-PW2UfCAqRtIbfSFwncJLUajPAsmyPJzLQKWkdk1d-9rKfh5yMZ60bG2D1DaEnm8RBDaqiQlOvFA0Lml2g3ThQeCFfrHHokplZxN-VP6sSbDss_0t9DP_c5Cpzxduhm9OuHx5Q21gls9C3Y2DWvtr7g6W-SGoIueBwcdf_ame6gDjfNXE49ZhHVtVPWvGkXazRm_spzjCtpykrDDICwXLpPmX8z0IXJv-cPCPR5Q-4IETXF_FAvZ2jstG2TlJJVNhJ_WmV2LHsDD0wteczISKcsaIjApGLwBcoIRoWlPXfRPCYWuQYRvhsOjtKrg5BFAb_wOjZJ2If3ZPPMPSAA9PeUxvpqV1xiJb71wYWtnAB83nrm1YBtPglEZSXY3RQGo1zA6FaNTZGLDuuWsWeG0xhhPzzWH3fof7e02XeieZs36NkVI00Sl89ZWhz_p-6DXreS8g3sd4MrHSYnV3rVBf8Im4i9xD9C8isKllgLrr3uKhqJgZY49y1q27znLFi2XwfTmUTQZ0sYhhXUeNzwJAY2KCa0h2RZlEs-Gm842Hc_dG2cXL8Xun7xd4CueBiUazjcpHaq5RfBfec62TtDZUQdDNv3WkItFnBY7axm8FmnCejjNmI2kj08kxqDW3ROndb-t2ZhV6qyr9Pqvg6bRzYuCJw5zU1MdakRwLwY5frjZPyRiQnh6D6Ep4MfwyJbfE5PVF-UIWWN5_3DVRveSoH-BSutYaNS-gV_tCkZHh8Xk3V4c6UsMbs-pSyH6XfFPTMF7bbVyTwD77RV1Ww7yy6ciJTV2DmHJkm4wcCs3f3zXQ0I7NnjCYtWFK0I39-x76ilzcqt2o5cTxkwLhXXkdbG5jt7HUGTT8iG-Cq0odlrDyVIUDXQXrrNqBW1uBYa_GfInf9vyRPzdcvoERb5YPBi_Ya_0Xs9vhyWA8BDIxZBygCX_ZO-IMEZ_pUpSpZyRX31aODSsMcaAzHfXgKhQd26pRlYbzoUPHltmTq4mdIFYL2Vw3FHKobJ7SPWv5eEryw7YuGbRh8PO0WMAu4wos3YlrxACgYcqjYhnHPWHaxVWFoYxfyQw4AYZxVLnq_OcExLzxit_2M1Nf8BbkezvT8R6TpXlE40TPKv9DsBe9wMVPlZFn8EFaxOuULsX0_kJpTkc4kSZVXccHf8LhVTPNy0LYHJnQLiA11yQAOaIj6qDcXJUsNAR-Ue8MPQP5j9O3_362Iie9MED4EMQnVZcTGxuNklyugamA3wov665b_zJtO8hctmYzFDUdeHQpQ2Ip9gwyGzctbq1dhcA50eHCywNkC1x4wWL5qyNLJF2MVILxydZVvQCKSOekWMTnRnyssZfz7C2UQZqmHAn6vXYYuVi9xAg7P0nnLR4baclgpKe6iwFz3qCa5HvYTCXXZjggg0dvboNEJWPTCaE-0fqtAt0eD7jkbd37A90Ur8kIBVKicOaPVu_jXXJwLI4HKgfyaaWQFoS8NsGTXG0hPJFgh24n7A2R6NBOSlCLP4xeYjcgnW7Tsl4UaMiZrz9pN5WTXlk6Xn9UQo8ZgEJv9DbbXkMJk8ejkP473t9kISIAe8urhs_ox9C2kSNzRf-cul7YY7lv0RhXUKbkQVJaynxm2PDMlQGdOXC0UeuCOwei5-57sEKRW7GDHSxDVqGvS45PlEpfilVvyG-Cfh6d8h4hnjJIdMcnZB0ThT-PG75WLr_eAi7A8ttSrsZUK1Hrbo73S3Zkjm-YzeTTL5TuWa1WusI8p3b4ZodlyY65-UK75l5UXghjlbMW_FBjqCmv7zQmyd3td_rgynZjjDMBY855IHbihK8jpcX-GS-em0HJJpaoz4GSRmbhRa_aNXejj0SGGgi9s2vBEDHDM4HbMPIpY8_aBZbwuLVuIutmZjs4nqsfsM4LnHGOmXsEeOaNz2SOKi3Uu2PQqYiudTDjaCOaIIdkWL3Xy_RiHX4CQYAQ3k5LjRuNlE7ZYJxwNKdqC5QbFRQKLRkVLMqD39scZMOUiNnsW_DkeRBDSBlR2-ZQ-PCMkn9JrcNarC-z41Z6b61GJA7FQWodbIRFfota4SPbraPk5yPxcmI7-uDOGrKojHvLhkTs1JQagAIIS6g-DYlLdncd7_HcS0kiri5Biw7QbZGJF7w0XLGcvQQoG6Gg9gXZOjetY-ZjQbalwd3uMdeoVPR23xak6qKl74XmWHojuWvAjgB0slfBWBO-K_qE9VMu0eP_VboMsICXyV0NpsubtUuMrSi8wrmRVF2kJG1A_xdc4DhHNbPNRD6xsMho7kT5hrUQvZQxsoew-yACk2nYNRTe-GPOvd6U69DmeBuCnSpzE4lJHjmh0Cu-12DjMPxdZEBusjBemCKS8uI99N4pzIz5R_VVbQf6XkevfxQQxBiKb54mjb7mgbPLHsBLNfRJor8DeDU4lJ6BZifOnLidpAuCK0ls4oXrdIxhmyoniU6ku0wazV-inQotMAiMbrzfwaVCkEWJmjKVXFkhfY2U8dzh-yXgLygYeUjD-AHkPRS86_8kDiNq5el0bv0Z79D8dWF_5TlWk7z-hT4X_6ckY1avuP36tdWJ4HAQ3u1HU6cHMq5pBGBOtOcNWj4YlRCXDQCgjCdcp4mL7gLJMwGdsKswcwO1WFi8yK819j5dfG-8eT6g65U3KTnePXH1HDSPfMpG-jJic1wP2sf5dQtmOdYqJkPFR8woyi12VFf_Nvc67JhhAs1GLiNKfNKE6BN-37mAZRZaryUliKLteJRyHFhOIwjPUFuvrL4P8GBkPzzXX1sEna-7-Pfx6f_Caf76FYg8rU0yIP6nr-9Rf3TZio-H_XqGYyltyXrACL51wMB6YSQo_Y_BOoTQeAFWHsennsDQJXO7OuwCM0rmsKy6knmcva3YhiM4EYBfhRhS-d0opR5_WEUSBYCxIQQtoCCWqjpcXJp3DTftaeV_OC0gANebboHRNdcDJUvkU9tFB3Hs7o&cid=CAQSSwDICaaNJbFzu9Cxe7AMNQ6eVxW4vFXutP-awp2JIjCBzLABLLjk2hS4XjNX2DIxYdUMJ36IspgcxuAtIYcsiEpj8d-AepngaWIwUBgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=17790655462619904000&adk=250412560&idt=1112&cac=0&dtd=62

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

561816271d18d5622930ec9552ff956c8613948d2ccf47872322dfd8dc825c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11908
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 22D0 422 B
569 B 157ms
156ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=file-upload.in&sn=ChromeSyncframe&so=0&topUrl=www.file-upload.in&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

800e083bc13f36849a6eaf79edd2102d08f62a635d29e0acca022bbf1d97e117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.file-upload.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1488884
expires: 0

OPTIONS
H2 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 478ms
68ms Preflight
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CDkdAILIUZZr4CPSM1PIPr4imqAHW9eDRccnB6s-BEWQQASCVm8ohYPWVzoHgBKAB3NjF1QPIAQmpAgB3GZzURLI-4AIAqAMByAPLBKoExQJP0MZVtzxn1412Iy-o8f1sNnGTkAqmOdQCAV9eEi9TOlX2V3hZtqbQUF7XzZvlfAehn1eTuq1O88X_pKgiaqMUogttFN5cBLk2dzzrllMow3F4yDiKtE6j-UkCYUq0765ofKQcHp6qbMJN514Dswsz3lXQDNzymslfXWdSUn6hGVuOB1DzkdDrUgMMEX4xnUvRUnG4WBJfFm0rzwQDvLISGDxlkU0eAbJvDYj3Y5M-y1c4BjanTQT5GIHIp9_7O9VC7PR4U-0-blfRkW5HEe1L40qDKP5211_Dmeyo_X9xBmCuTJQzv-fxO05r_JdmmpEDAsbQs7qGJuGO3GxM5pNM1OtMmpdsqd9WkPv4wsX7DBCtYr9hlq59-tmtTEM-_9mX01WaGIdoVnCwnBBT1aSyubxCu9SvdTvy-MS-tGinQ90t4-CAwATu0L7LjQTgBAGIBY3MzKJDkgUECAQYAZIFBAgFGASgBi6AB4ynuiqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD_wwvSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJJ2h0dHBzOi8vd3d3LnBmaXN0ZXIuY2gvZGU_Z2Nsc3JjPWF3LmRzJoAKA8gLAZgMvcL1zf4D2gwQCgoQkJu35bXWq5xwEgIBA-INEwiAy-rX8MuBAxV0BlUIHS-ECRW4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=jYPuIQSd3rQ&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNOMcpEKlyt0oHOAfQk1xmR86Xiw1MGVFts531A7NHVQQQSvJmKMeGk1M3-gueceJflOgaHj5ZF67iW_6PqXncp91TCWlbvxgB&template_id=515&cbvp=2&vis=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 22:52:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 87BC
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CDkdAILIUZZr4CPSM1PIPr4imqAHW9eDRccnB6s-BEWQQASCVm8ohYPWVzoHgBKAB3NjF1QPIAQmpAgB3GZzURLI-4AIAqAMByAPLBKoExQJP0MZVtzxn1412Iy-o8f1sNnGTkAqmOdQC...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7fe09cc22d90d8f50000000000000000%22,%222%22:%220xdd913cbace09cbd90000000000000000%22,%223%22:%220xc54c8c...

