urlscan.io logo urlscan.io
SecurityTrails logo

fakeupdate.net Open in urlscan Pro
2606:4700:3032::6815:361e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fakeupdate.net/
Effective URL: https://fakeupdate.net/
Submission: On October 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 20 domains to perform 104 HTTP transactions. The main IP is 2606:4700:3032::6815:361e, located in United States and belongs to CLOUDFLARENET, US. The main domain is fakeupdate.net. The Cisco Umbrella rank of the primary domain is 916938.
TLS certificate: Issued by GTS CA 1P5 on September 3rd 2023. Valid for: 3 months.
This is the only time fakeupdate.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
18 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 146.75.116.157 54113 (FASTLY)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 104.244.42.200 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.185.130 15169 (GOOGLE)
2 4 104.18.26.193 13335 (CLOUDFLAR...)
2 3 37.252.171.21 29990 (ASN-APPNEX)
1 2 54.76.47.0 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:217... 16509 (AMAZON-02)
9 2600:1f18:1ac... 14618 (AMAZON-AES)
2 142.250.186.162 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
104 29
16    2606:4700:3032::6815:361e (United States)

ASN13335 (CLOUDFLARENET, US)
fakeupdate.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
18    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
platform.twitter.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
4    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
7    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    54.76.47.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
5    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2600:9000:2175:8a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
9    2600:1f18:1aca:4282:1419:c476:4c3f:7442 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a02:26f0:3500:6::17d8:4da9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
Apex Domain
Subdomains		 Transfer
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
323 KB
16 fakeupdate.net
fakeupdate.net — Cisco Umbrella Rank: 916938
91 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
static.doubleclick.net — Cisco Umbrella Rank: 304
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
57 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1153
static.adsafeprotected.com — Cisco Umbrella Rank: 720
dt.adsafeprotected.com — Cisco Umbrella Rank: 658
101 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
3 MB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
146 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
196 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
3 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 237
32 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
16 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1858
63 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
59 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 104
4 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
605 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
81 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
30 KB
104 20
Domain Requested by
18 pagead2.googlesyndication.com fakeupdate.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
16 fakeupdate.net 1 redirects fakeupdate.net
9 dt.adsafeprotected.com googleads.g.doubleclick.net
8 www.youtube.com fakeupdate.net
www.youtube.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
fakeupdate.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
7 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
googleads.g.doubleclick.net
5 s0.2mdn.net fakeupdate.net
s0.2mdn.net
googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 jnn-pa.googleapis.com www.youtube.com
4 platform.twitter.com fakeupdate.net
platform.twitter.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net fakeupdate.net
2 static.adsafeprotected.com googleads.g.doubleclick.net
2 fw.adsafeprotected.com 1 redirects fakeupdate.net
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 www.google.com www.youtube.com
tpc.googlesyndication.com
2 syndication.twitter.com platform.twitter.com
fakeupdate.net
2 fonts.gstatic.com www.youtube.com
2 www.google-analytics.com fakeupdate.net
www.google-analytics.com
1 code.createjs.com s0.2mdn.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 i.ytimg.com www.youtube.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.doubleclick.net www.youtube.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 www.facebook.com fakeupdate.net
1 cdnjs.cloudflare.com fakeupdate.net
104 29

This site contains no links.

Subject Issuer Validity Valid
fakeupdate.net
GTS CA 1P5		 2023-09-03 -
2023-12-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-08-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh

This page contains 14 frames:

Primary Page: https://fakeupdate.net/
Frame ID: F33EAEFBA64C2AB0B01F9C9355C84A00
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Frame ID: A1E07C4114D8DB68A4D32C0A7C8EA03B
Requests: 18 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FWindows-Update-Prank-451908161580324%2F&width=98&layout=button&action=like&show_faces=false&share=true&height=65&appId
Frame ID: 64B0FBDBBB5C5A37D064CB2B0E4E872B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Ffakeupdate.net
Frame ID: 2FB171A670771F4E7759891B200C1632
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 2B810729DD8E1C568A772FAE0779D000
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Frame ID: C28AFEA404458B54184CA357C7D56CDD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Frame ID: C44BD17FB86CE0B146A6B9F7C1B393CB
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&adk=1812271804&adf=3025194257&lmt=1679895908&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffakeupdate.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729807&bpp=2&bdt=537&idt=528&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8817327994&nras=1&correlator=8173688830837&frm=20&pv=1&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=537
Frame ID: BEFC50747CA3C1626917F00BD106C753
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKjwr-kBMAE&v=APEucNXlnRQa7yA_XkL7BSV_aDzPR35XhJwJcavtFDN8Y5LBuUw9HT2mP3g8-cQOlDVPPxT1wjsbPPtez0RTrnJRcIC3ggaqzx2kcA8bBv7l2cgIriULkPO7yIH7hZvYAbOTPNdv7wzM0AWfdmfpvowTTAYdiXvujeJvb546-ZWj34CeTnY_KJU
Frame ID: DBEC89EB8F137C988BB4EC857AB56188
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EB480FD76AEAD56895800529E08EC08D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 206A8BCE5432D061CF577D6357FF17AB
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7789511331865690800/index.html?ev=01_250
Frame ID: 7BFD52C963E9396D1C67067BC13F1E19
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F628AB423537EA9588DA7FA513E2C2A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 382032B178627C26B9F5579882485A71
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FakeUpdate.net - Windows Update Prank by fediaFediaPRANK: Fake Windows Update Screens

Page URL History Show full URLs

  1. http://fakeupdate.net/ HTTP 301
    https://fakeupdate.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

94 %
HTTPS

75 %
IPv6

20
Domains

29
Subdomains

29
IPs

4
Countries

4041 kB
Transfer

6866 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fakeupdate.net/ HTTP 301
    https://fakeupdate.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 60
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxd1UCIBIVCRLfV9P2iBUQ&google_cver=1
Request Chain 61
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSmnuqkmEYMUUQM3PuRqMAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxd1UCIBIVCRLfV9P2iBUQ&google_cver=1
Request Chain 62
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOl1d1ZUa1m_cSjNbDlkAlU&google_cver=1
Request Chain 63
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3MDE4MzQxOTAxMjgzMDIyMg%3D%3D
Request Chain 74
  • https://fw.adsafeprotected.com/rfw/st/1475223/71249331/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-3193838836354850&ias_chanId=1&ias_placementId=20103170778&bidurl=https://fakeupdate.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hrbht8qVRnWOTUIhvsrAgL&adContainerId=brand_safety_uqcpZc7pNbWn9u8PoPeFuAQ&cbFunctionName=goog_wrapCb_uqcpZc7pNbWn9u8PoPeFuAQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Ffakeupdate.net&adsafe_type=y&adsafe_url=https%3A%2F%2Ffakeupdate.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3193838836354850%26output%3Dhtml%26h%3D90%26slotname%3D8817327994%26adk%3D1524072864%26adf%3D2990025865%26pi%3Dt.ma~as.8817327994%26w%3D728%26lmt%3D1679895908%26url%3Dhttps%253A%252F%252Ffakeupdate.net%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697228729547%26bpp%3D227%26bdt%3D277%26idt%3D558%26shv%3Dr20231011%26mjsv%3Dm202310110101%26ptt%3D5%26saldr%3Dsd%26abxe%3D1%26correlator%3D8173688830837%26frm%3D20%26pv%3D2%26ga_vid%3D1955876280.1697228730%26ga_sid%3D1697228730%26ga_hid%3D1917345730%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D842%26ady%3D1080%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31077327%252C31078593%252C44798934%252C44805099%252C31078773%252C44803793%252C44804179%252C21065724%26oid%3D2%26pvsid%3D4012537199446712%26tmod%3D35649861%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfoE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DDt1pulH4aZ%26p%3Dhttps%253A%2F%2Ffakeupdate.net%26dtd%3D581&adsafe_type=d&adsafe_jsinfo=,id:5f5c51d2-d21e-e209-796e-3d04b4de527b,c:qXFqEl,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-jmc8m,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:10,mot:0,app:0,maw:0,fm:tSBgN55+11%7C12%7C13%7C14%7C15%7C16*.1475223-71249331%7C161%7C162%7C17%7C18,idMap:16*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:135,oid:a7b04919-6a06-11ee-9464-7a37da5466a0,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uqcpZc7pNbWn9u8PoPeFuAQ&cbFunctionName=goog_wrapCb_uqcpZc7pNbWn9u8PoPeFuAQ&true_pb=