0
0

184ms
102ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7fe09cc22d90d8f50000000000000000%22,%222%22:%220xdd913cbace09cbd90000000000000000%22,%223%22:%220xc54c8c93252f75e70000000000000000%22,%224%22:%220xa90d195c63ba23cb0000000000000000%22,%225%22:%220x1420a8472557dc750000000000000000%22},%22debug_key%22:%221216578075565985896%22,%22debug_reporting%22:true,%22destination%22:%22https://pfister.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22984706140%22],%224%22:[%2209-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210929239230731667313%22}&andc=true

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:18 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x7fe09cc22d90d8f50000000000000000","2":"0xdd913cbace09cbd90000000000000000","3":"0xc54c8c93252f75e70000000000000000","4":"0xa90d195c63ba23cb0000000000000000","5":"0x1420a8472557dc750000000000000000"},"debug_key":"1216578075565985896","debug_reporting":true,"destination":"https://pfister.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["984706140"],"4":["09-27"],"6":["true"]},"priority":"500","source_event_id":"10929239230731667313"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 22:52:18 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 27 Sep 2023 22:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7fe09cc22d90d8f50000000000000000","2":"0xdd913cbace09cbd90000000000000000","3":"0xc54c8c93252f75e70000000000000000","4":"0xa90d195c63ba23cb0000000000000000","5":"0x1420a8472557dc750000000000000000"},"debug_key":"1216578075565985896","debug_reporting":true,"destination":"https://pfister.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["984706140"],"4":["09-27"],"6":["true"]},"priority":"500","source_event_id":"10929239230731667313"}&andc=true
access-control-allow-origin: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 87BC 33 KB
33 KB 98ms
97ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 409697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 05:04:01 GMT

GET
H2 200 zoJWBzK8T3bx0gS17Fy3cZjSCDkxpLbxY97VcN3Od5s.js Show response
pagead2.googlesyndication.com/bg/ Frame DE19 37 KB
15 KB 83ms
82ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zoJWBzK8T3bx0gS17Fy3cZjSCDkxpLbxY97VcN3Od5s.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ce82560732bc4f76f1d204b5ec5cb77198d2083931a4b6f163ded570ddce779b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 07:21:28 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 17F9 41 KB
14 KB 77ms
76ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6iFhfKjB-bh0KUa55o1LL_EZ9c4lqoMPmvkGtG76SrE_odfk-mrULexFJ6gfaZc5cK_7fUDishLoOEgMF3Gu-wEkB3Ybyb0KdghxEWHCxmW7i2vGBT2uTeMTH6z1pv-s-snGKMN9ribK0m-rbXzyb1PzCbdnb_lAKiLY_MFE4dF5y89g&cry=1&dbm_d=AKAmf-Dmb2xuznlzzpeOqKZlCa8se9v9Y0FXu5fTx5EyFiNZundSg3QYpePf0JOWv1WEaO8QRn8_SbKIYXUQ6vMgPs7gHPfEBMZhY7y-l2NVDGCb42DHUDEU718TIbzqSKpJYH3vu-2YlxOD8u_OWID_grpO_fvcnM8QurrVWl6A9o0SNnw4KNL5k4uktovuYkW7w3zxURQq4F_7ewaxhpw7nuZ9-PW2UfCAqRtIbfSFwncJLUajPAsmyPJzLQKWkdk1d-9rKfh5yMZ60bG2D1DaEnm8RBDaqiQlOvFA0Lml2g3ThQeCFfrHHokplZxN-VP6sSbDss_0t9DP_c5Cpzxduhm9OuHx5Q21gls9C3Y2DWvtr7g6W-SGoIueBwcdf_ame6gDjfNXE49ZhHVtVPWvGkXazRm_spzjCtpykrDDICwXLpPmX8z0IXJv-cPCPR5Q-4IETXF_FAvZ2jstG2TlJJVNhJ_WmV2LHsDD0wteczISKcsaIjApGLwBcoIRoWlPXfRPCYWuQYRvhsOjtKrg5BFAb_wOjZJ2If3ZPPMPSAA9PeUxvpqV1xiJb71wYWtnAB83nrm1YBtPglEZSXY3RQGo1zA6FaNTZGLDuuWsWeG0xhhPzzWH3fof7e02XeieZs36NkVI00Sl89ZWhz_p-6DXreS8g3sd4MrHSYnV3rVBf8Im4i9xD9C8isKllgLrr3uKhqJgZY49y1q27znLFi2XwfTmUTQZ0sYhhXUeNzwJAY2KCa0h2RZlEs-Gm842Hc_dG2cXL8Xun7xd4CueBiUazjcpHaq5RfBfec62TtDZUQdDNv3WkItFnBY7axm8FmnCejjNmI2kj08kxqDW3ROndb-t2ZhV6qyr9Pqvg6bRzYuCJw5zU1MdakRwLwY5frjZPyRiQnh6D6Ep4MfwyJbfE5PVF-UIWWN5_3DVRveSoH-BSutYaNS-gV_tCkZHh8Xk3V4c6UsMbs-pSyH6XfFPTMF7bbVyTwD77RV1Ww7yy6ciJTV2DmHJkm4wcCs3f3zXQ0I7NnjCYtWFK0I39-x76ilzcqt2o5cTxkwLhXXkdbG5jt7HUGTT8iG-Cq0odlrDyVIUDXQXrrNqBW1uBYa_GfInf9vyRPzdcvoERb5YPBi_Ya_0Xs9vhyWA8BDIxZBygCX_ZO-IMEZ_pUpSpZyRX31aODSsMcaAzHfXgKhQd26pRlYbzoUPHltmTq4mdIFYL2Vw3FHKobJ7SPWv5eEryw7YuGbRh8PO0WMAu4wos3YlrxACgYcqjYhnHPWHaxVWFoYxfyQw4AYZxVLnq_OcExLzxit_2M1Nf8BbkezvT8R6TpXlE40TPKv9DsBe9wMVPlZFn8EFaxOuULsX0_kJpTkc4kSZVXccHf8LhVTPNy0LYHJnQLiA11yQAOaIj6qDcXJUsNAR-Ue8MPQP5j9O3_362Iie9MED4EMQnVZcTGxuNklyugamA3wov665b_zJtO8hctmYzFDUdeHQpQ2Ip9gwyGzctbq1dhcA50eHCywNkC1x4wWL5qyNLJF2MVILxydZVvQCKSOekWMTnRnyssZfz7C2UQZqmHAn6vXYYuVi9xAg7P0nnLR4baclgpKe6iwFz3qCa5HvYTCXXZjggg0dvboNEJWPTCaE-0fqtAt0eD7jkbd37A90Ur8kIBVKicOaPVu_jXXJwLI4HKgfyaaWQFoS8NsGTXG0hPJFgh24n7A2R6NBOSlCLP4xeYjcgnW7Tsl4UaMiZrz9pN5WTXlk6Xn9UQo8ZgEJv9DbbXkMJk8ejkP473t9kISIAe8urhs_ox9C2kSNzRf-cul7YY7lv0RhXUKbkQVJaynxm2PDMlQGdOXC0UeuCOwei5-57sEKRW7GDHSxDVqGvS45PlEpfilVvyG-Cfh6d8h4hnjJIdMcnZB0ThT-PG75WLr_eAi7A8ttSrsZUK1Hrbo73S3Zkjm-YzeTTL5TuWa1WusI8p3b4ZodlyY65-UK75l5UXghjlbMW_FBjqCmv7zQmyd3td_rgynZjjDMBY855IHbihK8jpcX-GS-em0HJJpaoz4GSRmbhRa_aNXejj0SGGgi9s2vBEDHDM4HbMPIpY8_aBZbwuLVuIutmZjs4nqsfsM4LnHGOmXsEeOaNz2SOKi3Uu2PQqYiudTDjaCOaIIdkWL3Xy_RiHX4CQYAQ3k5LjRuNlE7ZYJxwNKdqC5QbFRQKLRkVLMqD39scZMOUiNnsW_DkeRBDSBlR2-ZQ-PCMkn9JrcNarC-z41Z6b61GJA7FQWodbIRFfota4SPbraPk5yPxcmI7-uDOGrKojHvLhkTs1JQagAIIS6g-DYlLdncd7_HcS0kiri5Biw7QbZGJF7w0XLGcvQQoG6Gg9gXZOjetY-ZjQbalwd3uMdeoVPR23xak6qKl74XmWHojuWvAjgB0slfBWBO-K_qE9VMu0eP_VboMsICXyV0NpsubtUuMrSi8wrmRVF2kJG1A_xdc4DhHNbPNRD6xsMho7kT5hrUQvZQxsoew-yACk2nYNRTe-GPOvd6U69DmeBuCnSpzE4lJHjmh0Cu-12DjMPxdZEBusjBemCKS8uI99N4pzIz5R_VVbQf6XkevfxQQxBiKb54mjb7mgbPLHsBLNfRJor8DeDU4lJ6BZifOnLidpAuCK0ls4oXrdIxhmyoniU6ku0wazV-inQotMAiMbrzfwaVCkEWJmjKVXFkhfY2U8dzh-yXgLygYeUjD-AHkPRS86_8kDiNq5el0bv0Z79D8dWF_5TlWk7z-hT4X_6ckY1avuP36tdWJ4HAQ3u1HU6cHMq5pBGBOtOcNWj4YlRCXDQCgjCdcp4mL7gLJMwGdsKswcwO1WFi8yK819j5dfG-8eT6g65U3KTnePXH1HDSPfMpG-jJic1wP2sf5dQtmOdYqJkPFR8woyi12VFf_Nvc67JhhAs1GLiNKfNKE6BN-37mAZRZaryUliKLteJRyHFhOIwjPUFuvrL4P8GBkPzzXX1sEna-7-Pfx6f_Caf76FYg8rU0yIP6nr-9Rf3TZio-H_XqGYyltyXrACL51wMB6YSQo_Y_BOoTQeAFWHsennsDQJXO7OuwCM0rmsKy6knmcva3YhiM4EYBfhRhS-d0opR5_WEUSBYCxIQQtoCCWqjpcXJp3DTftaeV_OC0gANebboHRNdcDJUvkU9tFB3Hs7o&cid=CAQSSwDICaaNJbFzu9Cxe7AMNQ6eVxW4vFXutP-awp2JIjCBzLABLLjk2hS4XjNX2DIxYdUMJ36IspgcxuAtIYcsiEpj8d-AepngaWIwUBgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.file-upload.in%2F&ds=l&xdt=1&iif=1&cor=17790655462619904000&adk=250412560&idt=1112&cac=0&dtd=62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 555950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 12:26:28 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 17F9
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1380004/69892548/xbbe/creative/adj?p=APEucNUiTopLG-VrMKP5MiYTBmRgoezRuKpIyD_qe30AXcc71uH839s&d=CokBAKAmf-A_aw9MJVyo-ZSxThmS_bQWGjOt65P2Q_bhU9Gjvtf-a_wh5EX6REU...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUiTopLG-VrMKP5MiYTBmRgoezRuKpIyD_qe30AXcc71uH839s&d=CokBAKAmf-A_aw9MJVyo-ZSxThmS_bQWGjOt65P2Q_bhU9Gjvtf-a_wh5EX6REUHkEayUFfLm0FfqbXhbopcARSbC...

72 KB
25 KB

233ms
100ms

Script
text/javascript

108.177.15.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUiTopLG-VrMKP5MiYTBmRgoezRuKpIyD_qe30AXcc71uH839s&d=CokBAKAmf-A_aw9MJVyo-ZSxThmS_bQWGjOt65P2Q_bhU9Gjvtf-a_wh5EX6REUHkEayUFfLm0FfqbXhbopcARSbCcFkopQ0RX0ztZYi5rGn5c9V1MJGZ2BM_nZZ8Q2KlzYZ5jTfFATgmKnjOK3pDcNCInzW15vQmwodf7mv7kp4vLU0rJkS9VI3oJ4S2RcAoCZ_4MNeQDjZd2lbkrD9I28fO1hHoaoGIXnOlcOAaCDFQevy59i42yoRYaNYJ0iXf-h2l2IYPhI9S_Ao0-mN8ylhmIjARAmvAvxHOlhtONi3y54KDyMYL-zCkxcWr7RQ4i8X_kbZ-t4zgBKYv-yqu_0CQZ6CIXPvvXU_w3g_3wNcAMoGGNjjakhQLgZqnwI-sFcg7QKwdd6mqMpuOHfm1RtbBAx5lO9dWx0IRNa8tv1O3jMEtG4Rl7ccJq3Kozid1JnJBLHKsg8Kg3PXdF1qSl64H1-4oN5NGfzkagkqZxK7T0waOsKR5So7US-ti2qLwCz4W6zgPfyDM4rS9EGDtZZR7fnsML9HXWNNqo8eXj-wdJIeJ1TAlrD0Lcj2Ng-PZfEpAYki96HfAcYscvswxAiXGBnBlKfZcrDP1K_sA8eMDho-qjx4C5rMxo03CTbJF-o5RX5M_389l4BjMR257cPsW2IdpxAEeW_VoNV0nX-PQH04iXQ_N0NR83U8c5aL9igTOQWZFEfLpPB42SGxtFr9aRBsd6-ikWUBk1pcCxxoUEL0hdtifw2URpcKPfYjbVU55_UiCprYlzQdit8pJdcCW-Cqp8KRM8kCOcpGHFU__-fxl2Gp8Q2S6UXBMlH81ItarfqkcBnQYkv0zcFFVYgXpZuEYKr_h-eYIUBQVcGWnStqLp5lChcJAjuRU2N42Tssgu3-832pyJoQVuTLC8BU8qX36zUCRR6WwexIPjtC8Cb_703tD8-qS4ohTjGouYm8vG4oDxqIVLx_QjBOnvMTtlG8F31iRTb57KE6aGLJmluFQpCxpcoRfENNQqU8VBYrsFTjL5ZQn5qdZXc1xg230_yUmMFPhOpZdbSxEECqdsEDXyk7nOXilxhIKQu-CXuFSOsClnbceVESLTQnWeXATouG0uOrlgXDC7elgH-z0ZOKfE0XN4ygOr9TtI-Fn11v3vwGxgw4NvzsaW6uYsqduJJKWbD8f7V0leKC2UNiF9Nho5KgX6p7bgvWh9_qQPzS2xtlx5WMnHHQFqe6PypaQu55w3e3AQWVTcM5Xjzd-hrm900VnykMyRmT069MgkycYF5x6SigEIQRlWryjt5-D5qSKTlTN0iMB8r8oyCaVo-Vfx0eCCMdvGyWVty_YTknTe9R_p-3GF195WsOT1B9Xt27rP3Yr94TZstuE9vD5p5-xLJSUSb5uG96ZpD4KWO7InKS0ripufaeDqs-Nxpw4AT7ymHPlPYSedwonUyTKAaXBC-3dyl10OBFec73ppgfq5-BJfVSaahmmXSzsLzSOQ5h8duesCayYhnP81OoSROAfYiYUBQbhwYzfws_6cFkoECl1bh2WYRBX3wRdsxWcQnNdPoHUWB_vdsK8M6rg2R-QnzbXHzyaPxyFmZ4rclsI4BE8Z5DyRYg809cFzuGp8PG-oW1Fc0htt5-gc5-TX32TWntYzlIrwjKviggHIYlEICys6-GKgk-E60YXBEy3A3Bz-TzABWU1FaLibcNZKJ9DSqgGo5qnIVpAGXvtuguUZxO0cBiEHTp4jPsTpJyXwGWGHt8b2gD35QFDlQ_sW2fBRaiZ6CgBa8BKUKL2UrPW4ByExb7smwsuHTEcxHg_D6CO18T77rQHGAGNGC9wtN7Dqv4yOwLPFqXexV3FrrRST6MQyiP6kh01lFwKvLqe8DCrWlfi12pMoxGdTX9fdUCzAlPnWXV2hVLAnalhCk0CzihxcE5kibcWNkNDxgTFZDvh3E90513BIeCd5jLqXZICU6WEA6VqqWlk63fU0YtrraYwlJn8WH46IGCP4UneVwwtu4JD85WNp8PbtJFhE8yKQgm99OpmP3mckLcm56hRXX4bAl2JdpG7NQEMKyWoCy51n4VSuE2JeFgqA0vjLIZNjQWM6gwQYN7mT3BEG2vWoRUur8qVq9kfVlU6p5FgyN1-at-nDPvmqUAEpuWJgQUSQdFFBspsstSp7HyIY_Q5T5Y2-bEu0sAJ7hYC8Jz6b1GTQhW2M2Rg4DpyDTYpjYAWwYtuRXkzqeF0Vt8jHHLs-fbaoyvQ9NjCvG03TJXI37QVWn3wrVM5UHdnUJMHRNUapzgw1iThvdAJCKSnW2E4JVvdcIn2oYpuaFDOFI0-PgOX39rHmIb0rV5HdcR018ecIlhJ39-4-QnYtvI_fbracFiHjQvQIl6YaViQgxo-vqgvKv87R6vQ3OEGOMGz3EUudlU7vMuLP5e39o7q5CdcVxsbymJduNI0_EbAiYU1LHMipuhf2inqJc3K5VO1drsWVMh-CAZ3PG1-RKJc2vqEayKK7Ys8JLpwnmV-aXvEnNJTq29yyTh9_8BZn3mjLAfqXWTiQ-U1dLhFCl0KJKkOTj4RH-rkhDhIDmcV5ezCGhHsq9ZUhHFviM85vtWlWGoZ00lkwyUYGlyZLlEkkeASSoW7Dhj8dIDF98lKlP-XszgKUfDn0BWiJ2yAWsoiWXB_SkduIpuk6H_LqTy_yoAVDoTapmlJ9sFDMPHL7CevtiUvrCfIQpFMgdWjBAsoCb8Vv18mgcZYAEK-kkLCrnaoDnI2pXN84QeP0EEirzdNiajbjSFacwzz1pJv4uhbw_NKq7_lgX7QF3BolGn9bKXLIQKrLy4f3lvLH_aFayalxCZhxINQHKrCxvb8aj1kerNuntZoOH8dWuuyigRxC_ebAek9is8v8i-aQ5go7elxdAVXfGXmRnmMbrZvTzRVNOWk0etH0SYB7EaHy1KSTYOLU6wADUEK4T7oASYRiOg1s49sutM3Oyh-EW31lMQ7Cv12kmLPCNK1byuRTJ_URXD0Tdcz-qOdMJOPOErMFzS_hKnccHw9sKC5lvNa5kFptmaoYykov0apSczpwmw9hyIszXNfMYobF--0cy8PaMXuptD6sOzZmZAU-neTVWuekGXDkIZ9W-FPpZOJPVA37lrFIhepKJJb1LPgcwOaKdQonZftJDzy3dl5g8l8Zsqs9zp4PtYObUaybzMqsr3_0r11ziGEKh86eONDgWNdKTht8jXaiKw3d6-uCEw0dTgcpIiyKTNahRMdZFS3_B1cthwE_JpTjieb1DApxw-yYscl3hSWkZjasZJXxPuErUCfMIFRloOLk25G0egM26dDRJwN3hLbO4YYdztzXmfC1K5pJwEqvXWUzZrQ7cb59l5OVqr0lVTojF7yon-auwjOMuXlDKhVWI74mIW4cyiaTPb4ubTREReVUkICgG55onYe2HRzN5dUXzrS-3aZ-Qdfh4MOYo-F0jSzIXxRztthD5Y71nrvEOy26SlkTRLWOjs0SF5qH6E7jo48pvAPaZVsN21EAXghAgER7DnW15PGcngjR7x3OzEXsbsrXClzDjObjCKgsBASGOyyF7-mVnESXmuMlKUaI-IllrFwn2G8tB5cmJVbEbmGTozEe0oXdg2H3hzyDkCAc4O5wri4px6gTFrLgClSzovYCETDnowulyrqsvztGTHZ1PCJJHQhwG2H94x485UImWoO5eiobEN9XC-m_bv2e3l9DLbly8CazOFTJOFx28-CNL4cuzNieOLfdwbbYAHiEX2xBLla9sOVPKg9ZO2JgQyDr2dg-KgSYOILu_ZepPt0V10ZAEK-euB5ggvyY6GI3FQUwxHp_bNmqcs6A9R7v_pOCGlP2K94vFXdbI4PW781HZnmGOZJcK30NqvaQTut9sggLst6XVVArthxkG7FPngLsnzOEfOpSG0IwkXf2SdDgJSV6vdjGZgp010cnfbIwEUnVg0mAdV3Pi21mcS50385vp8lMHGZAlkdSzu2JRoxXgXRaF3JxMMjAGVJUaNeSmTEmPHp6Xjm9VF0I0n1D2B2EloXwOTaa-x0qJAggvvxzaHlBP4gBreYwAFjRDge9Vj1kHJn9Am_MYE7bERvnP_GrVivBsLlG8tzjZ3WU0888kVzw2ORuc8KtVAZZV9SAI_9OKZahR8tzt-X97qNgdG2Y8U9BdqPTAodnEcgOkzPRal1rJDNZLNaYllCUgpiH6GTZ-SM9H7-sbbS2JiS-gaUQgEEksAyAmmjSWxc7vQsXuwDDUOnlcVuLxV7rT_msKdiSIwgcywASy45NoUuF4zV9gyMWHVDCd-iLKYHMbgLSGHLIhKY_HfgHqZ4GliMFAYAWAB&cry=1&bundleId=