104 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fakeupdate.net/
Redirect Chain
  • http://fakeupdate.net/
  • https://fakeupdate.net/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fakeupdate.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7ffff44add144cd4d3d78ae3bb377921c9f6f10aebb9965e85cb16c43672bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
815a4fe52f6b3623-FRA
content-encoding
br
content-type
text/html
date
Fri, 13 Oct 2023 20:25:29 GMT
last-modified
Mon, 27 Mar 2023 07:45:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XogFrM7PeDIr7GMg64hq6omfMAFrk%2FcnobpukmaDB7ZS5MlYk726tzxRchxo1hyQE9MMImOsercM%2BuaArLGYZj1BZvlfjrNA6XZ%2B7RftPMli5inhALocRUb6qf1YTjv2QLWTeA%2FfFTy%2BLdzVlg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
815a4fe4c89f18cb-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 13 Oct 2023 20:25:29 GMT
Expires
Fri, 13 Oct 2023 21:25:29 GMT
Location
https://fakeupdate.net/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgGW8WrIYCtNJ9OiDI%2BH%2FAnWF%2Ff%2BYCaU8wvYaclEAvw008YYkm7z8cQ28d2GTlWQuxzIeZfVJd3X7k%2FgcF%2FasmciyFvh0sjU7hZAO%2Bia6cg2LUAXwJ12LqgXvPknUfwfhoHbtnpZDZY%2FIQio4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
custom.js
fakeupdate.net/assets/js/ 		657 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fakeupdate.net/assets/js/custom.js
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95252e23463ed09d33676a3b1b51d9e89a6927b8eb3ab6ae9ca3960f81d8db90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
676
cf-polished
origSize=837
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 12 May 2016 09:15:37 GMT
server
cloudflare
etag
W/"345-532a199eb2040-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKYWhYhHCPRkIFlDuRoO6Yl%2FcBlC2H3XaE%2BoDyPiwiS3Vdm8gvoH8RCsPBzxa0hWJJiv2nmrxA0hwmijpPYtc3vE7NbKcZXdo5xVzvKZSadtQBmIyHFf5q9vn3ZnsRyadWn59fR6DeSShkSNag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
815a4fe5f8893623-FRA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5022628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
29930
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-74ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFojurZ%2BvbWX0em3wO%2Bq9MAGs%2BjW79KcWp2qxBMhRn5qzFVbAsv5VHwd314eOQhAJhXjTI2n9ehcGtdnnf%2F6kQavEcBcG6KrDny%2FnJSN8n2ZbgRC6%2BhxCdwuhsrIaP2i7Iunw3wvuRMU6MIY7H9702dO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
815a4fe6281d1e60-FRA
expires
Wed, 02 Oct 2024 20:25:29 GMT
langConv.js
fakeupdate.net/assets/js/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fakeupdate.net/assets/js/langConv.js
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd88d7d9f9f6b6e8e82e2e76abf6fddf174511fc169e063b763dff64638815e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
676
cf-polished
origSize=51273
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 26 Oct 2021 13:30:29 GMT
server
cloudflare
etag
W/"c849-5cf417b1ee740-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUQViC%2FT9N8P7GjTm6aPiVmhZS%2BKOEmG1zhlC8yCp0YEF5RTGpXt1zWyhaKxpdHesSL%2F4RKXyzotKyARMlPPQRRiv6JUXrfrRRYgUklWgqFsFahB11D%2BazA%2BHiyw8QMp83qGzJEr5%2FZxdP1gcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
815a4fe5f88d3623-FRA
style.css
fakeupdate.net/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fakeupdate.net/assets/css/style.css
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40644628946332f66c49f12d4e48dd3c56777ef977d9f737c45a63b0f3ce5bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
676
cf-polished
origSize=2890
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 29 Sep 2016 10:39:22 GMT
server
cloudflare
etag
W/"b4a-53da317370a80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5T3Ea2UUcHL8GSui9%2Fw4yo0mPPYAPMcv%2B6BMLpaAwy1i1lJRxcvLxlb4UE9XH1eUhRbQ0naWbfkriRvnPe3FtKDlMaOkNCEVcPNTEVPnSgibNKHI3m3QZkZXrmqShHjO32XlSjtKFRCqF%2F0uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
815a4fe5f88b3623-FRA
1.png
fakeupdate.net/assets/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/1.png
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0983d3b049412f41efa52320538de65a976f4ca5a16d3578856dab59836d13c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Mar 2018 16:36:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2857
etag
"3c31-5667093b47200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiytLY03Or8a%2BBZ8wrARGLJ74NFDvi%2F2av%2Bl1P8r5xu7BGd6G8rljllaXiucuyL2xWtHceDWfPHoe1BICNUcRmewCanafl59qoWM7VRfES0ya%2BT0rS4KbO2R93YweCDMUdfpfax3MNdBq52Aeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe5f88e3623-FRA
alt-svc
h3=":443"; ma=86400
content-length
15409
2.png
fakeupdate.net/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/2.png
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7beb0c53a82151bd6bba2fe3a370f76af882edc9e4998147e80a638964856030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Mar 2018 16:36:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2857
etag
"ca7-5667093b47200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ighsPvy12Mo3mS4Gvz99JOjyLQLTNRB4ZtyX906ST35bpxq%2B%2FH9Mv7RfgBX7blNNYK74HdJxUqCqeXM9OxKy%2Fjp%2FFoOpNkvL3E9lizhsvIDPv%2FADv7bWhhl3QY%2BKounNFVaZ5FH3q%2Ft6XcNRjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe5f8903623-FRA
alt-svc
h3=":443"; ma=86400
content-length
3239
3.png
fakeupdate.net/assets/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/3.png
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8308dcd44b0353aba5b383d4afcd9d927b168879ad1fb4b17ff34cb2d65f1271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Mar 2018 16:36:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6789
etag
"2abd-5667093b47200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FDEMx9QQleSaZBlZIYTvNo8jz%2FHE3PXa7cXAr%2B5L8regHPG%2Fkrq7Vuuvq47pSvFi3Gb%2BQhdwNP3fezyVCbiD%2Bl5Wsx0HhE65C1%2FI7atbqO45N2WgFAB8t3ALwOjzgRVUebbrwz4EU0qCRIDhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe63c745c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
10941
5.png
fakeupdate.net/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/5.png
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54e72f60515d8419c9d00be5c022a8bb8408d87150ad9945add926facdaa4b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Mar 2018 16:36:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6789
etag
"5d0-5667093b47200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cZiowlXQImXT5y2ghDE%2BwNH8f6OQB%2BWa0T39ITjA0QVKHSnOTxxtortQKldGJcGwSRSXN8Kr%2BwnJ0dvB%2Fs2XLWbOiKNgowhqgSgeaAFNsOstv0baYcMdJnO3VG%2BiiXczEUBQdby6XaWgA6Ydg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe64c7c5c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
1488
4.png
fakeupdate.net/assets/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/4.png
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150220933003cf016fd13951ed557a4dad49573f91fc1411e3001cedf93c496f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Mar 2018 16:36:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6789
etag
"2ab6-5667093b47200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBARpb6%2Fjnewq%2BF0uxIWRIeBxWoRl1KjCTWxpPsTl2wcSdkSiiK1hlVXWYvKW2q1PK0BHsgPuFTfqVVymEQjumXphFvlZfW7UeVPDq0HSw2Yw8Fi0ys5zhKafH%2BIC3Xu1M5MgT%2BSKQQ%2FMweaJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe66c955c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
10934
6.png
fakeupdate.net/assets/img/ 		503 B
978 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/6.png
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d11a0cf76becb7b7167d927824b0d39a899ca10aafd158893b884b6d8ceae037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Mar 2018 16:36:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6789
etag
"1f7-5667093d2f680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktx06PC1OWpogYuk3DA5yO2JaKhH%2BmDeqU30GTCQVJlBgXjkzUxrk58ZrX8WV2Dnh1X8Ljpx%2F8%2B5YBWjpqvUvl9IqNpYV1VfyRKkRcEN0Oxf%2BhNH%2B1Y1%2FqPkw6YeywQkaMidrRrwtVqsnPPCWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe66c965c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
503
7.png
fakeupdate.net/assets/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/7.png
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ee0b30227febd044b55a5fba34452126042938490f77e58aa255e104f42934

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Mar 2018 16:36:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6789
etag
"9bf-5667093d2f680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WA9%2FfO%2BbqQ3glOkhFf9XuMRqQX3IXXZBnyZVlgx3qX7YRV6yVqIsHdlVCVLGvyKN9eq1JLO5bcBTK7G9wMUqbN4sn8HzBhhG8aoLgaIz0oFvzLvrhLtu3vtoZWrhs7rlqIXzNE7TeKXSFYA48Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe66c9c5c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
2495
win10u.png
fakeupdate.net/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/win10u.png
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45b1bf2e93964a0c63249c9b1e53537fdc953293b16d1288354aee39b44acbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2016 10:37:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6789
etag
"135d-53da310a89300"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWj%2BgaudaqEUDXSpSiHF1Oax1xBM4mhITjT%2FqfxRI7RvDFi5mON3oamPpF%2Bmiva%2BHiHxi5YaThyRgIs8KUAOiwcU7563%2By%2BA6fX4cdqRkW8u%2Bjugim6ALzRi9g8DinDhw%2B%2Fj52lthUDwiIrpAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe66c9e5c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
4957
8.png
fakeupdate.net/assets/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/8.png
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f04d26db95a0751e381aaf1164839e947aa24aadde6a4b38167c3cf8fad74d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Mar 2018 16:36:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6789
etag
"14d0-5667093b47200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EyD5YD5tSXVQ7w9q2T4Iw5bHCRTF1LAUMJYi6wtrg80qmehvb8Rx1vHJaEx18qWq2JrzkGRTByLPJxgC8BbsSPdYx8jQ7EaL1o2tMSxUIyUk66TLhnIGJg8QyCmPHen8Lsb%2BWd2nSpASi5A4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe66c9f5c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
5328
10.png
fakeupdate.net/assets/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/10.png
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca5ec0ed8ffc6a5a23f5968ef87f4cfa571f0f7d74f3bbca1ba553b8a9f674b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Mar 2018 16:36:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6789
etag
"2245-5667093b47200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQjALg7nLuSUKHN4UuKbkIeH%2BhaeC1A1OpDYEZ9vq6%2Fn41WXSCdubz%2FSShdz2esXpVclqybfWOX%2BkzvMlUb%2BxRBdDa1O5mhjdb020bQ9KoyTZtW9gDq7KvC9qOH9GtR4aExuU301vvywIN5x9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe66ca25c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
8773
flag_gb.gif
fakeupdate.net/assets/img/ 		260 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeupdate.net/assets/img/flag_gb.gif
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:361e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
607ff69a26e07e4f9c3d8b2893e8f43dee37fc25b1d9590eb5a90ade2e2c52ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
cf-cache-status
HIT
last-modified
Thu, 12 May 2016 09:50:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6789
etag
"104-532a2186646c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RGq5kzOdHFvvE7luNDLVCdeoo6K%2BQkJQtt9q2HSRSmkx11aIYlTPB1pZMCegKHAa4uIp0T40Ih4lSWtkVjAk%2FEE0COMeHfkazQcTVmD3jiZ8xp0ztq9PDX7M025PZj8hpbiddHvSlgOo5ZCqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a4fe66ca35c80-FRA
alt-svc
h3=":443"; ma=86400
content-length
260
show_ads.js
pagead2.googlesyndication.com/pagead/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73cce5aa769833efac4a35709bc1f036d8780541a7e451288392591ea5085ae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9550
x-xss-protection
0
server
cafe
etag
5841156053607798194
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 20:25:29 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 19:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2147
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 13 Oct 2023 21:49:42 GMT
N_qT1cUymfk
www.youtube.com/embed/ Frame A1E0 		88 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73e00bca7a06a81607918516a7303dae49f5a27b4955e2cd97153fa6e31ec8a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fakeupdate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 20:25:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27598
x-served-by
cache-iad-kiad7000153-IAD, cache-fra-eddf8230128-FRA
last-modified
Mon, 09 Oct 2023 20:29:49 GMT
etag
"391b7fdf0c468036f27102529636f0ca+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
like.php
www.facebook.com/plugins/ Frame 64B0 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FWindows-Update-Prank-451908161580324%2F&width=98&layout=button&action=like&show_faces=false&share=true&height=65&appId
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fakeupdate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 13 Oct 2023 20:25:29 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
rFJ+Fl7CK1FDCjzHSVLBfW5x2W11/bGZqqEbYHda4JB2DwtFzEKLYsNpTRVHvk2rqxTGk810ERa0G67Mosbqng==
x-xss-protection
0
collect
www.google-analytics.com/j/ 		15 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1917345730&t=pageview&_s=1&dl=https%3A%2F%2Ffakeupdate.net%2F&ul=en-us&de=UTF-8&dt=FakeUpdate.net%20-%20Windows%20Update%20Prank%20by%20fediaFedia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=318774809&gjid=1865107484&cid=1955876280.1697228730&tid=UA-45751574-5&_gid=1733085842.1697228730&_r=1&_slc=1&z=819083895
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
d151cee42aef15964c2591cd563bd396f1ddb52a1c4a822990e0d0c2465827a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fakeupdate.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fakeupdate.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d08d5e76a3d36d826f4e450a594b92059b0ec258c3fd0f8889e0ead1fe9b8d2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50869
x-xss-protection
0
server
cafe
etag
4397160264865143696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 20:25:29 GMT
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame 2FB1 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Ffakeupdate.net
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://fakeupdate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 20:25:29 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 09 Oct 2023 20:29:18 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100103-IAD, cache-fra-eddf8230128-FRA
www-player.css
www.youtube.com/s/player/99faf012/ Frame A1E0 		378 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 19:10:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
4481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48960
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Oct 2024 19:10:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A1E0 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 06:47:09 GMT
x-content-type-options
nosniff
age
567500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 06:47:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A1E0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 21:26:35 GMT
x-content-type-options
nosniff
age
82734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 21:26:35 GMT
settings
syndication.twitter.com/ Frame 2FB1 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=43d1e0e7e9cc7e4c8bd0e7c9ddce828728f004e8
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Ffakeupdate.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
112
date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 13 Oct 2023 20:25:29 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
be61eb6084b23308
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
01e2942da76216ef2798b8b172cbbedb0fb4b54e4fdce991964b02c8430de29d
content-length
337
embed.js
www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/ Frame A1E0 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4802499c63d2e6e19004b408bfb4852b15f9540311eee943c0bc2fd2a16f5949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 20:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
170917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17074
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Oct 2024 20:56:52 GMT
www-embed-player.js
www.youtube.com/s/player/99faf012/www-embed-player.vflset/ Frame A1E0 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8290ad40ac2027d9a1c629cbb0106fea28df654f181f97900f5a154a8a4d4858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 19:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97303
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Oct 2024 19:58:27 GMT
base.js
www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/ Frame A1E0 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1d1ab20d78c80c5057b793854dacaf8b09d0221d5339fae079f7a64a4b861ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 20:56:52 GMT
x-content-type-options
nosniff
age
170917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2599100
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Oct 2024 20:56:52 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YD6QLMNJS9&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ef64778599fe439848fc6d187af043565c206d0df34134367073bdf60ecb99a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82180
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 20:25:29 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/ 		393 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3193838836354850&plah=fakeupdate.net&bust=31078773
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fce756cc852c212dcb3695e2cd9c1b2d00c4443ad437bab1daac8845bf831ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136679
x-xss-protection
0
server
cafe
etag
14716893323105665947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 20:25:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 2B81 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fakeupdate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
36581
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 10:15:48 GMT
etag
2603938475786422795
expires
Fri, 27 Oct 2023 10:15:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
button.13c48d2966337fafa1c1eb5533fdf29d.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.13c48d2966337fafa1c1eb5533fdf29d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:29 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
2617
x-served-by
cache-iad-kiad7000032-IAD, cache-fra-eddf8230128-FRA
last-modified
Wed, 04 Oct 2023 21:58:32 GMT
etag
"def6f3052007521ae22a38b870dfd318+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
collect
region1.google-analytics.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YD6QLMNJS9&gtm=45je3ab0&_p=1917345730&ul=en-us&sr=1600x1200&cid=1955876280.1697228730&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Ffakeupdate.net%2F&dt=FakeUpdate.net%20-%20Windows%20Update%20Prank%20by%20fediaFedia&sid=1697228729&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YD6QLMNJS9&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fakeupdate.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
platform.twitter.com/widgets/ Frame C28A 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7