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

108.177.15.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f157.1e100.net

Software

cafe /

Resource Hash

3f554639522d67bc3be8d886512ac0b5b46608c45e7ed34795a4af2378942861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25273
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUiTopLG-VrMKP5MiYTBmRgoezRuKpIyD_qe30AXcc71uH839s&d=CokBAKAmf-A_aw9MJVyo-ZSxThmS_bQWGjOt65P2Q_bhU9Gjvtf-a_wh5EX6REUHkEayUFfLm0FfqbXhbopcARSbCcFkopQ0RX0ztZYi5rGn5c9V1MJGZ2BM_nZZ8Q2KlzYZ5jTfFATgmKnjOK3pDcNCInzW15vQmwodf7mv7kp4vLU0rJkS9VI3oJ4S2RcAoCZ_4MNeQDjZd2lbkrD9I28fO1hHoaoGIXnOlcOAaCDFQevy59i42yoRYaNYJ0iXf-h2l2IYPhI9S_Ao0-mN8ylhmIjARAmvAvxHOlhtONi3y54KDyMYL-zCkxcWr7RQ4i8X_kbZ-t4zgBKYv-yqu_0CQZ6CIXPvvXU_w3g_3wNcAMoGGNjjakhQLgZqnwI-sFcg7QKwdd6mqMpuOHfm1RtbBAx5lO9dWx0IRNa8tv1O3jMEtG4Rl7ccJq3Kozid1JnJBLHKsg8Kg3PXdF1qSl64H1-4oN5NGfzkagkqZxK7T0waOsKR5So7US-ti2qLwCz4W6zgPfyDM4rS9EGDtZZR7fnsML9HXWNNqo8eXj-wdJIeJ1TAlrD0Lcj2Ng-PZfEpAYki96HfAcYscvswxAiXGBnBlKfZcrDP1K_sA8eMDho-qjx4C5rMxo03CTbJF-o5RX5M_389l4BjMR257cPsW2IdpxAEeW_VoNV0nX-PQH04iXQ_N0NR83U8c5aL9igTOQWZFEfLpPB42SGxtFr9aRBsd6-ikWUBk1pcCxxoUEL0hdtifw2URpcKPfYjbVU55_UiCprYlzQdit8pJdcCW-Cqp8KRM8kCOcpGHFU__-fxl2Gp8Q2S6UXBMlH81ItarfqkcBnQYkv0zcFFVYgXpZuEYKr_h-eYIUBQVcGWnStqLp5lChcJAjuRU2N42Tssgu3-832pyJoQVuTLC8BU8qX36zUCRR6WwexIPjtC8Cb_703tD8-qS4ohTjGouYm8vG4oDxqIVLx_QjBOnvMTtlG8F31iRTb57KE6aGLJmluFQpCxpcoRfENNQqU8VBYrsFTjL5ZQn5qdZXc1xg230_yUmMFPhOpZdbSxEECqdsEDXyk7nOXilxhIKQu-CXuFSOsClnbceVESLTQnWeXATouG0uOrlgXDC7elgH-z0ZOKfE0XN4ygOr9TtI-Fn11v3vwGxgw4NvzsaW6uYsqduJJKWbD8f7V0leKC2UNiF9Nho5KgX6p7bgvWh9_qQPzS2xtlx5WMnHHQFqe6PypaQu55w3e3AQWVTcM5Xjzd-hrm900VnykMyRmT069MgkycYF5x6SigEIQRlWryjt5-D5qSKTlTN0iMB8r8oyCaVo-Vfx0eCCMdvGyWVty_YTknTe9R_p-3GF195WsOT1B9Xt27rP3Yr94TZstuE9vD5p5-xLJSUSb5uG96ZpD4KWO7InKS0ripufaeDqs-Nxpw4AT7ymHPlPYSedwonUyTKAaXBC-3dyl10OBFec73ppgfq5-BJfVSaahmmXSzsLzSOQ5h8duesCayYhnP81OoSROAfYiYUBQbhwYzfws_6cFkoECl1bh2WYRBX3wRdsxWcQnNdPoHUWB_vdsK8M6rg2R-QnzbXHzyaPxyFmZ4rclsI4BE8Z5DyRYg809cFzuGp8PG-oW1Fc0htt5-gc5-TX32TWntYzlIrwjKviggHIYlEICys6-GKgk-E60YXBEy3A3Bz-TzABWU1FaLibcNZKJ9DSqgGo5qnIVpAGXvtuguUZxO0cBiEHTp4jPsTpJyXwGWGHt8b2gD35QFDlQ_sW2fBRaiZ6CgBa8BKUKL2UrPW4ByExb7smwsuHTEcxHg_D6CO18T77rQHGAGNGC9wtN7Dqv4yOwLPFqXexV3FrrRST6MQyiP6kh01lFwKvLqe8DCrWlfi12pMoxGdTX9fdUCzAlPnWXV2hVLAnalhCk0CzihxcE5kibcWNkNDxgTFZDvh3E90513BIeCd5jLqXZICU6WEA6VqqWlk63fU0YtrraYwlJn8WH46IGCP4UneVwwtu4JD85WNp8PbtJFhE8yKQgm99OpmP3mckLcm56hRXX4bAl2JdpG7NQEMKyWoCy51n4VSuE2JeFgqA0vjLIZNjQWM6gwQYN7mT3BEG2vWoRUur8qVq9kfVlU6p5FgyN1-at-nDPvmqUAEpuWJgQUSQdFFBspsstSp7HyIY_Q5T5Y2-bEu0sAJ7hYC8Jz6b1GTQhW2M2Rg4DpyDTYpjYAWwYtuRXkzqeF0Vt8jHHLs-fbaoyvQ9NjCvG03TJXI37QVWn3wrVM5UHdnUJMHRNUapzgw1iThvdAJCKSnW2E4JVvdcIn2oYpuaFDOFI0-PgOX39rHmIb0rV5HdcR018ecIlhJ39-4-QnYtvI_fbracFiHjQvQIl6YaViQgxo-vqgvKv87R6vQ3OEGOMGz3EUudlU7vMuLP5e39o7q5CdcVxsbymJduNI0_EbAiYU1LHMipuhf2inqJc3K5VO1drsWVMh-CAZ3PG1-RKJc2vqEayKK7Ys8JLpwnmV-aXvEnNJTq29yyTh9_8BZn3mjLAfqXWTiQ-U1dLhFCl0KJKkOTj4RH-rkhDhIDmcV5ezCGhHsq9ZUhHFviM85vtWlWGoZ00lkwyUYGlyZLlEkkeASSoW7Dhj8dIDF98lKlP-XszgKUfDn0BWiJ2yAWsoiWXB_SkduIpuk6H_LqTy_yoAVDoTapmlJ9sFDMPHL7CevtiUvrCfIQpFMgdWjBAsoCb8Vv18mgcZYAEK-kkLCrnaoDnI2pXN84QeP0EEirzdNiajbjSFacwzz1pJv4uhbw_NKq7_lgX7QF3BolGn9bKXLIQKrLy4f3lvLH_aFayalxCZhxINQHKrCxvb8aj1kerNuntZoOH8dWuuyigRxC_ebAek9is8v8i-aQ5go7elxdAVXfGXmRnmMbrZvTzRVNOWk0etH0SYB7EaHy1KSTYOLU6wADUEK4T7oASYRiOg1s49sutM3Oyh-EW31lMQ7Cv12kmLPCNK1byuRTJ_URXD0Tdcz-qOdMJOPOErMFzS_hKnccHw9sKC5lvNa5kFptmaoYykov0apSczpwmw9hyIszXNfMYobF--0cy8PaMXuptD6sOzZmZAU-neTVWuekGXDkIZ9W-FPpZOJPVA37lrFIhepKJJb1LPgcwOaKdQonZftJDzy3dl5g8l8Zsqs9zp4PtYObUaybzMqsr3_0r11ziGEKh86eONDgWNdKTht8jXaiKw3d6-uCEw0dTgcpIiyKTNahRMdZFS3_B1cthwE_JpTjieb1DApxw-yYscl3hSWkZjasZJXxPuErUCfMIFRloOLk25G0egM26dDRJwN3hLbO4YYdztzXmfC1K5pJwEqvXWUzZrQ7cb59l5OVqr0lVTojF7yon-auwjOMuXlDKhVWI74mIW4cyiaTPb4ubTREReVUkICgG55onYe2HRzN5dUXzrS-3aZ-Qdfh4MOYo-F0jSzIXxRztthD5Y71nrvEOy26SlkTRLWOjs0SF5qH6E7jo48pvAPaZVsN21EAXghAgER7DnW15PGcngjR7x3OzEXsbsrXClzDjObjCKgsBASGOyyF7-mVnESXmuMlKUaI-IllrFwn2G8tB5cmJVbEbmGTozEe0oXdg2H3hzyDkCAc4O5wri4px6gTFrLgClSzovYCETDnowulyrqsvztGTHZ1PCJJHQhwG2H94x485UImWoO5eiobEN9XC-m_bv2e3l9DLbly8CazOFTJOFx28-CNL4cuzNieOLfdwbbYAHiEX2xBLla9sOVPKg9ZO2JgQyDr2dg-KgSYOILu_ZepPt0V10ZAEK-euB5ggvyY6GI3FQUwxHp_bNmqcs6A9R7v_pOCGlP2K94vFXdbI4PW781HZnmGOZJcK30NqvaQTut9sggLst6XVVArthxkG7FPngLsnzOEfOpSG0IwkXf2SdDgJSV6vdjGZgp010cnfbIwEUnVg0mAdV3Pi21mcS50385vp8lMHGZAlkdSzu2JRoxXgXRaF3JxMMjAGVJUaNeSmTEmPHp6Xjm9VF0I0n1D2B2EloXwOTaa-x0qJAggvvxzaHlBP4gBreYwAFjRDge9Vj1kHJn9Am_MYE7bERvnP_GrVivBsLlG8tzjZ3WU0888kVzw2ORuc8KtVAZZV9SAI_9OKZahR8tzt-X97qNgdG2Y8U9BdqPTAodnEcgOkzPRal1rJDNZLNaYllCUgpiH6GTZ-SM9H7-sbbS2JiS-gaUQgEEksAyAmmjSWxc7vQsXuwDDUOnlcVuLxV7rT_msKdiSIwgcywASy45NoUuF4zV9gyMWHVDCd-iLKYHMbgLSGHLIhKY_HfgHqZ4GliMFAYAWAB&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame A5F7 91 KB
23 KB 505ms
67ms Script
application/javascript 13.225.78.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-121.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 9595950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 8xhpY7KS8uityarTafVcRLWp0ix2lK94aKLKXdfvmFCwVqXliYtpfg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 17F9 43 B
216 B 929ms
187ms Image
image/gif 35.166.194.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1380004&asId=7806fc09-3a36-65c5-5bb6-088ea9aee039&tv=%7Bc:psHYkp,pingTime:-3,time:55,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tR6jkMq+11%7C12%7C13%7C14*.1380004-69892548%7C141%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:26%7D&br=c
Requested by: Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.194.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-194-19.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:19 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 17F9 43 B
215 B 929ms
191ms Image
image/gif 35.166.194.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1380004&asId=7806fc09-3a36-65c5-5bb6-088ea9aee039&tv=%7Bc:psHYkq,pingTime:-6,time:56,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:56,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tR6jkMq+11%7C12%7C13%7C14*.1380004-69892548%7C141%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:26%7D&tpiLookup=ao:www.file-upload.in*&br=c
Requested by: Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.194.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-194-19.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:19 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 17F9 43 B
215 B 925ms
189ms Image
image/gif 35.166.194.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1380004&asId=7806fc09-3a36-65c5-5bb6-088ea9aee039&tv=%7Bc:psHYku,pingTime:-2,time:60,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1627,beZ:1629,mfA:1632,cmA:1634,inA:1634,inZ:1639,prA:1640,prZ:1645,si:1653,poA:1655,poZ:1679,cmZ:1679,mfZ:1679,loA:1683,loZ:1686,ltA:1687,ltZ:1687%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:60,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tR6jkMq+11%7C12%7C13%7C14*.1380004-69892548%7C141%7C151%7C16%7C17,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:26,sinceFw:32,readyFired:false%7D&br=c
Requested by: Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.194.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-194-19.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:19 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 833A 22 KB
8 KB 34ms
33ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 555950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 12:26:28 GMT
expires: Fri, 20 Sep 2024 12:26:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zoJWBzK8T3bx0gS17Fy3cZjSCDkxpLbxY97VcN3Od5s.js Show response
pagead2.googlesyndication.com/bg/ Frame 833A 37 KB
14 KB 38ms
38ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zoJWBzK8T3bx0gS17Fy3cZjSCDkxpLbxY97VcN3Od5s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ce82560732bc4f76f1d204b5ec5cb77198d2083931a4b6f163ded570ddce779b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 07:21:28 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 833A 0
56 B 87ms
86ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqhRDIrIUZfGnA9KGgQf1l574BgAAAAA4AeAEAg&bg=!u7iluPfNAAbbC4-Z-ws7ADQBe5WfOCQMDvMfBmImfdiBc_y89GTgh3BiPiOHEK22rPqGWiePRxGT9MON3p9EWgd6BJ_PAgAAAE1SAAAABmgBB5kDFQ7j10kAXGtW3zs071o0f_i4iTQ7W_9aqBE1XkVWC6m_H8QdBlxBlnFMulkviMvELGAew1yVzpefseuiQ3izfUxE8BGhgzhAxT4PzViX2zmOdE4-5aEa3rIhE7MmZTORBymK3Vaf4_w-EH-gxOhmcSKgaMCFEjySfp6lTt2vOmiNrwRig50h2XCs1oShODSPyhmCXoFmaRPNV7sDtgiQjAw12zrPtoQvF-DqN8qWA_zbbMbCJg9t5YQk6jWnLjdOLbvOvkQLbM31kLrmdB1mILXAaUm9rmHSlMrg2lyfpD9LS_KrgfQ6gKyyoqiwnTaCGEna7ff_36IKzLaWa244Vv58ijw1KnOeVZ_7bOPIDjPjnzFe8JUOnBh5OfX1ApZBRa4W2i6PlcS5BZNlKr2MNJhkDEQoRCAmshjyAQQIMjkX8c6dY_74yUevrzgBlj6aW_XabTyx0fsxolP5iC0dZGfWrEdk3MCc9U6uXUJ_pfsCR2L7sUuvwlBax_OoX4jb4JxraUPYxNNK7xuJPiR9D6oBcFnTIM0-f6v87dTMRLSyGfUNbV_Tlrew_12fDzJSOWgCfdOv0vTxViN5IUGzNtsUJi8J_MhcArYu3U2j7eP4O2Jq6rihuWHAvUp0wc2hoB2Dt9Ik73vEFzBo-tRXrNu3OkeIhCy3mN0ZvBGxj2AZzgoiKjsS0svaja823VtEe30l62zB5Hn0vEhjBOUSQ8HKWjj52uAds2hGxZjONnDlZfLcZT7tTAExvgZtHy7FOFrerT_l65CHmWY9GL4mPJNzywTb4YqMupLjyx17I61Y5WlGUW86WaFYCJkkG_9VEQBubFo0LF_rYNd8eioxhZmaYe3dk8OCqW07nEQfBzYNWoYwp_jK9TqiQ9oTkLWx9oX20RrQ3gdPqEtTZkt-iapK4ALuCpP9x1Cv5_ivMyXVN5DyOWYxnsq2zNKYhUHO4LM5fDtJVIdg-jkjeX71NRpeKoxUcXAKqTpF6XoUvdK9vcZYtrRSNyQ8jNL9VB5T8WefoY7FMX9lQJQLq_kWMwt469goNA