Request headers

Referer
https://fakeupdate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
12585
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 20:25:30 GMT
etag
"8c8e58156094069be7351386d79afb40+gzip"
last-modified
Mon, 09 Oct 2023 20:29:17 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kcgs7200088-IAD, cache-fra-eddf8230128-FRA
embeds
syndication.twitter.com/i/jot/ 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ffakeupdate.net%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22fakeupdates%22%2C%22widget_creator_screen_name%22%3A%22fediafedia%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697228730003%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=43d1e0e7e9cc7e4c8bd0e7c9ddce828728f004e8
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
105
date
Fri, 13 Oct 2023 20:25:29 GMT
strict-transport-security
max-age=631138519
last-modified
Fri, 13 Oct 2023 20:25:30 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
50a1ab2e8e138e49
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
01e2942da76216ef2798b8b172cbbedb0fb4b54e4fdce991964b02c8430de29d
content-length
43
id
googleads.g.doubleclick.net/pagead/ Frame A1E0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Protocol
H3
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
782a985c52ffd8a29e764698cc3d3bf67d2ea18e43a628697d1ce26035421965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 13 Oct 2023 20:25:30 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A1E0 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:58 GMT
x-content-type-options
nosniff
age
872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 20:25:58 GMT
cookie.js
partner.googleadservices.com/gampad/ 		395 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=fakeupdate.net&callback=_gfp_s_&client=ca-pub-3193838836354850
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3193838836354850&plah=fakeupdate.net&bust=31078773
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2858e3f2a6d4f45c3ac7fc437c9f668d7b9ced76ef9e362d5129da76fd02b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C44B 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3193838836354850&plah=fakeupdate.net&bust=31078773
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
151d59450184ea5cc5a7c111b04c6b6553e67e6ae924b63a8441dfcdeb38109f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fakeupdate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
9813
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 20:25:30 GMT
expires
Fri, 13 Oct 2023 20:25:30 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C28A 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 13 Oct 2023 20:25:30 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A1E0 		68 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebf592802aea6f82a5e0b675cd352f3b2e832404a695234ff38605ebb6982863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 13 Oct 2023 20:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31890
x-xss-protection
0
remote.js
www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/ Frame A1E0 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d5197dcd797ff593a393617ed3331abb4cc43e731b412e42f0f56d3b8e67f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 20:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
170917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33682
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 01:50:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Oct 2024 20:56:53 GMT
1FLq2XtV8hqpAX6abx_iC4iA-kZWD4fpLy-A2GmPieY.js
www.google.com/js/th/ Frame A1E0 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/1FLq2XtV8hqpAX6abx_iC4iA-kZWD4fpLy-A2GmPieY.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d452ead97b55f21aa9017e9a6f1fe20b8880fa46560f87e92f2f80d8698f89e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 06:50:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
135325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14818
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 06:50:05 GMT
default.webp
i.ytimg.com/vi_webp/N_qT1cUymfk/ Frame A1E0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/N_qT1cUymfk/default.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0c3d0bc233ea0399082b6f06ddbca59157df3ee3b4888aef56998d42c53175f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 19:18:35 GMT
x-content-type-options
nosniff
age
4015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3674
x-xss-protection
0
server
sffe
etag
"1485451996"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 13 Oct 2023 21:18:35 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BEFC 		1016 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&adk=1812271804&adf=3025194257&lmt=1679895908&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffakeupdate.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729807&bpp=2&bdt=537&idt=528&shv=r20231011&mjsv=m202310110101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8817327994&nras=1&correlator=8173688830837&frm=20&pv=1&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=537
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3193838836354850&plah=fakeupdate.net&bust=31078773
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3519a8027c56f18b25c4f8236946a6d627c7841f7facd577810f9fa3b2ccdd52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fakeupdate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
373
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 20:25:30 GMT
expires
Fri, 13 Oct 2023 20:25:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A1E0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 20:25:30 GMT
generate_204
www.youtube.com/ Frame A1E0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?GOIRhA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 13 Oct 2023 20:25:30 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A1E0 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
43413995f1f49404432f2926189ed51d915e2a728d966165dca20232c91474da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 13 Oct 2023 20:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C44B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3SZah6AUrjxd3pQfQZkFDPvtEdy4i7No7WIrmtMwGy4gxdnTuzFSNPcq22tueZDBB590LRGRoHNMsshjIILjtLctgauJA-TeLRYPIULL7wl7_was
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C44B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13121343197104624526&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C44B 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 13 Oct 2023 20:25:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C44B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
11026
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 17:21:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame C44B 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
24710
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 13:33:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C44B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 20:25:30 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DBEC 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKjwr-kBMAE&v=APEucNXlnRQa7yA_XkL7BSV_aDzPR35XhJwJcavtFDN8Y5LBuUw9HT2mP3g8-cQOlDVPPxT1wjsbPPtez0RTrnJRcIC3ggaqzx2kcA8bBv7l2cgIriULkPO7yIH7hZvYAbOTPNdv7wzM0AWfdmfpvowTTAYdiXvujeJvb546-ZWj34CeTnY_KJU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 20:25:30 GMT
expires
Fri, 13 Oct 2023 20:25:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/118/ Frame A1E0 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/118/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 14:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14707
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 15:06:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 14 Oct 2023 14:48:33 GMT
rum
dsum-sec.casalemedia.com/ Frame DBEC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxd1UCIBIVCRLfV9P2iBUQ&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxd1UCIBIVCRLfV9P2iBUQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKjwr-kBMAE&v=APEucNXlnRQa7yA_XkL7BSV_aDzPR35XhJwJcavtFDN8Y5LBuUw9HT2mP3g8-cQOlDVPPxT1wjsbPPtez0RTrnJRcIC3ggaqzx2kcA8bBv7l2cgIriULkPO7yIH7hZvYAbOTPNdv7wzM0AWfdmfpvowTTAYdiXvujeJvb546-ZWj34CeTnY_KJU
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAloeReSwP4ny1GmN%2F27FqKpZHz79T5fkibjHWtJ1d7fl6sf4AXXc0HOf4bnyQuxYQBFHGsUq2euyl%2Fn%2BkNKdWXcl9NYU%2B0qAVPGRaRgTSxSxsnkwNyDADgGQn8D79O8K5aZGEL%2FsVKPdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
815a4ff06a5b1961-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxd1UCIBIVCRLfV9P2iBUQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DBEC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSmnuqkmEYMUUQM3PuRqMAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxd1UCIBIVCRLfV9P2iBUQ&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxd1UCIBIVCRLfV9P2iBUQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKjwr-kBMAE&v=APEucNXlnRQa7yA_XkL7BSV_aDzPR35XhJwJcavtFDN8Y5LBuUw9HT2mP3g8-cQOlDVPPxT1wjsbPPtez0RTrnJRcIC3ggaqzx2kcA8bBv7l2cgIriULkPO7yIH7hZvYAbOTPNdv7wzM0AWfdmfpvowTTAYdiXvujeJvb546-ZWj34CeTnY_KJU
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rM3WeBDAvB3t5h%2B0t8ZT1s2zQoLGqj8J6HtOaTQA%2F8SGmliNApSETSAgEjX9RH9Zp75H6lhnIzcV99zhnNUX7%2BYvf2o%2FGGtr1LjwaB4urRgSx9gViuloh0NWUcCEk%2B4kdIKdPDECmaPpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
815a4ff06a5c1961-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKxd1UCIBIVCRLfV9P2iBUQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DBEC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOl1d1ZUa1m_cSjNbDlkAlU&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOl1d1ZUa1m_cSjNbDlkAlU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKjwr-kBMAE&v=APEucNXlnRQa7yA_XkL7BSV_aDzPR35XhJwJcavtFDN8Y5LBuUw9HT2mP3g8-cQOlDVPPxT1wjsbPPtez0RTrnJRcIC3ggaqzx2kcA8bBv7l2cgIriULkPO7yIH7hZvYAbOTPNdv7wzM0AWfdmfpvowTTAYdiXvujeJvb546-ZWj34CeTnY_KJU
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
an-x-request-uuid
18a98a03-e29a-414f-a614-30628390723a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.134; 185.213.155.134; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOl1d1ZUa1m_cSjNbDlkAlU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DBEC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3MDE4MzQxOTAxMjgzMDIyMg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3MDE4MzQxOTAxMjgzMDIyMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKjwr-kBMAE&v=APEucNXlnRQa7yA_XkL7BSV_aDzPR35XhJwJcavtFDN8Y5LBuUw9HT2mP3g8-cQOlDVPPxT1wjsbPPtez0RTrnJRcIC3ggaqzx2kcA8bBv7l2cgIriULkPO7yIH7hZvYAbOTPNdv7wzM0AWfdmfpvowTTAYdiXvujeJvb546-ZWj34CeTnY_KJU
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
an-x-request-uuid
ba9382e6-6b65-476a-99dc-73d374ab20b2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3MDE4MzQxOTAxMjgzMDIyMg%3D%3D
x-proxy-origin
185.213.155.134; 185.213.155.134; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C44B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4830963654271&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C44B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4830963654271&version=m202309260101&ct=76&x=1&cor=13121343197104624000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C44B 		106 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-QhyWtBaM6vAYTG9yDy6d5nKsW4M7iFneiELqYC6aIFjGmvFZrSH8AruRi_ImDsq0H-irb2dIz6yF1hi83X5HeqG8GtuiPiWzqJVP1kjG9Qaue30z_jlG9xaXXRf9GB1cj2RTY-YYHYUg_a-zVCVe7frxlsqDKWQIL_bmnfMJ9L9lclQ&dbm_d=AKAmf-Bwlx5WLkj9ugYU7NvbQDMa3M4ZrhcGdhXAF7aD4dRRUYPTJcvyxjxDSCt7QejsXntRrCRujA7OwBPp94b9fxSxjBZ5rvK76hvrNJaWgqAnd4H3_nDFVu0PXaQOpptCrusyzVfkLoWFQxkMOqs7zL4EoTOfU4H8xXptrFiPlKYhP8jiIqqWEGxEl3eHRLPwzhDok9l0sedX47s-JJAUkPPOrmnSTrsgedENsLQKpzEzxF_8MWEMiUxTaZm7DqxBPMyJP120h-1j0w2nbjU1Clv__poaIv1MfQGwV_snakHoIGQk3LOHnkoqizk4XRjyhE6IgQG-wgarz2vgNEEW_SqRmsJyFZVcYagmmqmbmplY8M4rWpa_AQca5fcPoAInSOnoHdnjbSjy39js3Q4bdTORyT_IgC9GBxaK9p2sCdJmwqe03UG41meAAiC0EXX_NBxAHwZKDD40AMr23Jjoc1totW_MD3EiWk7D-Yh1-CJ8WdvTlHt25WFncBiwyuwJFXH4AlAZsrBggSFdVHPw-n0s87rfjNGo9FF8ekAQq4yPhhkqm02438p_5z9vWTYOVDPMHbf0vsWCxbh5Yrl45H0k24iMrMkA9cocUdERZc1OePhE7T2FXjmxgyPhk3wkUSHb6SwvNd72FkFdYM9SrEjfUs69WhSLfGAugXKQ8fiCdV-XEeY3DmV0CZeB5C75ba9VV8ZarTlXbqDVrej8PXySo6U-Vsw7z1SIPu0JxC9D4Y1l164rJ6gqdsDiECzz_pxCyDJfSyq20TA74t9AjBKCiqL7idWbgVCT9wGsm75z8vvdhH56cDmFjkGJPe3MOg1tX0EhbWDbYykEL_QiJ36OLjO1UvigexhNLDEpa9u58dVrdXJdl4Cf5cJ53yVTWcRTNZUfqk_fCP-IFvNa3_Z_LoULChvVkRiu4w14cTs2FPZXWy4BFSATbImYnUwe9mkpE3yxFmchgEuCQygSrmjYg4nLRfaJmHs_pfiBJGBkOolPvZ04mjq5asf2h_XncxIhVu0E--sb2OZ97ATn79qKnpBg-GbKrCEGBH6HWvp1i0ULJvdoD_ZShQW7Vjqbq0T-fbgqcLMtCzavcf1AbBIq4cdMPbQd__tFu3arJ9D7DPoF1psMmvzhhugeg4t6q6jrmZgOfEB6T5nMjjwZlQxbQDSLNF2llb_gWHTnQI-pMgMZ-B3AqtIQyZbWDSH7ZgqdczePewqmdxpsgNK3LarlutaQsTjpXSf1cu8-VluPSXRjRcrzKFNNZ8zN_zgfev5DOvxaLrIEi2gx6vl0kpKqnXy9QKy1xhKugKtjNty0mY-bc2HP4a4XoQdBsIixPF867ZRvO1IQDzq_QqjkUfHOyQQm5JL5oTT2pB8c3p_JCpaKy4scsg124OKwyEQjS9lWodAqDndrwdu7bna4RglTSeDEqXmyePyfuRF-kmtTXEXx5ciV_-FM0Zu5KX5W-yYgflJvSo0kM3PLPxUNc-JqG1rpalLe1bV11vjsijSGTu_HL8BzexIS9262EMpBP8GXfAney04fn_G79YdfiZkJ7BeOqwhEtaompxRtJMcoRtyVLJNXGjHXPER_3-v09eBIeeUH_xJyt43HsdWV03_kfpvSEWCv7Gfi6NThDsSmQ2g2TVWyw4jNqPxNZxNf4u4dg4jtDjlYXXQuf4j29VJnt5d2JlgQ7oA0YxWRJL74bLhPHRnQ8lcFfhpogilmEmlFZF1kSaJbT5Cm9urOfzjXDSfBnZti1afFj