Requested by

Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 17F9 111 KB
39 KB 440ms
37ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
Origin: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 21:04:12 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/ Frame 17F9 11 KB
4 KB 33ms
32ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1380004/69892548/xbbe/creative/adj?p=APEucNUiTopLG-VrMKP5MiYTBmRgoezRuKpIyD_qe30AXcc71uH839s&d=CokBAKAmf-A_aw9MJVyo-ZSxThmS_bQWGjOt65P2Q_bhU9Gjvtf-a_wh5EX6REUHkEayUFfLm0FfqbXhbopcARSbCcFkopQ0RX0ztZYi5rGn5c9V1MJGZ2BM_nZZ8Q2KlzYZ5jTfFATgmKnjOK3pDcNCInzW15vQmwodf7mv7kp4vLU0rJkS9VI3oJ4S2RcAoCZ_4MNeQDjZd2lbkrD9I28fO1hHoaoGIXnOlcOAaCDFQevy59i42yoRYaNYJ0iXf-h2l2IYPhI9S_Ao0-mN8ylhmIjARAmvAvxHOlhtONi3y54KDyMYL-zCkxcWr7RQ4i8X_kbZ-t4zgBKYv-yqu_0CQZ6CIXPvvXU_w3g_3wNcAMoGGNjjakhQLgZqnwI-sFcg7QKwdd6mqMpuOHfm1RtbBAx5lO9dWx0IRNa8tv1O3jMEtG4Rl7ccJq3Kozid1JnJBLHKsg8Kg3PXdF1qSl64H1-4oN5NGfzkagkqZxK7T0waOsKR5So7US-ti2qLwCz4W6zgPfyDM4rS9EGDtZZR7fnsML9HXWNNqo8eXj-wdJIeJ1TAlrD0Lcj2Ng-PZfEpAYki96HfAcYscvswxAiXGBnBlKfZcrDP1K_sA8eMDho-qjx4C5rMxo03CTbJF-o5RX5M_389l4BjMR257cPsW2IdpxAEeW_VoNV0nX-PQH04iXQ_N0NR83U8c5aL9igTOQWZFEfLpPB42SGxtFr9aRBsd6-ikWUBk1pcCxxoUEL0hdtifw2URpcKPfYjbVU55_UiCprYlzQdit8pJdcCW-Cqp8KRM8kCOcpGHFU__-fxl2Gp8Q2S6UXBMlH81ItarfqkcBnQYkv0zcFFVYgXpZuEYKr_h-eYIUBQVcGWnStqLp5lChcJAjuRU2N42Tssgu3-832pyJoQVuTLC8BU8qX36zUCRR6WwexIPjtC8Cb_703tD8-qS4ohTjGouYm8vG4oDxqIVLx_QjBOnvMTtlG8F31iRTb57KE6aGLJmluFQpCxpcoRfENNQqU8VBYrsFTjL5ZQn5qdZXc1xg230_yUmMFPhOpZdbSxEECqdsEDXyk7nOXilxhIKQu-CXuFSOsClnbceVESLTQnWeXATouG0uOrlgXDC7elgH-z0ZOKfE0XN4ygOr9TtI-Fn11v3vwGxgw4NvzsaW6uYsqduJJKWbD8f7V0leKC2UNiF9Nho5KgX6p7bgvWh9_qQPzS2xtlx5WMnHHQFqe6PypaQu55w3e3AQWVTcM5Xjzd-hrm900VnykMyRmT069MgkycYF5x6SigEIQRlWryjt5-D5qSKTlTN0iMB8r8oyCaVo-Vfx0eCCMdvGyWVty_YTknTe9R_p-3GF195WsOT1B9Xt27rP3Yr94TZstuE9vD5p5-xLJSUSb5uG96ZpD4KWO7InKS0ripufaeDqs-Nxpw4AT7ymHPlPYSedwonUyTKAaXBC-3dyl10OBFec73ppgfq5-BJfVSaahmmXSzsLzSOQ5h8duesCayYhnP81OoSROAfYiYUBQbhwYzfws_6cFkoECl1bh2WYRBX3wRdsxWcQnNdPoHUWB_vdsK8M6rg2R-QnzbXHzyaPxyFmZ4rclsI4BE8Z5DyRYg809cFzuGp8PG-oW1Fc0htt5-gc5-TX32TWntYzlIrwjKviggHIYlEICys6-GKgk-E60YXBEy3A3Bz-TzABWU1FaLibcNZKJ9DSqgGo5qnIVpAGXvtuguUZxO0cBiEHTp4jPsTpJyXwGWGHt8b2gD35QFDlQ_sW2fBRaiZ6CgBa8BKUKL2UrPW4ByExb7smwsuHTEcxHg_D6CO18T77rQHGAGNGC9wtN7Dqv4yOwLPFqXexV3FrrRST6MQyiP6kh01lFwKvLqe8DCrWlfi12pMoxGdTX9fdUCzAlPnWXV2hVLAnalhCk0CzihxcE5kibcWNkNDxgTFZDvh3E90513BIeCd5jLqXZICU6WEA6VqqWlk63fU0YtrraYwlJn8WH46IGCP4UneVwwtu4JD85WNp8PbtJFhE8yKQgm99OpmP3mckLcm56hRXX4bAl2JdpG7NQEMKyWoCy51n4VSuE2JeFgqA0vjLIZNjQWM6gwQYN7mT3BEG2vWoRUur8qVq9kfVlU6p5FgyN1-at-nDPvmqUAEpuWJgQUSQdFFBspsstSp7HyIY_Q5T5Y2-bEu0sAJ7hYC8Jz6b1GTQhW2M2Rg4DpyDTYpjYAWwYtuRXkzqeF0Vt8jHHLs-fbaoyvQ9NjCvG03TJXI37QVWn3wrVM5UHdnUJMHRNUapzgw1iThvdAJCKSnW2E4JVvdcIn2oYpuaFDOFI0-PgOX39rHmIb0rV5HdcR018ecIlhJ39-4-QnYtvI_fbracFiHjQvQIl6YaViQgxo-vqgvKv87R6vQ3OEGOMGz3EUudlU7vMuLP5e39o7q5CdcVxsbymJduNI0_EbAiYU1LHMipuhf2inqJc3K5VO1drsWVMh-CAZ3PG1-RKJc2vqEayKK7Ys8JLpwnmV-aXvEnNJTq29yyTh9_8BZn3mjLAfqXWTiQ-U1dLhFCl0KJKkOTj4RH-rkhDhIDmcV5ezCGhHsq9ZUhHFviM85vtWlWGoZ00lkwyUYGlyZLlEkkeASSoW7Dhj8dIDF98lKlP-XszgKUfDn0BWiJ2yAWsoiWXB_SkduIpuk6H_LqTy_yoAVDoTapmlJ9sFDMPHL7CevtiUvrCfIQpFMgdWjBAsoCb8Vv18mgcZYAEK-kkLCrnaoDnI2pXN84QeP0EEirzdNiajbjSFacwzz1pJv4uhbw_NKq7_lgX7QF3BolGn9bKXLIQKrLy4f3lvLH_aFayalxCZhxINQHKrCxvb8aj1kerNuntZoOH8dWuuyigRxC_ebAek9is8v8i-aQ5go7elxdAVXfGXmRnmMbrZvTzRVNOWk0etH0SYB7EaHy1KSTYOLU6wADUEK4T7oASYRiOg1s49sutM3Oyh-EW31lMQ7Cv12kmLPCNK1byuRTJ_URXD0Tdcz-qOdMJOPOErMFzS_hKnccHw9sKC5lvNa5kFptmaoYykov0apSczpwmw9hyIszXNfMYobF--0cy8PaMXuptD6sOzZmZAU-neTVWuekGXDkIZ9W-FPpZOJPVA37lrFIhepKJJb1LPgcwOaKdQonZftJDzy3dl5g8l8Zsqs9zp4PtYObUaybzMqsr3_0r11ziGEKh86eONDgWNdKTht8jXaiKw3d6-uCEw0dTgcpIiyKTNahRMdZFS3_B1cthwE_JpTjieb1DApxw-yYscl3hSWkZjasZJXxPuErUCfMIFRloOLk25G0egM26dDRJwN3hLbO4YYdztzXmfC1K5pJwEqvXWUzZrQ7cb59l5OVqr0lVTojF7yon-auwjOMuXlDKhVWI74mIW4cyiaTPb4ubTREReVUkICgG55onYe2HRzN5dUXzrS-3aZ-Qdfh4MOYo-F0jSzIXxRztthD5Y71nrvEOy26SlkTRLWOjs0SF5qH6E7jo48pvAPaZVsN21EAXghAgER7DnW15PGcngjR7x3OzEXsbsrXClzDjObjCKgsBASGOyyF7-mVnESXmuMlKUaI-IllrFwn2G8tB5cmJVbEbmGTozEe0oXdg2H3hzyDkCAc4O5wri4px6gTFrLgClSzovYCETDnowulyrqsvztGTHZ1PCJJHQhwG2H94x485UImWoO5eiobEN9XC-m_bv2e3l9DLbly8CazOFTJOFx28-CNL4cuzNieOLfdwbbYAHiEX2xBLla9sOVPKg9ZO2JgQyDr2dg-KgSYOILu_ZepPt0V10ZAEK-euB5ggvyY6GI3FQUwxHp_bNmqcs6A9R7v_pOCGlP2K94vFXdbI4PW781HZnmGOZJcK30NqvaQTut9sggLst6XVVArthxkG7FPngLsnzOEfOpSG0IwkXf2SdDgJSV6vdjGZgp010cnfbIwEUnVg0mAdV3Pi21mcS50385vp8lMHGZAlkdSzu2JRoxXgXRaF3JxMMjAGVJUaNeSmTEmPHp6Xjm9VF0I0n1D2B2EloXwOTaa-x0qJAggvvxzaHlBP4gBreYwAFjRDge9Vj1kHJn9Am_MYE7bERvnP_GrVivBsLlG8tzjZ3WU0888kVzw2ORuc8KtVAZZV9SAI_9OKZahR8tzt-X97qNgdG2Y8U9BdqPTAodnEcgOkzPRal1rJDNZLNaYllCUgpiH6GTZ-SM9H7-sbbS2JiS-gaUQgEEksAyAmmjSWxc7vQsXuwDDUOnlcVuLxV7rT_msKdiSIwgcywASy45NoUuF4zV9gyMWHVDCd-iLKYHMbgLSGHLIhKY_HfgHqZ4GliMFAYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1010763377&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19758437279&bidurl=https://www.file-upload.in/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jW7nSZpzE-2Wr1hAzfcJlY&adsafe_url=https%3A%2F%2Fwww.file-upload.in&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.file-upload.in%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7806fc09-3a36-65c5-5bb6-088ea9aee039,c:psHYjV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-w6lgk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tR6jkMq+11%7C12%7C13%7C14*.1380004-69892548%7C141%7C151%7C16%7C17,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:26,oid:81d3063d-5d88-11ee-8ab9-1e823bddd2ff,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:58:53 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/ Frame 17F9 30 KB
11 KB 41ms
40ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230925/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 13:58:53 GMT