1g6cwhGgqtWA70H0kX91vE7W_EkZdCniv0AGwnuBD65Yy3QwXH43BRuhX6bGniQGFWIRyGhZER-CVprm2OQo1r-Xje422ZAw-SsXfKAIPjlCnabjTZvpZiRAKWoB0RbTfb17n5I8i22LEw7OOKxGEb3HvEzq5OTarbnTmKW_Zeg7NmxV06UOgn_qlknsVr-UkEH8nDpwxxs46dFRdD7Te8z6o7LBnFrqizELfdB3chxIthdIaIpk_LVpPf6_58tWXr_3NL2bwBwDiht-IcHDp6YtqLTNzUPv--rm-4KpwZz87OW8EwqKOXa5pGiethxQ9I80oY4GCVbd_8Frz1pSbrnt9uCl_PnEoeoq6bbu3dHMbsMUO2X5O4c3wOd3ts_vJEbELqzKktaWe5nScDu80A9USC80CxlZxV-0_TeNIUyF8swTqYFePVSluAgOLZ7Yb4QdmiruyGTZ5xnAvyJb1yaxlvpWsDaMAvMUWHO-vl9mj9Wi1qzu41IN70lhRI8M8MULrkL9jndrEGyLLnH9oT8K86_7aqgmhG7z-zzhpcauiSZCTMNs9FtPAa94gymTBGTC4ukokp2x_AcdN7rSYWLFyWvmaHweFEhAM3iD0UnYU5dqE9uxGVJLAhoLwTRPkwyxtBZMCyFxrioYXDKlQ1U4SDTWz66nFOky4s0GtnjPkHc7TIUoJvC0aWXc3Xd2k98V-FfF0WlKSI9AO0-EZAKzpeR-8mgH478jBeVzy3xN3CyYbOokIKIMF6xj3BDSGRJ2xMJNTQkOMv-9qf2kCxw4bft4Mi-MNoE9mzrjpwx0mTuOZdqketmNzOXyJHylCS8RD_xp5riWnHEiJ9dbIvQr45kRnbcqvyNo1HFruZA_9HyRhoO-p2tN6YbrkLpLsl8QKZLwaMs-ywAzdCY5sUZATKXBsKRqxb4Z6wGvlDR9Uysylb_RtHJ_E8VjmnrcbsI1gfRGWE-2s8hQw__SDliE2gxT-uJ4sk7Y-xyP7zioDO6b9JoBEX5BPulNcvfTPgfuYuHFLMi4-5QZkuxuvBO0gLU7HD2gZBmJ85fzmsr1-aA9DKjS70noDQTVo3zb9fw597HnAJLBXNT6v80EoF5uzucZhvbIpJW5UGYiK7IUqd8hzGfgc540_ODI2YlCx7PlxaTAhTJDUyAwSDBIhaVpnL6xWSKfctXY6P40h1jds5YClTQyQjwLef7d28nXG8bRsOtRX2B6uywBA-3woZpXgiFwhNpPosyloMtzh0UkpJuyljTJFGFwSWDPX5fQGg7iBPrZC5XF2gqwKoGZOy_C6FBwdu2Iw999UWNfqMELdehRQppIvfeBjMCU_lPc_2peZer8cdkyjDjOy6u7qXakdjUYGA6L9pjCSmbR-6fxKAaUid6SIT1GgY4iwQPTI3_X03PyA9o4QSmiLrubAOfVR5TTejOVe9yOl5y_wtADgNy1FUKpx9tvgZhVBPXt0jgjQFeNmLNVgavL0EeIqxW7xU2AiuapBfuuazkz7-dVv68NIQl_j5MkTYgtu0j7JcE6W7aBH0BRirVoarsIDKeNyADMRxKIrWE2q3XAogSAmtZo_qeA7djW9rb-aaEK46RVKOaDnSCsX9sgln_1Y2MixZ2L-uuYM7S5cteFq9HT30JbawTyRuPZBS67sAAAEHvLwsUoc82znz11JybKNoByPL-OfoiDrD271g9NAovLuEUmRwr8QvXYc2l0Gj32ZQmnRvq4za3KDi6ollGxuQfNUZbgFRejM93dF5NHahkyze8coSyVAMWdQaqGtqnc09mlXSbQWsEdzJOtETPhkigonhRL1JXrItAkOFLdg3juztT-s1qGrPQo6eeAbMwDm5pWiOGbgn8TO4yB3nKDQi-9rCM4mo-y3PM2CCcoqcrusCEALBzPmhEQw&cid=CAQSSwDICaaNsJQs7LVB8njxZGK1LDm02NEWKioxmMkwFt8XNz-MeQ1f27AV5xvwHZnE3vVCXhp8eIPTihMub0bYgJY88ZybotOYeEz5yRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffakeupdate.net%2F&ds=l&xdt=1&iif=1&cor=13121343197104624000&adk=2228999115&idt=132&cac=0&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a287be710554c3741b70e5a07511903de728248f02766390fdcc4b57e413a730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41346
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1475223/71249331/ Frame C44B 		249 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1475223/71249331/skeleton.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-3193838836354850&ias_chanId=1&ias_placementId=20103170778&bidurl=https://fakeupdate.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hrbht8qVRnWOTUIhvsrAgL
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.47.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-47-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef56f3ea9645bd0ce011acc8b7c1ed77227b28b550a935d8cdec2f904fae5b83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:31 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C44B 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 14 Oct 2023 20:02:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame C44B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-QhyWtBaM6vAYTG9yDy6d5nKsW4M7iFneiELqYC6aIFjGmvFZrSH8AruRi_ImDsq0H-irb2dIz6yF1hi83X5HeqG8GtuiPiWzqJVP1kjG9Qaue30z_jlG9xaXXRf9GB1cj2RTY-YYHYUg_a-zVCVe7frxlsqDKWQIL_bmnfMJ9L9lclQ&dbm_d=AKAmf-Bwlx5WLkj9ugYU7NvbQDMa3M4ZrhcGdhXAF7aD4dRRUYPTJcvyxjxDSCt7QejsXntRrCRujA7OwBPp94b9fxSxjBZ5rvK76hvrNJaWgqAnd4H3_nDFVu0PXaQOpptCrusyzVfkLoWFQxkMOqs7zL4EoTOfU4H8xXptrFiPlKYhP8jiIqqWEGxEl3eHRLPwzhDok9l0sedX47s-JJAUkPPOrmnSTrsgedENsLQKpzEzxF_8MWEMiUxTaZm7DqxBPMyJP120h-1j0w2nbjU1Clv__poaIv1MfQGwV_snakHoIGQk3LOHnkoqizk4XRjyhE6IgQG-wgarz2vgNEEW_SqRmsJyFZVcYagmmqmbmplY8M4rWpa_AQca5fcPoAInSOnoHdnjbSjy39js3Q4bdTORyT_IgC9GBxaK9p2sCdJmwqe03UG41meAAiC0EXX_NBxAHwZKDD40AMr23Jjoc1totW_MD3EiWk7D-Yh1-CJ8WdvTlHt25WFncBiwyuwJFXH4AlAZsrBggSFdVHPw-n0s87rfjNGo9FF8ekAQq4yPhhkqm02438p_5z9vWTYOVDPMHbf0vsWCxbh5Yrl45H0k24iMrMkA9cocUdERZc1OePhE7T2FXjmxgyPhk3wkUSHb6SwvNd72FkFdYM9SrEjfUs69WhSLfGAugXKQ8fiCdV-XEeY3DmV0CZeB5C75ba9VV8ZarTlXbqDVrej8PXySo6U-Vsw7z1SIPu0JxC9D4Y1l164rJ6gqdsDiECzz_pxCyDJfSyq20TA74t9AjBKCiqL7idWbgVCT9wGsm75z8vvdhH56cDmFjkGJPe3MOg1tX0EhbWDbYykEL_QiJ36OLjO1UvigexhNLDEpa9u58dVrdXJdl4Cf5cJ53yVTWcRTNZUfqk_fCP-IFvNa3_Z_LoULChvVkRiu4w14cTs2FPZXWy4BFSATbImYnUwe9mkpE3yxFmchgEuCQygSrmjYg4nLRfaJmHs_pfiBJGBkOolPvZ04mjq5asf2h_XncxIhVu0E--sb2OZ97ATn79qKnpBg-GbKrCEGBH6HWvp1i0ULJvdoD_ZShQW7Vjqbq0T-fbgqcLMtCzavcf1AbBIq4cdMPbQd__tFu3arJ9D7DPoF1psMmvzhhugeg4t6q6jrmZgOfEB6T5nMjjwZlQxbQDSLNF2llb_gWHTnQI-pMgMZ-B3AqtIQyZbWDSH7ZgqdczePewqmdxpsgNK3LarlutaQsTjpXSf1cu8-VluPSXRjRcrzKFNNZ8zN_zgfev5DOvxaLrIEi2gx6vl0kpKqnXy9QKy1xhKugKtjNty0mY-bc2HP4a4XoQdBsIixPF867ZRvO1IQDzq_QqjkUfHOyQQm5JL5oTT2pB8c3p_JCpaKy4scsg124OKwyEQjS9lWodAqDndrwdu7bna4RglTSeDEqXmyePyfuRF-kmtTXEXx5ciV_-FM0Zu5KX5W-yYgflJvSo0kM3PLPxUNc-JqG1rpalLe1bV11vjsijSGTu_HL8BzexIS9262EMpBP8GXfAney04fn_G79YdfiZkJ7BeOqwhEtaompxRtJMcoRtyVLJNXGjHXPER_3-v09eBIeeUH_xJyt43HsdWV03_kfpvSEWCv7Gfi6NThDsSmQ2g2TVWyw4jNqPxNZxNf4u4dg4jtDjlYXXQuf4j29VJnt5d2JlgQ7oA0YxWRJL74bLhPHRnQ8lcFfhpogilmEmlFZF1kSaJbT5Cm9urOfzjXDSfBnZti1afFj1g6cwhGgqtWA70H0kX91vE7W_EkZdCniv0AGwnuBD65Yy3QwXH43BRuhX6bGniQGFWIRyGhZER-CVprm2OQo1r-Xje422ZAw-SsXfKAIPjlCnabjTZvpZiRAKWoB0RbTfb17n5I8i22LEw7OOKxGEb3HvEzq5OTarbnTmKW_Zeg7NmxV06UOgn_qlknsVr-UkEH8nDpwxxs46dFRdD7Te8z6o7LBnFrqizELfdB3chxIthdIaIpk_LVpPf6_58tWXr_3NL2bwBwDiht-IcHDp6YtqLTNzUPv--rm-4KpwZz87OW8EwqKOXa5pGiethxQ9I80oY4GCVbd_8Frz1pSbrnt9uCl_PnEoeoq6bbu3dHMbsMUO2X5O4c3wOd3ts_vJEbELqzKktaWe5nScDu80A9USC80CxlZxV-0_TeNIUyF8swTqYFePVSluAgOLZ7Yb4QdmiruyGTZ5xnAvyJb1yaxlvpWsDaMAvMUWHO-vl9mj9Wi1qzu41IN70lhRI8M8MULrkL9jndrEGyLLnH9oT8K86_7aqgmhG7z-zzhpcauiSZCTMNs9FtPAa94gymTBGTC4ukokp2x_AcdN7rSYWLFyWvmaHweFEhAM3iD0UnYU5dqE9uxGVJLAhoLwTRPkwyxtBZMCyFxrioYXDKlQ1U4SDTWz66nFOky4s0GtnjPkHc7TIUoJvC0aWXc3Xd2k98V-FfF0WlKSI9AO0-EZAKzpeR-8mgH478jBeVzy3xN3CyYbOokIKIMF6xj3BDSGRJ2xMJNTQkOMv-9qf2kCxw4bft4Mi-MNoE9mzrjpwx0mTuOZdqketmNzOXyJHylCS8RD_xp5riWnHEiJ9dbIvQr45kRnbcqvyNo1HFruZA_9HyRhoO-p2tN6YbrkLpLsl8QKZLwaMs-ywAzdCY5sUZATKXBsKRqxb4Z6wGvlDR9Uysylb_RtHJ_E8VjmnrcbsI1gfRGWE-2s8hQw__SDliE2gxT-uJ4sk7Y-xyP7zioDO6b9JoBEX5BPulNcvfTPgfuYuHFLMi4-5QZkuxuvBO0gLU7HD2gZBmJ85fzmsr1-aA9DKjS70noDQTVo3zb9fw597HnAJLBXNT6v80EoF5uzucZhvbIpJW5UGYiK7IUqd8hzGfgc540_ODI2YlCx7PlxaTAhTJDUyAwSDBIhaVpnL6xWSKfctXY6P40h1jds5YClTQyQjwLef7d28nXG8bRsOtRX2B6uywBA-3woZpXgiFwhNpPosyloMtzh0UkpJuyljTJFGFwSWDPX5fQGg7iBPrZC5XF2gqwKoGZOy_C6FBwdu2Iw999UWNfqMELdehRQppIvfeBjMCU_lPc_2peZer8cdkyjDjOy6u7qXakdjUYGA6L9pjCSmbR-6fxKAaUid6SIT1GgY4iwQPTI3_X03PyA9o4QSmiLrubAOfVR5TTejOVe9yOl5y_wtADgNy1FUKpx9tvgZhVBPXt0jgjQFeNmLNVgavL0EeIqxW7xU2AiuapBfuuazkz7-dVv68NIQl_j5MkTYgtu0j7JcE6W7aBH0BRirVoarsIDKeNyADMRxKIrWE2q3XAogSAmtZo_qeA7djW9rb-aaEK46RVKOaDnSCsX9sgln_1Y2MixZ2L-uuYM7S5cteFq9HT30JbawTyRuPZBS67sAAAEHvLwsUoc82znz11JybKNoByPL-OfoiDrD271g9NAovLuEUmRwr8QvXYc2l0Gj32ZQmnRvq4za3KDi6ollGxuQfNUZbgFRejM93dF5NHahkyze8coSyVAMWdQaqGtqnc09mlXSbQWsEdzJOtETPhkigonhRL1JXrItAkOFLdg3juztT-s1qGrPQo6eeAbMwDm5pWiOGbgn8TO4yB3nKDQi-9rCM4mo-y3PM2CCcoqcrusCEALBzPmhEQw&cid=CAQSSwDICaaNsJQs7LVB8njxZGK1LDm02NEWKioxmMkwFt8XNz-MeQ1f27AV5xvwHZnE3vVCXhp8eIPTihMub0bYgJY88ZybotOYeEz5yRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffakeupdate.net%2F&ds=l&xdt=1&iif=1&cor=13121343197104624000&adk=2228999115&idt=132&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
24406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 13:38:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame C44B 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-QhyWtBaM6vAYTG9yDy6d5nKsW4M7iFneiELqYC6aIFjGmvFZrSH8AruRi_ImDsq0H-irb2dIz6yF1hi83X5HeqG8GtuiPiWzqJVP1kjG9Qaue30z_jlG9xaXXRf9GB1cj2RTY-YYHYUg_a-zVCVe7frxlsqDKWQIL_bmnfMJ9L9lclQ&dbm_d=AKAmf-Bwlx5WLkj9ugYU7NvbQDMa3M4ZrhcGdhXAF7aD4dRRUYPTJcvyxjxDSCt7QejsXntRrCRujA7OwBPp94b9fxSxjBZ5rvK76hvrNJaWgqAnd4H3_nDFVu0PXaQOpptCrusyzVfkLoWFQxkMOqs7zL4EoTOfU4H8xXptrFiPlKYhP8jiIqqWEGxEl3eHRLPwzhDok9l0sedX47s-JJAUkPPOrmnSTrsgedENsLQKpzEzxF_8MWEMiUxTaZm7DqxBPMyJP120h-1j0w2nbjU1Clv__poaIv1MfQGwV_snakHoIGQk3LOHnkoqizk4XRjyhE6IgQG-wgarz2vgNEEW_SqRmsJyFZVcYagmmqmbmplY8M4rWpa_AQca5fcPoAInSOnoHdnjbSjy39js3Q4bdTORyT_IgC9GBxaK9p2sCdJmwqe03UG41meAAiC0EXX_NBxAHwZKDD40AMr23Jjoc1totW_MD3EiWk7D-Yh1-CJ8WdvTlHt25WFncBiwyuwJFXH4AlAZsrBggSFdVHPw-n0s87rfjNGo9FF8ekAQq4yPhhkqm02438p_5z9vWTYOVDPMHbf0vsWCxbh5Yrl45H0k24iMrMkA9cocUdERZc1OePhE7T2FXjmxgyPhk3wkUSHb6SwvNd72FkFdYM9SrEjfUs69WhSLfGAugXKQ8fiCdV-XEeY3DmV0CZeB5C75ba9VV8ZarTlXbqDVrej8PXySo6U-Vsw7z1SIPu0JxC9D4Y1l164rJ6gqdsDiECzz_pxCyDJfSyq20TA74t9AjBKCiqL7idWbgVCT9wGsm75z8vvdhH56cDmFjkGJPe3MOg1tX0EhbWDbYykEL_QiJ36OLjO1UvigexhNLDEpa9u58dVrdXJdl4Cf5cJ53yVTWcRTNZUfqk_fCP-IFvNa3_Z_LoULChvVkRiu4w14cTs2FPZXWy4BFSATbImYnUwe9mkpE3yxFmchgEuCQygSrmjYg4nLRfaJmHs_pfiBJGBkOolPvZ04mjq5asf2h_XncxIhVu0E--sb2OZ97ATn79qKnpBg-GbKrCEGBH6HWvp1i0ULJvdoD_ZShQW7Vjqbq0T-fbgqcLMtCzavcf1AbBIq4cdMPbQd__tFu3arJ9D7DPoF1psMmvzhhugeg4t6q6jrmZgOfEB6T5nMjjwZlQxbQDSLNF2llb_gWHTnQI-pMgMZ-B3AqtIQyZbWDSH7ZgqdczePewqmdxpsgNK3LarlutaQsTjpXSf1cu8-VluPSXRjRcrzKFNNZ8zN_zgfev5DOvxaLrIEi2gx6vl0kpKqnXy9QKy1xhKugKtjNty0mY-bc2HP4a4XoQdBsIixPF867ZRvO1IQDzq_QqjkUfHOyQQm5JL5oTT2pB8c3p_JCpaKy4scsg124OKwyEQjS9lWodAqDndrwdu7bna4RglTSeDEqXmyePyfuRF-kmtTXEXx5ciV_-FM0Zu5KX5W-yYgflJvSo0kM3PLPxUNc-JqG1rpalLe1bV11vjsijSGTu_HL8BzexIS9262EMpBP8GXfAney04fn_G79YdfiZkJ7BeOqwhEtaompxRtJMcoRtyVLJNXGjHXPER_3-v09eBIeeUH_xJyt43HsdWV03_kfpvSEWCv7Gfi6NThDsSmQ2g2TVWyw4jNqPxNZxNf4u4dg4jtDjlYXXQuf4j29VJnt5d2JlgQ7oA0YxWRJL74bLhPHRnQ8lcFfhpogilmEmlFZF1kSaJbT5Cm9urOfzjXDSfBnZti1afFj1g6cwhGgqtWA70H0kX91vE7W_EkZdCniv0AGwnuBD65Yy3QwXH43BRuhX6bGniQGFWIRyGhZER-CVprm2OQo1r-Xje422ZAw-SsXfKAIPjlCnabjTZvpZiRAKWoB0RbTfb17n5I8i22LEw7OOKxGEb3HvEzq5OTarbnTmKW_Zeg7NmxV06UOgn_qlknsVr-UkEH8nDpwxxs46dFRdD7Te8z6o7LBnFrqizELfdB3chxIthdIaIpk_LVpPf6_58tWXr_3NL2bwBwDiht-IcHDp6YtqLTNzUPv--rm-4KpwZz87OW8EwqKOXa5pGiethxQ9I80oY4GCVbd_8Frz1pSbrnt9uCl_PnEoeoq6bbu3dHMbsMUO2X5O4c3wOd3ts_vJEbELqzKktaWe5nScDu80A9USC80CxlZxV-0_TeNIUyF8swTqYFePVSluAgOLZ7Yb4QdmiruyGTZ5xnAvyJb1yaxlvpWsDaMAvMUWHO-vl9mj9Wi1qzu41IN70lhRI8M8MULrkL9jndrEGyLLnH9oT8K86_7aqgmhG7z-zzhpcauiSZCTMNs9FtPAa94gymTBGTC4ukokp2x_AcdN7rSYWLFyWvmaHweFEhAM3iD0UnYU5dqE9uxGVJLAhoLwTRPkwyxtBZMCyFxrioYXDKlQ1U4SDTWz66nFOky4s0GtnjPkHc7TIUoJvC0aWXc3Xd2k98V-FfF0WlKSI9AO0-EZAKzpeR-8mgH478jBeVzy3xN3CyYbOokIKIMF6xj3BDSGRJ2xMJNTQkOMv-9qf2kCxw4bft4Mi-MNoE9mzrjpwx0mTuOZdqketmNzOXyJHylCS8RD_xp5riWnHEiJ9dbIvQr45kRnbcqvyNo1HFruZA_9HyRhoO-p2tN6YbrkLpLsl8QKZLwaMs-ywAzdCY5sUZATKXBsKRqxb4Z6wGvlDR9Uysylb_RtHJ_E8VjmnrcbsI1gfRGWE-2s8hQw__SDliE2gxT-uJ4sk7Y-xyP7zioDO6b9JoBEX5BPulNcvfTPgfuYuHFLMi4-5QZkuxuvBO0gLU7HD2gZBmJ85fzmsr1-aA9DKjS70noDQTVo3zb9fw597HnAJLBXNT6v80EoF5uzucZhvbIpJW5UGYiK7IUqd8hzGfgc540_ODI2YlCx7PlxaTAhTJDUyAwSDBIhaVpnL6xWSKfctXY6P40h1jds5YClTQyQjwLef7d28nXG8bRsOtRX2B6uywBA-3woZpXgiFwhNpPosyloMtzh0UkpJuyljTJFGFwSWDPX5fQGg7iBPrZC5XF2gqwKoGZOy_C6FBwdu2Iw999UWNfqMELdehRQppIvfeBjMCU_lPc_2peZer8cdkyjDjOy6u7qXakdjUYGA6L9pjCSmbR-6fxKAaUid6SIT1GgY4iwQPTI3_X03PyA9o4QSmiLrubAOfVR5TTejOVe9yOl5y_wtADgNy1FUKpx9tvgZhVBPXt0jgjQFeNmLNVgavL0EeIqxW7xU2AiuapBfuuazkz7-dVv68NIQl_j5MkTYgtu0j7JcE6W7aBH0BRirVoarsIDKeNyADMRxKIrWE2q3XAogSAmtZo_qeA7djW9rb-aaEK46RVKOaDnSCsX9sgln_1Y2MixZ2L-uuYM7S5cteFq9HT30JbawTyRuPZBS67sAAAEHvLwsUoc82znz11JybKNoByPL-OfoiDrD271g9NAovLuEUmRwr8QvXYc2l0Gj32ZQmnRvq4za3KDi6ollGxuQfNUZbgFRejM93dF5NHahkyze8coSyVAMWdQaqGtqnc09mlXSbQWsEdzJOtETPhkigonhRL1JXrItAkOFLdg3juztT-s1qGrPQo6eeAbMwDm5pWiOGbgn8TO4yB3nKDQi-9rCM4mo-y3PM2CCcoqcrusCEALBzPmhEQw&cid=CAQSSwDICaaNsJQs7LVB8njxZGK1LDm02NEWKioxmMkwFt8XNz-MeQ1f27AV5xvwHZnE3vVCXhp8eIPTihMub0bYgJY88ZybotOYeEz5yRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffakeupdate.net%2F&ds=l&xdt=1&iif=1&cor=13121343197104624000&adk=2228999115&idt=132&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
24406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Oct 2023 13:38:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C44B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
48427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 06:58:24 GMT
truncated
/ Frame C44B 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e42256d76ecddefb56eb06f91f860eab2c64a80f4664663322832cc152ea8fc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EB48 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
110159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 13:49:32 GMT
expires
Fri, 11 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame C44B
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1475223/71249331/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-3193838836354850&ias_chanId=1&ias_placementId=20103170778&bidurl=https://fakeupdate.net/&...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uqcpZc7pNbWn9u8PoPeFuAQ&cbFunctionName=goog_wrapCb_uqcpZc7pNbWn9u8PoPeFuAQ&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uqcpZc7pNbWn9u8PoPeFuAQ&cbFunctionName=goog_wrapCb_uqcpZc7pNbWn9u8PoPeFuAQ&true_pb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H2
Server
2600:9000:2175:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 1ccafca48442bcbc69901f59de3acd48.cloudfront.net (CloudFront)
date
Sun, 08 Oct 2023 04:44:45 GMT
x-amz-cf-pop
MRS52-P1
age
488447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
ky8l2PcVyd3yUw7hO2MtLS1F-edHnDnQ67q2e7YqOpzPyJkFH8VQjA==