GET
DATA 200
OK truncated
/ Frame 17F9 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07fce0a882b19260cdf7410296f078bc8500e567de30f7d2fc6fba4e3171e84d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 203ms
73ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 27 Sep 2023 22:52:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4CCC 42 B
108 B 69ms
69ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8kFMPkbpWO7Bx6I-bT3Q4kOlHCSNW_wDSS6QCG-DE9XxFJEMVlzYgxljBwLOGgFVreAF2aAVx1jWD3DdCRF36I3z-BZ5iPO5EVRyctbENfmgD8rC_GGAwiuQtrlWYYuv0Zx15yNTavCVvDG1oLl_i5RNK789O6Mwdyi8R-ac9TERXvOKKFUJQEnix1vMDMGE14J0Mwl_-zpdCRFPAE07qS0Wjz3pAWNUfyKStXuD09LolqrfQn_n1uiHn_jBHWz0IoF_cxM21Yk9v1QDMmKvUxJFug-vZHPJiv81-ZvYnKFT68o23nI5eiWrF4ApFagKzOkxvKR10CtEyCWktWqlOknOn1-_UxX7ffDQfThc-yd7H5gh2xr6NRbwvyviIJyYF454Ht88Z_Qg9WA-iGzjGBwGoDIKEg7hJlYLM4YfYvywWMNmf68BMi45UL7eChbpfolLWlW-KDlBzu4lzCFSVPdFwYagxwYDTTmnvWP20o-NE5B0PADSAfKNvifUa_a3o1If-XKV9b-4xcmr4U-4q7hAMLoUuqeesSmJ3RlVmaOaFTg1HkiG9PJosPPaBbHUB_X9vBIFyJL2IrO2zHxJRRmWXX1hoIoucQx99FUpTGzV7M2pFCRfWDXoTFBMlznrQnDP3gaHO6Be2NrzUov37ApqxD9myxollqQhHKWK05oPTqpHRZ_Fjrns9Tw9Qe41p5v4fmO2u1uDEugk2ppZUQbWDMcmAzDbdlkNm8T_V-t3akUrWbZtA7VuOpwJCq6nZ0BvP5Y-gVatazIE9PIQ6ZF3EiRG30bnjcw0BLx_duMHKD5XE8dewHrEW8cRt-pF4x4INMPPpJbP7v5pSR9fYL4A0TNY4kUryw386DK5TGYvtE15iafJYo312fHYBtCiKs5-7B166h-l5HCfK2Zf4wIdd42tGci5NegmsIaWRJWSroOklo5elraqKGlE97JALbXmaAEkZe64-959VYwsAOOzaiuE0JzGfxj6R_jJVyzJvGh8JmseF_jOvBvsjG_WugrfSuIVtbjZ2xBFtjDiZmYi1rT2gkXzLXCMGo5jnboC-gqYGvGkfODYnC-DgZUx5w3VCSvFItb0GQkC8jUcECoXmH7HDKbMztgAUHpKBYbJaVYRJ52kjfpGGbbkB6fe5qOTB_OuJD0FbXZX2i7nrW-ymBXv3fp6CNm2zDikeSrnYE2jZNZpDC5zkWz4pGSFDiCu0n1fub17-N4eCE8wmxeyN2Q5SAkwkuknA5yJ2rBiBhdw1Ffh4jTB-J2WbHpz-kS0B8IrPpe03jLM1mVIcpajIN3LhrWYeluOuCxM0liEXbZ2815Tb-KdxIsJudCR6v1bh3XyGxA_X06hEXNbMa8K5fh17oKW_h1Bwdn4T-vSIASViUiN4fyw88KR1n4zq_PT_rhNQyxQU5tSevOZm1eUk4rQhN0BMI_vYvrG9EZkM6jhB_1zSXVeCnWQG1G32yhJx4k4_TWix6kSErRA04cCtIoNqB-9wXfOCP1PuugQupc2dcpu8DyEmd7IA_eU7QsPPybZGp3Pde94KGCs_TeBrA1EW8n4Bu0JBKhNPQwMLeecscmKBOK_rZqZya_aX0KXDQ7yAIb96V6ejtlVoc2UO4vSYQjtW0Svcz_sBFrJ7upfNUneF7DQMA-5Mufpw5Y_4XQ_99hBQCkjcNbY&sai=AMfl-YSlWrjzlGcJA9HIGY8MvaLJ54LPGhwKtejFyFMsL_8p8SIQclMrymE6ZnunBN4aKSSDgMrkFmEaTlDyCbzHSJUDAh5HsNCwj4zAZ9pOv3Z_N7ijeXiAO_Oh7jJGcx0BxcH9pf9VDkWweml7AMIPzuHUm2XNKqoomy8&sig=Cg0ArKJSzFKogVYnR7CgEAE&cid=CAQSTADICaaNoSYJsqhkriQBmcC4S2794UWgbkWd2vDKS9OWj6z46aubtlO0R5p7m6nTTgpqhCkwYwqQutrQdUS5R2ppzWHjgzKIAQqe1iMYAQ&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1027&mtos=0,0,1027,1027,1027&tos=0,0,1027,0,0&tfs=1153&tls=2180&g=100&h=100&tt=2180&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 100D 42 B
108 B 68ms
68ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvF0etqRnJEM1emyfDO1ejTMfAnAsBvFs-ekeETJAdRKg6MzpXpFUZjbNf0A5ACs6VfmcYx__gVSzBwfHcS-jMAxN3cg1NwZH8L1bMozOguk9XscDIu6rkadbtpQitJ73fDyjrOVd402TQ9SMBUK2gKV9gAhN_TXRM1erBpMuUw3ohxINUUaIHjuc37vMomIQjMOXYZJ7ypX6GyQsGt2veF8dZTaqoUc0DDvndr52kah0ywmVFt3I3Ubc4u8PaFtVEDG96BiSFUt1kpFrH_iPczhxgObFINBGyrseC6vj2--xkZ_z8v1JTzCwMWvdy2JFsZGPdR5R39uLWjaG9yGV_JLW52GqPPmOwFbqPJimfNQYfagD4lPfetebdxs6zdbFJUpxPYhAmHOSRqzoW8-OAAT8CQTwtoln2TXd1O3aced-S_QuH3J-qfHXNGxLyWhO3PzohtOBUDwf6Hk73I-PUVecDjagdDYA3tVIUGQ5ALZ3cToqPg6AI_Uv4Cl2sh1J-ZzbeeLrA342k15EwmUfvwiuC_knQXqUWec7SVv50tGmuaF5gP9TRk6AkuVLo8lD8pdxffzgk8FkcR1x9v6wdG4pnLeUQW6d5nOclsVRsWwcxdl5qKJKUpFS9qkvTVDnLza8764C0_zhU5IMfarAcH5NDvtd3FO-LVNUQqzgOiD6FqMrfg_3wP38VuY0rp_Xe2vz9ryJEA7tdiZw1TrS5erg8aKExjGH_9aLAgwDCcoyIeh6SyNzQMEPFNyAyZ0uUbb7gf0SbghSZJ0Sr59wrAfiSPLJgE2SqaHLXo6PlRbbfXwd0d7oUF9A_mF_Weu9DvWtn5zG23mW4V7NwlHe6xDutwbKG7OFC4NdvyAuuX7S3WOS5YNQH75c25_qsA5kNsjz3NP7k7rfq2LGqg2uTlIPBcsg7gyWNX8JTmIcO8AJam1J5n-ggGglzJkeU9fay5n0YQ1gPkjGqNqTyY11DUNOV6cyDjDwCyS_Kit0ETH0g4E-AT4dRepRbtwAqYAWGIpgtd5ZKi--hE3JU3Hck3uVCvEr_V59KgPFcB9cGTYR3E15eZdqXV7WdyatmvCGMppdk7SZ-NNDWr7EAHAd8LOrWn1-dtZc0GrvS4vZRjjVjg-qq62WQyPaWpfGkB6lsvrvo2shDZex2hnls_FRZnb1qmiXEG2d2K9hb9F0B0HErlaaC6H6zxNeowtkeqO67DnexeJ76IW3WIPNIlU-kQiZRAoXuV9OMU0ghhNjMAIy-WbevJuidx0GuzrrwMr5kfatk30iaoyW657fHCJ2wAIdFtNBguoZEuT006iXhWXcbAJBO23Jsnw1T1Rmen0iULRkIpZ0K7UAzeu-zjwddJ24vc4xJIdDvhqn7aL4sga1721abXd5EpSIkiKrRMiaj_M-DB4Jd5H8xRyN4w8N04qKJGZjJ69MiAvw_qaW5wUzLVoKjMvH53NKHLKM2eXSjnptjSfckJvkvDFj04CsNLBVg8jlv-_PGPtsbaYGw0p_cdZHxtmbwdI8K5G-DfyuMw3Rtw9v-j4cOAbJnsnOAlZcBDfiLeOi13rcLDeHA_Kliyb-xbJj-0oiuJNa_D5cQVZeb-3UYNPWEH4cw7CzWA83rM60r6rgtA0csKAv9JTR_9ePIImd0YbA-gUAv7_uWyJwOjdRFvKEWtpkwm6SnsyZfFk2QVZGmf&sai=AMfl-YQwFItKVID9pbfpdxJ9qaf_7hA1BChKYwjwzNhbpUG6N0Psft5vG1YhUKIasdXlzgWSGB4uqkTdzmZo0aaZFuO9uYxk8MUE91w8w9GvkII6rbejl9FRe4Hwv9hqnMh9uvOw4bPs5k1CwtTXCLfT-6Uc38FSl9Rw3A&sig=Cg0ArKJSzIKdayBUugdEEAE&cid=CAQSSwDICaaNIWTFIsWe5L1z76smVJMEhGfCJ50qBetaiw0LOqwY3z-fFpBZOyeudCjWqHdwbmgqDBpiMW9sY8uyVaQ23c_h0S8xdj2tkRgB&id=ampim&o=288,615&d=1024,264&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,0,1002,1002&tos=0,0,0,1002,0&tfs=1150&tls=2152&g=100&h=100&tt=2152&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F515 42 B
108 B 82ms
82ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIrxcl5ZKRsimEhQ6vq6EYuYlFYX3lTtDnp2WzydxRcad2SrrZoUmlsUWG8tpu8uLrHH9X2OeWRAIVbmwFd9SwllR6TkdN91Ql74DxnAXdZX1hLqBBLCJHCzcpgvIkYmSAcaPPkPnpZA-brkg-fFU0ZFAsPk5ABZ8-kZQcki81L6LRT907OY6KmtwKBMUBaMPUjCQpYwyCAD1oL56UymW1iCB-Ew6NfmgdceweJRZQwIJvgh5PWf7GoVrqgYHodpuIodJoUcwconmq0Fu6ijDXftLNC5AaKY_FHwzAfqeOv9EPuCqIoGg_8PgvFMSJuU5hIgzTwXw18mOHmwfN4BKBuJBoULk8QhbyiBjLY9aLBcKOjKwwsBzU_bQ4uWED26mgRxZdZE8e5zN2ViAv-Hf6C2ceoyOM8qHu_kFQ7dI_Ws_zfQQF8Rt1P0l8RHXIQqAOrh7Q8sqVHH7RtGYVesi_u3PfNdJqsgROQc1RHcEEmXnRXO-QEj6GKlmF3TldiX6ZBR5X6lxLcnuoqwuEYx2u0_jDcUGGAXMnc_Xrf9b_hUpRgIne5Nri1LAFlABIQnFJWYDoJClZC0M21IVzHQ5zOT2s4xOSmKCWLgF_Io1UW-qzXtof3Rpxd1HFYfFkpuDOi-vnKajpIG2sFh8sCYaDeUgwoBKZnRR2Orbgq9sBTEVLDmdnJCREEatc_bFwaGTvTHzQer6_LGQzC11BAWOyyKtFPnGEMNIkwYbNrejH_JE5oVJWY3kxvGVq6Zc5r6c8GIK5s9XKDrCcAB1bjxvBh88c_rD_Ryv6PUmD9v7N3MM6-O366hpxI5tW4vNiXpdgAu7OtwPZZezIhsRXZw47JE_r8t8FPOQQwyGuT56zKwrLC27ccG2dLtrKavoAgQseW9CQ3PAqrjTyLKOLu6gFPXbxUhzhScmg5c4xcrAkoYK-aHZbPbZWmV4jB5bQNdC-jQCdheY7l8iuhkf4WP4icZMIMMNZo0m6-mZzP2ZLeaWks2ZEw9JDVyLhRZxORcNqJgYF_FCtGKyagn4bawE3xHeSCJeQaJWM5dGX5nnJa3Eva8MFmjK5qPl-xbyOLacphLiUu50U55Mm5woTNuorSc6QhqG0CUIbo2DHeg59V9pat-Fy4YNeepbLKMdqvwT8QvEZcirI0oOlBOOe6H4rJy_Qy12fTosVNJTQLsohLGuazfEubRDvh3Pe605I1ZdWWBIZx_oveVQqk1TTMW5VNGIunEEYpW1-fBQITvQx2zjd9-yQWhxhswfvjT1bES2z12bGuhamF3W0UAvXLjbYiIJ6Z5kShK2Ao5LqCzQA16cn0KDmtJXyfodWK7rxN-5oxesFlAyI5sMk04SdRS1qiPkPMnMVkO7y_2t7-Y2-nfG8PtFDStp9hTc2gCklyi2pV_OMUvzoFSSW2zhgJlrK_Azz-qA29DNY6qTcUtpkqUGOP7vEbH4jnTErl6HOU6OL2OSRhPnCYzyZt0LgJnFRFKJv70_Nr5JGvStRjF8ZQSC3bRY8l2vpPf3KoFbkjEMmdXX_pA3r2pkA00pxQyQtO9f6R8scQRv4UnCb9omna9XvaF0YUkMIB2IrGHQjlCgbdulgDNUqg2-Qw58wahCrWDd1d6tYT6v4gcszTQu-A97HYadPfAUlTrqsl2uVLfWJhivC80OTyc3o9sq7fC6LTix0ADHRtKtUd4cNIQ&sai=AMfl-YTUNaOxBVgICuDgJYyLA5PWxct7tKiih-borCXcsTbxqZ5mPedOJQBWjQnUd-dCNXULc2oN0T-qN2_kGmKQW7zbR_vlXWVEGs3Xf7IimvASfb4W4EwxJMLcO3lfz4OO1_CQZQKnP2gy1mtNIFb85d8QvYooLFAcew&sig=Cg0ArKJSzMWnQzzktbCoEAE&cid=CAQSSwDICaaNdgAZbrbjteyRDqDKrU__cX3x-tnRzz-D_7I4bU2fOr39WUZvZSisa-OFjQ1cFNeSsSu-W8oLJvTqDGxvXT5A7xQAHXBzWxgB&id=ampim&o=288,231&d=1024,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=1112&tls=2112&g=100&h=100&tt=2113&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.file-upload.in
URL: https://www.file-upload.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 17F9 43 B
215 B 429ms
192ms Image
image/gif 35.166.194.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1380004&asId=7806fc09-3a36-65c5-5bb6-088ea9aee039&tv=%7Bc:psHYst,time:555,type:e,im:%7Bpci:%7Btdr:507%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:555,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B546~0%5D,as:%5B546~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tR6jkMq+11%7C12%7C13%7C14*.1380004-69892548%7C141%7C151%7C16%7C17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:26,sis:426%7D&br=c
Requested by: Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.194.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-194-19.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:19 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 17F9 43 B
215 B 256ms
256ms Image
image/gif 35.166.194.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1380004&asId=7806fc09-3a36-65c5-5bb6-088ea9aee039&tv=%7Bc:psHYxV,pingTime:-10,time:893,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695855139055%7C%7C88a345e1daa8f2112db4c48c3da0e8ae%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C9e90ed030f07c5fd49231ad94740f138%7C%7Cf82eafde5b3317beaf5be280bf925aa5%7C%7Cd23a7ee9d581026730540734dc3186f1%7C%7Ca351eeb92133941d80469037590f16f5%7C%7Cdefc33117989d5b8ab09cbb51381fcec%7C%7C1663701684%7D
Requested by: Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.194.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-194-19.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:19 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/6760547312230464170/_export/ Frame 3722 84 KB
21 KB 793ms
60ms Document
text/html 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6760547312230464170/_export/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