Redirect headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:31 GMT
server
nginx
x-server-name
app27.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uqcpZc7pNbWn9u8PoPeFuAQ&cbFunctionName=goog_wrapCb_uqcpZc7pNbWn9u8PoPeFuAQ&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 206A 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2175:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 1ccafca48442bcbc69901f59de3acd48.cloudfront.net (CloudFront)
date
Thu, 21 Sep 2023 15:36:16 GMT
x-amz-cf-pop
MRS52-P1
age
1973781
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
lYRaQrL9-SxxnVBG_I2U80e8irYN5OiRBCeR_4M-dF51WFWbgKsDGw==
dt
dt.adsafeprotected.com/ Frame C44B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=5f5c51d2-d21e-e209-796e-3d04b4de527b&tv=%7Bc:qXFqFe,pingTime:-3,time:189,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:133%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B137~0%5D,as:%5B137~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSBgN55+11%7C12%7C13%7C14%7C15%7C16*.1475223-71249331%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:0,renddet:svg.us,siq:135%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:1419:c476:4c3f:7442 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:31 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C44B 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=5f5c51d2-d21e-e209-796e-3d04b4de527b&tv=%7Bc:qXFqFg,pingTime:-6,time:191,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:191,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSBgN55+11%7C12%7C13%7C14%7C15%7C16*.1475223-71249331%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:0,renddet:svg.us,siq:135%7D&tpiLookup=ao:fakeupdate.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:1419:c476:4c3f:7442 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:31 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index.html
s0.2mdn.net/sadbundle/7789511331865690800/ Frame 7BFD 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7789511331865690800/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90f860227e821b502e8996d56a9fe6daafb00b1d45a9b162abb5155c0e8c12a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
188137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2163
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Oct 2023 16:09:54 GMT
expires
Thu, 10 Oct 2024 16:09:54 GMT
last-modified
Wed, 28 Jun 2023 11:47:31 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C44B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv656WcRibm4F63Qg8iTDdFr9z89hsKdDiuHoc_wEzFcjuZN9O3-DYt2H7Q3p3Q086ZMMTboO8xZ-D8Zg8sB66sEYG6SxOyw5kO6Hfxghrew0G-Fuv8i7xuN7pCw52jwHc4frKLvsu5m-U1Es2fMRdS8uUOHD8EA8pWq9hhf7NYKXsCtrcSgcOpFWVoH8Tzs1PRGOwkf14qfhpOpWq7z7logygWN3JF9grhdvWs7csvMbbO3Cj0zevDVhseqZ4GAAhXOxFecNZpLrW5HAIH8aFIca2zXUo1BeAhkIvBW_2K522YCoOg0jsJBj8C8BPIbyuHGFWsOj87iBK_1gdRpSnktSGr3F1UnsrWVIiaK7FA3pXxnezykgGaPxgel0qP5nv6VY5hs3G0ngu7fLJWzmbhX7rHVEmxUnnhVzXgm-KtAJvP2g95lXH5ug5d-C3Tc0RNg2k-onoIzQAtFBt62Y3H1EFry5wjIAWfIHsnTHlzfKG_zNqE1KYnjIiTz3iPs3TMMzrTbVAEmR3uN8RLUjW6cxNEXKDsscnBKovkwqO6fDYf6pgXy-lpFJ1hRaZTNQyIGDDqK_c4RKLW8GqpNGj56mDZwYty-o6yGViGISFcO_A6chIaLZCzNe4DL3POyWAAflHwQsARgNrnSpEeOy1pdDchXqtwMMAksr4eg0pyDmmAlNpN6y-xb7yde6wipkizIhg-navB6ag2tKeLUkQz7WOl352kkB2_LjWafWOEJONQhGb2Qkf-fSrj7byg-9zP-c16PRVfjngwu1oXOpJppFqtfnn8PyIwQIW4xy6tE70b980e6eOREOUgiYgv0dpcAbkLalKeOjjeyA4KBIqxOqpM6ne_C157T_XpWV2_G37BinbIkAQEDA3T8S0XKqiO_zzsKMzZ0ahIFy3F-sEZiL2uGTwFzywbQITdNkMBJLFhvt7Hh7kmmrGAGzPsCAzwU0Bj7pPAIiPimPLJNnTb_nR1rBWXPJCfTOFClr5s8mKkNzz5rVSz-BObu4Upjewpdt53-Re-S1WZ0SNbtgPyFOowgfEVnJHKnmR2h8q-nkVif7fVt4FWgu920NnoY1WyTjrhhHEqA-Xpat6i0ATiGc-5qz-J-e_-hXC0dkgoPT-WpUuk876Uq2Ft_I-O7dL6tFtIw7BYOClpM6yY0GIeEkc2IKs5Ivkuz26Pf8E6-0TK64Wxj746Cfa7BTdXvyNYM5c8iyujjaoUhsVGotADziQwz_v0SyeqNy4iUgPFyKuP&sai=AMfl-YSu1sVy8G24ZS1g1RsWaOtt0YaHiMKE3NYp7Brlzk--3daJOl9030zcm8vBRM9fcV5vFZROKebR-_2r56aameg8fJM7BdgLWvnZmY4-gqqwdVjC-1DU5Rcdvk4E3a7geNQtlN8SkrzsOqN6hCFZZvmuo5_YJHrQ9vGYk_qo1OZMHzVnEhALfrJ-obKaP_JrtolbLzYajXGqoRA06gAf7n-RX7zziGX5x3DAZJHoLahqBYbkkuJvO5LTwokC6s_l-boscusexE6rPqGsMmdCyOzqCpfxmxtL&sig=Cg0ArKJSzNbF19qT11VMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=470&cbvp=1&cstd=456&cisv=r20231004.67437&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 13 Oct 2023 20:25:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame C44B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=5f5c51d2-d21e-e209-796e-3d04b4de527b&tv=%7Bc:qXFqGl,pingTime:-2,time:258,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1083,beZ:1089,mfA:1093,cmA:1129,inA:1129,inZ:1139,prA:1139,prZ:1176,si:1218,poA:1219,poZ:1255,cmZ:1255,mfZ:1255,loA:1274,loZ:1278,ltA:1341,ltZ:1341%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:133%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:258,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B205~0%5D,as:%5B205~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSBgN55+11%7C12%7C13%7C14%7C15%7C16*.1475223-71249331%7C161%7C162%7C17%7C18,idMap:16*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:135,sinceFw:122,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:1419:c476:4c3f:7442 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:31 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
pagead2.googlesyndication.com/bg/ Frame EB48 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 22:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
166516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14821
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Oct 2024 22:10:15 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 7BFD 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7789511331865690800/index.html?ev=01_250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4da9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:31 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Fri, 13 Oct 2023 20:40:31 GMT
index.js
s0.2mdn.net/sadbundle/7789511331865690800/ Frame 7BFD 		189 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7789511331865690800/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7789511331865690800/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42a7cc281486797e01ebe3a788936ad71fe96f32b47fd27d39399345dea17256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7789511331865690800/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 16:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188137
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31574
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 11:47:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Oct 2024 16:09:54 GMT
dt
dt.adsafeprotected.com/ Frame C44B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=5f5c51d2-d21e-e209-796e-3d04b4de527b&tv=%7Bc:qXFqQC,pingTime:-10,time:895,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My43MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697228732109%7C%7C59c36be88de8511d3ea2213d9a722df6%7C%7Cf85ea0352d5e0551a31a58bbfec67123%7C%7Ced1e1a32d3aecefa39d46f6191e0222c%7C%7C1efdea48295b58063cf16a1d2ad5d342%7C%7C4d8e38315117df230cf4e1339aba0ca5%7C%7C0719f91975a156d7162b9948145c3ce6%7C%7Cb8039d4d1223991caf7e0c2b999211e1%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:1419:c476:4c3f:7442 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:32 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
log_event
www.youtube.com/youtubei/v1/ Frame A1E0 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/99faf012/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-Goog-Request-Time
1697228732129
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/N_qT1cUymfk?enablejsapi=1
X-YouTube-Client-Version
1.20231010.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgthYXlJRFZzazd6dyi5z6apBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals
dt=1697228729835&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 13 Oct 2023 20:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 13 Oct 2023 20:25:32 GMT
index_atlas_P_1.png
s0.2mdn.net/sadbundle/7789511331865690800/images/ Frame 7BFD 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7789511331865690800/images/index_atlas_P_1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d77db2c7036ebdbb7d330154ce9c1b9f526418313aa56282bf0d53cedeb88927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7789511331865690800/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 16:09:54 GMT
x-content-type-options
nosniff
age
188138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28928