e1493927469e5dacce9de93d6baba97dbdcc62f5c87709e2e6cd864fcafda040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 152952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20833
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Sep 2023 04:23:07 GMT
expires: Wed, 25 Sep 2024 04:23:07 GMT
last-modified: Thu, 02 Mar 2023 12:14:28 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 17F9 0
0 92ms
65ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRzgPcJR0av_GGD6olYN-LDWryUJke-nZ4ncOiEUwfx-aQEJiocXQxJlqF5GFLZelL-sf3d23w0CSmi9e0SlPEsjkS_66JjxWnGyIuUQYTRgZPOtCpebw0QZsYVSbwk6m0ZfGoasXciJdR3MfAEJOr5S-6AzHuxnVXlv6Wlmjz2Q&sai=AMfl-YTRf8_mgyRy3aVNPp6ITXzd7Xa4dWvXTK-gX42UM5pIgbaSKxmB1RLGHLIoof284iQdUG-tlaVzNCUIRsc5MifauEc2rXntKJC9cNyuE7U4b-BK09w5_81TPwBKKg&sig=Cg0ArKJSzG1TdvMFzWQGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=490&cbvp=1&cstd=486&cisv=r20230925.04209&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 93663
stags.bluekai.com/site/ Frame 17F9 62 B
566 B 297ms
169ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/93663?phint=event%3Dimp&phint=aid%3D8053256&phint=pid%3D361086632&phint=cid%3D29542452&phint=crid%3D187721194
Requested by: Host: 264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
URL: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 27 Sep 2023 22:52:19 GMT
content-length: 62
bk-server: ad02
content-type: image/gif

GET
H2 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 3722 29 KB
10 KB 99ms
99ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6760547312230464170/_export/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6760547312230464170/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 06:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 06:22:23 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 17F9 0
0 104ms
103ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRzgPcJR0av_GGD6olYN-LDWryUJke-nZ4ncOiEUwfx-aQEJiocXQxJlqF5GFLZelL-sf3d23w0CSmi9e0SlPEsjkS_66JjxWnGyIuUQYTRgZPOtCpebw0QZsYVSbwk6m0ZfGoasXciJdR3MfAEJOr5S-6AzHuxnVXlv6Wlmjz2Q&sai=AMfl-YTRf8_mgyRy3aVNPp6ITXzd7Xa4dWvXTK-gX42UM5pIgbaSKxmB1RLGHLIoof284iQdUG-tlaVzNCUIRsc5MifauEc2rXntKJC9cNyuE7U4b-BK09w5_81TPwBKKg&sig=Cg0ArKJSzG1TdvMFzWQGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1403&vt=11&dtpt=913&dett=3&cstd=486&cisv=r20230925.04209&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/rjgdqhjt7oy7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 1230ms
462ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309210101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

437d65e0b7d9186367e4e9a1e589012447720dcdd78ed6c365268175ebca9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12069
x-xss-protection: 0

GET
H2 200 CTA.png
s0.2mdn.net/sadbundle/6760547312230464170/_export/ Frame 3722 2 KB
2 KB 34ms
33ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6760547312230464170/_export/CTA.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

5300eadc71e4b33a3e9ff254c3128a8715c2474a5dec3e72dfc883c0eab54ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6760547312230464170/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 11:10:49 GMT
x-content-type-options: nosniff
age: 214891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1818
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 12:14:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Sep 2024 11:10:49 GMT

GET
H2 200 Text.png
s0.2mdn.net/sadbundle/6760547312230464170/_export/ Frame 3722 12 KB
12 KB 76ms
75ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6760547312230464170/_export/Text.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

5abc983928582f6b43250c97218648d288f8f0a2a8aab646c7b9f490b97bd5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6760547312230464170/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 04:23:08 GMT
x-content-type-options: nosniff
age: 152952
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11786
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 12:14:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Sep 2024 04:23:08 GMT

GET
H2 200 BG.png
s0.2mdn.net/sadbundle/6760547312230464170/_export/ Frame 3722 78 KB
78 KB 108ms
107ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6760547312230464170/_export/BG.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

3756abf9dca03f53501c304c2b9d802d224266407a0369e99a897e0e4fee213e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6760547312230464170/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 11:37:08 GMT
x-content-type-options: nosniff
age: 299712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79662
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 12:14:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 Sep 2024 11:37:08 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 17F9 42 B
174 B 1152ms
467ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsti2vUFsj5ADLf2pT8t515txxoVqnM2kVSvmkRYUdDsndNmxHt5BJ8f2QribSrSNGBj8I6_TR2toaFcIc-gBOMEuZT3YoBQ5C7WVCvHjFaXWrlXhosKgK4yNwVLQsCPoEwaGYEZclyHFQ&sai=AMfl-YRTjb8ErlrbKd6C9z3fsz7jMfxQsS-Zgs4QkCSGfQm-NfM-7Bn0qUAc1SNab1V1VQi0jRjpwnoIkJllu27wyay_iNs1XRMROXtGzaZU-15b4ExBxgEh_YbQBZ-R277YXiALaoEg0HObBcvy&sig=Cg0ArKJSzFGoWafwjCwrEAE&cid=CAQSSwDICaaNJbFzu9Cxe7AMNQ6eVxW4vFXutP-awp2JIjCBzLABLLjk2hS4XjNX2DIxYdUMJ36IspgcxuAtIYcsiEpj8d-AepngaWIwUBgB&id=lidar2&mcvt=1000&p=1078,909,1118,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=598638533&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695855136535&rpt=2105&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17F9 0
56 B 301ms
301ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5704674008803&version=m202309120101&ct=76&x=1&cor=17790655462619904000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 22:52:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
60ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js?cb=31078130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 22:52:21 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FFD9 13 KB
5 KB 51ms
49ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 24060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 16:11:21 GMT
expires: Thu, 26 Sep 2024 16:11:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DF3A 829 B
998 B 37ms
36ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

GSE /

Resource Hash

0f11cd0fb0dd51f90ed50f07fb1c9ed6982898b2962894a6c66491afead3fecf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FfAhtb4O_P2IKXklcjEMAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.file-upload.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FfAhtb4O_P2IKXklcjEMAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 22:52:21 GMT
expires: Wed, 27 Sep 2023 22:52:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DF3A 0
0 73ms
73ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309210101&jk=4108177984119804&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame FFD9 37 KB
15 KB 47ms
46ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 13:58:53 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame FFD9 0
41 B 26ms
26ms Image
text/plain 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mtBapQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 22:52:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.org/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.org/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Thu Sep 28 2023 00:53:13 GMT+0200 (Central European Summer Time), path=/
live.demand.supply/	1970-01-21 00:40:15	Name: demandSupplyTi Value: 8d6c1e50-e51c-41eb-bdf6-8ed7d3002c54
.demand.supply/	1970-01-20 15:04:16	Name: __cf_bm Value: Tsjac8TX6ZPZDdzWaFShsgpbpHPW.W04pYUNALW2bOM-1695855134-0-AS0Ov87sLh05guXGfWi+3lr4ObaJhNn4Zb50SsXE4gX0HkvLQHK5MyjCgjGMCEP35HFsXvo69UCPrhKQXL8mKn0=
.file-upload.in/	1970-01-21 00:40:15	Name: _ga_3T7TKCZCC9 Value: GS1.1.1695855135.1.0.1695855135.0.0.0
.file-upload.in/	1970-01-21 00:40:15	Name: _ga Value: GA1.2.1222344937.1695855136
.file-upload.in/	1970-01-20 15:05:41	Name: _gid Value: GA1.2.1883015737.1695855136
.file-upload.in/	1970-01-20 15:04:15	Name: _gat_gtag_UA_119779859_1 Value: 1
.file-upload.in/	1970-01-20 15:04:15	Name: lotame_domain_check Value: file-upload.in
.doubleclick.net/	1970-01-21 00:40:15	Name: IDE Value: AHWqTUloKihwIfaD9i_wBP1E7ostVrP5pH8z4AeOAA8pzX0V_V1PVbpB_jLM8hsyMzI
.file-upload.in/	1970-01-21 00:25:51	Name: __gads Value: ID=3319c6334f9fdf40:T=1695855136:RT=1695855136:S=ALNI_MZ6Lew3pffV5eAM4cQUqCTpceiArQ
.file-upload.in/	1970-01-21 00:25:51	Name: __gpi Value: UID=00000c87e2f279b8:T=1695855136:RT=1695855136:S=ALNI_MYCOKoJnyp8MUTRR1Cq8EDSnIJsKQ
.crwdcntrl.net/	1970-01-20 21:33:00	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 21:33:00	Name: _cc_id Value: e7d924b24fc94554ed3fa110384ea304
.file-upload.in/	1970-01-20 21:33:03	Name: _cc_id Value: e7d924b24fc94554ed3fa110384ea304
.file-upload.in/	1970-01-20 15:05:41	Name: panoramaId_expiry Value: 1695941536574
.criteo.com/	1970-01-21 00:25:51	Name: uid Value: 3e75381c-ef8a-454c-b2df-57c41166feb4
.file-upload.in/	1970-01-21 00:25:51	Name: cto_bundle Value: J4-z219FTHREbkZQZTZ3T0lReXlKdEVWZklTaGFhQ2EzeDNiZjJMZzdta1A0UU5GZkElMkJ1elAyZHdjU01iT3dMR0d6UWl0aGJUTnpQT1V1JTJGWTRwd0YzcFowZW03WGlaWHFKTlNmWGg5ZHg1WUhPOCUyQjJuMFh5Slc0RGJLVG1POERCTnl3M3BqYzlkZVQ1dnloRTBRd1Qwa2lyYWclM0QlM0Q
.casalemedia.com/	1970-01-20 23:49:51	Name: CMID Value: ZRSyIncneGg1-GKRYCVOLgAA
.casalemedia.com/	1970-01-20 17:13:51	Name: CMPS Value: 2132
.casalemedia.com/	1970-01-20 17:13:51	Name: CMPRO Value: 2132
.doubleclick.net/	1970-01-20 15:04:18	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 17:13:51	Name: ar_debug Value: 1
.bluekai.com/	1970-01-20 19:23:27	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 19:23:27	Name: bkpa Value: KJy206WvQY9xxBcENaS5zDj5HJLrWiD6i6Hvm72i6F/dIm3VWkP9jopp/Sk1XRZoenM/Zz5wP+kgK66/hBN01tuM4PtCb2RD9kZy2mwPNcM7yJCQU0Yl/A9=
.bluekai.com/	1970-01-20 19:23:27	Name: bku Value: lt6O9Ym0asPqHQX3

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.file-upload.in/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.file-upload.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

264802dbab483b095fa574439d86bf3a.safeframe.googlesyndication.com
ajax.googleapis.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
certify-js.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
id5-sync.com
images.dmca.com
invstatic101.creativecdn.com
live.demand.supply
mts0.google.com
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.file-upload.com
www.file-upload.in
www.file-upload.org
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
certify-js.alexametrics.com
www.file-upload.org
104.16.133.22
104.16.85.20
104.18.26.193
104.21.51.85
108.177.15.157
13.225.78.121
141.95.98.65
142.250.185.104
142.250.185.130
142.250.185.134
142.250.185.163
142.250.185.202
142.250.185.226
142.250.186.161
142.250.186.34
142.250.186.35
142.250.186.72
142.250.74.194
157.240.251.9
169.150.247.39
172.217.16.196
172.217.18.10
172.217.18.14
172.217.23.98
172.67.38.106
178.250.7.13
178.250.7.2
18.66.127.127
188.114.96.3
188.114.97.3
2.23.197.190
216.239.34.36
216.58.206.33
216.58.206.46
34.96.70.87
35.166.194.19
54.76.72.139
54.77.82.203
65.9.66.68
0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03582a6df025a7e7d3bba224becc0833131216206f50b9f6d9cce0f6dd775f5d
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
076f49c5c4285d33d4367cd4e943aafd74cb2a8faba78eebcdec26c95322bb5d
07fce0a882b19260cdf7410296f078bc8500e567de30f7d2fc6fba4e3171e84d
09035a19835d1af2033f0b7e4ef852c4a588f2fc2d66b66edf9cf60105938cef
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be981521e808229828fd10dd3a8eef3e3d94dea380f9cfbf6d07334dccdfe5e
0da03f3d8712ab3617c63802b18f25906fdf2ff72849eb774153714514347e0f
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0f11cd0fb0dd51f90ed50f07fb1c9ed6982898b2962894a6c66491afead3fecf
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1075a4cb5925a5362bc75ee3d0c3076529d2c487af387f69d24063d6d1cd4386
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13bcaed5b90d32eed7139ac90fefff84ab736d4035ae9a845a3bf043b42b045c
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
19b68ea8aaa2603358d262a1c417465686716857cc5f8d6800c902b31d7e80fc
248e2bccf0cffd34d8695da18aa4981ceb6d896074ad398635df84fa18e2e427
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2cd3f05decb1d9c26bd68a2cd2d13b1584eebbb92f78c15adbc894d02c6d4307
30ea956b12ae502e529c24365e9422d2428b75595511de013abc64d79eb510e8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3756abf9dca03f53501c304c2b9d802d224266407a0369e99a897e0e4fee213e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
3f554639522d67bc3be8d886512ac0b5b46608c45e7ed34795a4af2378942861
437d65e0b7d9186367e4e9a1e589012447720dcdd78ed6c365268175ebca9280
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4cdf22d79129282f0017ae09079ce3d6f19a53a7e88f4bb264b755e5de37f6f3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5300eadc71e4b33a3e9ff254c3128a8715c2474a5dec3e72dfc883c0eab54ed9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561816271d18d5622930ec9552ff956c8613948d2ccf47872322dfd8dc825c1f
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5a4c0724686b69371e770feac7509aa929a9873136e4f8c8042fb774570d447e
5a4d307fe75c54e535a5edcfd0a2d36758cd634b46b6f13cabf0ec0703e18b96
5abc983928582f6b43250c97218648d288f8f0a2a8aab646c7b9f490b97bd5c0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66227c832281a82a239eddbd5a5edfbaa80bb0502fed88cc9c15e28546bd0a78
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74b11b359d9819e440da4e204e0449ddfa77831084e1979ed9ddf4f87b441e0f
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
7c65dc284d235dab1b5b4a5f8290d2611c2aefc201c966504cc043e91e22194c
7ee3913ae468128114dde43ed235d0ada52104df9670a8e2e92ecde5995ad108
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff596e28b0ec6c2719f3c39633b967ca20d661f2c75959f903f39d0b7b63d6f
800e083bc13f36849a6eaf79edd2102d08f62a635d29e0acca022bbf1d97e117
810f499c3bf20b6a1da6846970c265b477f2a079179da96387a5fd6303aeae44
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88a864d4e17be5b74694a3f2e7309cca57670db18a9e4f7b1cb7b948807b9167
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
934e35d4758a5a103783d0574dd85b36a02c58e5010648e535f52580f4997a00
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
aeff6b59707db5ecf56a1bcc8073c800da4778774e5f9a3bb81a3e75dceaebe8
af2c49b9c1446b4bef9de10f4d1032a22b2080b0c96d62a5044cd59e30404a7e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b8ab5f91903d3ffacb3291e6c04e255b777d32970c2ac56f48e527089044b234
b9a42cb27417d2b87b8d5983655566731a38089d5e30735e9e931008ea59c634
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0be9b2791485bf94bcab34ffe07480167cbb0d941a57dd40eaa328f60849066
c277fb6c2467fddd89d0a5c8b8d5f08aea5cafef6c7e62df0d92142cc5d166ea
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
ca34cacc5c35eb51c708e9b8836b18ce066af1c0a68c3f6c2de93a2886957689
cc534450e8fceb2562aa45eeeb10aaa96ead2e1163692d47057caa60a223fb27
ce82560732bc4f76f1d204b5ec5cb77198d2083931a4b6f163ded570ddce779b
ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1
db5f2f0c8ffb7c264b6a0cb85b01c6779ab4fba795cd8a0d10285b145c946338
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
de2f42f7788041968ac0aeaf63dba36d5ef022bf9a9314ea195abd0d0eec8505
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
e1493927469e5dacce9de93d6baba97dbdcc62f5c87709e2e6cd864fcafda040
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ba11b150dbd837d55dc1a48e8166542d30a8d241d81e61814f612367fdee4a
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7
ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b5d028c07a8858c6761f3e74296310738dcb0ce8d8abff3a1cbea2d41deb35
f5377180e65619efdc1da7547144ffad4b6ce58d9c4f5c9ac624b9186766acf1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f
fef24e084eb94af90d76c5fd7cf16d1f9b3c6f469ddc2f182e1759fba0aad407

www.file-upload.in Open in urlscan Pro 104.21.51.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

193 Requests

95 %HTTPS

0 %IPv6

28 Domains

43 Subdomains

39 IPs

6 Countries

2686 kBTransfer

6926 kBSize

26 Cookies

32 Outgoing links

Page URL History

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.file-upload.in Open in urlscan Pro
104.21.51.85 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

95 %
HTTPS

0 %
IPv6

28
Domains

43
Subdomains

39
IPs

6
Countries

2686 kB
Transfer

6926 kB
Size

26
Cookies

193 HTTP transactions
9 data transactions