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 11:47:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Oct 2024 16:09:54 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C44B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv656WcRibm4F63Qg8iTDdFr9z89hsKdDiuHoc_wEzFcjuZN9O3-DYt2H7Q3p3Q086ZMMTboO8xZ-D8Zg8sB66sEYG6SxOyw5kO6Hfxghrew0G-Fuv8i7xuN7pCw52jwHc4frKLvsu5m-U1Es2fMRdS8uUOHD8EA8pWq9hhf7NYKXsCtrcSgcOpFWVoH8Tzs1PRGOwkf14qfhpOpWq7z7logygWN3JF9grhdvWs7csvMbbO3Cj0zevDVhseqZ4GAAhXOxFecNZpLrW5HAIH8aFIca2zXUo1BeAhkIvBW_2K522YCoOg0jsJBj8C8BPIbyuHGFWsOj87iBK_1gdRpSnktSGr3F1UnsrWVIiaK7FA3pXxnezykgGaPxgel0qP5nv6VY5hs3G0ngu7fLJWzmbhX7rHVEmxUnnhVzXgm-KtAJvP2g95lXH5ug5d-C3Tc0RNg2k-onoIzQAtFBt62Y3H1EFry5wjIAWfIHsnTHlzfKG_zNqE1KYnjIiTz3iPs3TMMzrTbVAEmR3uN8RLUjW6cxNEXKDsscnBKovkwqO6fDYf6pgXy-lpFJ1hRaZTNQyIGDDqK_c4RKLW8GqpNGj56mDZwYty-o6yGViGISFcO_A6chIaLZCzNe4DL3POyWAAflHwQsARgNrnSpEeOy1pdDchXqtwMMAksr4eg0pyDmmAlNpN6y-xb7yde6wipkizIhg-navB6ag2tKeLUkQz7WOl352kkB2_LjWafWOEJONQhGb2Qkf-fSrj7byg-9zP-c16PRVfjngwu1oXOpJppFqtfnn8PyIwQIW4xy6tE70b980e6eOREOUgiYgv0dpcAbkLalKeOjjeyA4KBIqxOqpM6ne_C157T_XpWV2_G37BinbIkAQEDA3T8S0XKqiO_zzsKMzZ0ahIFy3F-sEZiL2uGTwFzywbQITdNkMBJLFhvt7Hh7kmmrGAGzPsCAzwU0Bj7pPAIiPimPLJNnTb_nR1rBWXPJCfTOFClr5s8mKkNzz5rVSz-BObu4Upjewpdt53-Re-S1WZ0SNbtgPyFOowgfEVnJHKnmR2h8q-nkVif7fVt4FWgu920NnoY1WyTjrhhHEqA-Xpat6i0ATiGc-5qz-J-e_-hXC0dkgoPT-WpUuk876Uq2Ft_I-O7dL6tFtIw7BYOClpM6yY0GIeEkc2IKs5Ivkuz26Pf8E6-0TK64Wxj746Cfa7BTdXvyNYM5c8iyujjaoUhsVGotADziQwz_v0SyeqNy4iUgPFyKuP&sai=AMfl-YSu1sVy8G24ZS1g1RsWaOtt0YaHiMKE3NYp7Brlzk--3daJOl9030zcm8vBRM9fcV5vFZROKebR-_2r56aameg8fJM7BdgLWvnZmY4-gqqwdVjC-1DU5Rcdvk4E3a7geNQtlN8SkrzsOqN6hCFZZvmuo5_YJHrQ9vGYk_qo1OZMHzVnEhALfrJ-obKaP_JrtolbLzYajXGqoRA06gAf7n-RX7zziGX5x3DAZJHoLahqBYbkkuJvO5LTwokC6s_l-boscusexE6rPqGsMmdCyOzqCpfxmxtL&sig=Cg0ArKJSzNbF19qT11VMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1160&vt=11&dtpt=690&dett=3&cstd=456&cisv=r20231004.67437&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: fakeupdate.net
URL: https://fakeupdate.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C44B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudup5M1G31fqdZIzPoEc-Dz3BMw4sTH2EIlDNQX2P3HhXJ1UM7RTMqubFrp4xMf074F0qXaXmZDfCKNP3Sp_w9BnsXddUVQx0RO2H3-sMaJt3Xrr1QYUcxPGurkUBW-PUo-84iB0rAr0ON&sai=AMfl-YR_FNN6HbgepOc4lEiJRuIGwnbSIi4tXweUgAPKIyVJiimpCb_4kSVZRBrJQCDbMJnq5HbduWJ2ndBPbZM5zmihzDRuo6CbxufK-YUaXcxF4U7jpDsVdZXW864LSdhEVf3oB-2w8xdF8vE0&sig=Cg0ArKJSzJ9TvAirBSIQEAE&cid=CAQSSwDICaaNsJQs7LVB8njxZGK1LDm02NEWKioxmMkwFt8XNz-MeQ1f27AV5xvwHZnE3vVCXhp8eIPTihMub0bYgJY88ZybotOYeEz5yRgB&id=lidar2&mcvt=1022&p=0,0,90,728&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1524072864&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697228730132&rpt=976&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB48 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlOjAuqcpZc7pNbWn9u8PoPeFuAQAAAAAOAHgBAI&bg=!cXKlcj3NAAZy-tsgUvo7ADQBe5WfOJbl6af0bQ7OQHbaszmc5cUVRU1YKJIr_gJifARK6fqkdSWacw7OevNZd7dFrAqvAgAAAfhSAAAAJmgBB5kDK3c8GSCi0zjtYuFyXZNF5u-ofUYJkzNYaOMAEs7zgDbUhyCVUvdbhboYmrLIJDXTSeCC5GV4wkAa3rIntzWlKgP3KwPickn-vKrIMWBYQkudAciTK-NxQ57DBV2rtGO2t3hCIFLJk2Kguu8M9cJxw2cubomNpy5h96s_itl4hSq8mTFpNvH8XG6aMewuZ82poSE6VBuPXBirUx1NtzD7uDUtmgT2_tJcUdWLLMm59gPVJ3U3Dg1QXiDBoLgvc3d3OHbluPmQ_ZqpPWERBOfv7E1BKaSePnVjpDeJhT-0O4eaAaWqBUJQ7R1Si68f3Hvmsk9HP4MYzAuhjek0GCuOzv2G5HAF2FS6frhBGhCOfGZ8QW64HTLB9I0j2C4GrU5lAmx0HwXsVOxJsP3qVGPPFB4BV_XxKQO5XOBb6z5RhHimXjOWOZCuJGEtJX3ew1XYU9aRjLtAHqBvG-59HJiQ4903ZH1YFFQ0Bq7zAp93S4Tm2NGVVXT6jlFgeLo1lo3ObtSRdtNTdKV7UkyWVTOqQh__kGtYJAiVf88DIKjbLOQPgs9HlMbmfEaGVFEhrIus78FFTpHLpwkVajwFrgjMa0ytm32nxGUa_zzhOIkq4wAtLP8TaA6IB7zMMJ9hoSiRLtiZAaj-yWc5Lx_fFJF6KyCmlDbCJ6bjaSsyerQ-7DzjvQlQvTgvMIrayZqhVrlT6kpUn77FkTg8nBREek5rIClHVk6d6uIBEjvQN6-M8rbY_RSIdNeQeDoMw3tUjwcozs2r1TvGylxZpCirCP9uAJB-mM3lbaHyYMER1XefKA9BV5zoZLDIVJd0Ax5MqkTCZo_9uVNHTNUPePtPnZyAb8uJjWSU1MWVKTCe_G3JTEar6cNj6vsJgCPOyPekTskmNhFnBT_O628T1KOW30ZuvW7oEiPvaqfgk08SW925hjGyZSaqVbt_uWBgAappvhn0GhpmGatLml9sHjuD0D87BmmgGEoK_pdCUAxDnlFiwf95XLF-kGUkkqSd4ynKRq5WZXgNpuKnQYoYSQimguPZtOkdbCVKlAclFwVGHYmC8H3OrqKYBGTZ3Wp9kW4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C44B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=5f5c51d2-d21e-e209-796e-3d04b4de527b&tv=%7Bc:qXFqS3,time:984,type:e,im:%7Bpci:%7Btdr:849%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:984,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B931~0%5D,as:%5B216~0.0,715~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:539,fm:tSBgN55+11%7C12%7C13%7C14%7C15%7C16*.1475223-71249331%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:135,sis:304%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:1419:c476:4c3f:7442 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:32 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/7789511331865690800/images/ Frame 7BFD 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7789511331865690800/images/index_atlas_NP_1.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3193838836354850&output=html&h=90&slotname=8817327994&adk=1524072864&adf=2990025865&pi=t.ma~as.8817327994&w=728&lmt=1679895908&url=https%3A%2F%2Ffakeupdate.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697228729547&bpp=227&bdt=277&idt=558&shv=r20231011&mjsv=m202310110101&ptt=5&saldr=sd&abxe=1&correlator=8173688830837&frm=20&pv=2&ga_vid=1955876280.1697228730&ga_sid=1697228730&ga_hid=1917345730&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=842&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078593%2C44798934%2C44805099%2C31078773%2C44803793%2C44804179%2C21065724&oid=2&pvsid=4012537199446712&tmod=35649861&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Dt1pulH4aZ&p=https%3A//fakeupdate.net&dtd=581
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85afca69f3bbc2074d63c5e7a9b697b1552be9a79a11aec967fe2ab9b058d5bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7789511331865690800/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 16:09:54 GMT
x-content-type-options
nosniff
age
188138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97482
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 11:47:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Oct 2024 16:09:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3193838836354850&plah=fakeupdate.net&bust=31078773
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccba5caf7bb4c74b3a8f95b7be6f65485af72a072a1639207707607fa0ab1ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12356
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3193838836354850&plah=fakeupdate.net&bust=31078773
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 20:25:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F62 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fakeupdate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 17:20:23 GMT
expires
Sat, 12 Oct 2024 17:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3820 		829 B
990 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d223cb293c5898ae7783a6e727e779eab784fb9c9fa9c390f7e0e4bf37c0c6f9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wSakRgLqnjanvwMY0M6c8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fakeupdate.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wSakRgLqnjanvwMY0M6c8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 20:25:32 GMT
expires
Fri, 13 Oct 2023 20:25:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 3820 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=4012537199446712&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 8F62 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 17:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
12171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Oct 2024 17:02:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 8F62 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ISQjNw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:25:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C44B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4830963654271&version=m202309260101&ct=76&x=1&cor=13121343197104624000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C44B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=5f5c51d2-d21e-e209-796e-3d04b4de527b&tv=%7Bc:qXFrdQ,pingTime:1,time:2335,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:133%7D,%7Br:r,w:728,h:90,t:269%7D,%7Bpiv:100,vs:i,r:,t:1270%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1065,o:1270,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1217~0,0~100%5D,as:%5B216~0.0,1001~728.90%5D%7D%7D,%7Bsl:i,t:1270,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1072~100%5D,as:%5B1072~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:162,fm:tSBgN55+11%7C12%7C13%7C14%7C15%7C16*.1475223-71249331%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:135,sis:304%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:1419:c476:4c3f:7442 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:33 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C44B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=5f5c51d2-d21e-e209-796e-3d04b4de527b&tv=%7Bc:qXFrdY,pingTime:1,time:2343,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:133%7D,%7Br:r,w:728,h:90,t:269%7D,%7Bpiv:100,vs:i,r:,t:1270%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1073,o:1270,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1217~0,0~100%5D,as:%5B216~0.0,1001~728.90%5D%7D%7D,%7Bsl:i,t:1270,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1073~100%5D,as:%5B1073~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:162,fm:tSBgN55+11%7C12%7C13%7C14%7C15%7C16*.1475223-71249331%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:135,sis:304%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:1419:c476:4c3f:7442 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:33 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=4012537199446712&bg=!vr2lvfLNAAbFpEfJ5aQ7ADQBe5WfOB27bv0_bRPlwuiqbeAZjflERcuNnZVPLOTZnOF06y-Fuj1te6prnYBsFNOZ4BbhAgAAAUpSAAAASWgBBwoACJQOTFdLOs_nmQLfpakUdjiOZz_vJnhccs3H9s8IxMFGJGkvK26H47z5e9WxPVejvXpOteldn0YEHpa45-F5Zclv1exyb-L-0C-h-G0KJHrvFFnXaZ7NVwH8a1RnzJRpTdjNjVVzqkr6FdRNMdRNhmj_na7YS5ZKvzzobUYfM16p1v_AQbIyrzyZLsZKWpFHjlAKxonPpGjOI0fiePIRS7K8eOTKIk-xgw5_9zWOMayiVU__aKcTNt7yUTo0aP7aoMZnckU2e_U5GbkPyjZaR6fL4pmhzYN6fML8ddDOJrcvDWJ3JB6a81QtPaLY_Nw6PX3uNv-Ws67qQEXxgtkvnMEMmVamCqQKbYiIrcobTwgqqdYSVD94gC0iOShFNfX-wuCksnUtr3DdrVJmtZ2YR1xRUI1XG_gKgdB9xnSRXLaWGVGlGuxkI0RiGgtmo5qJ10LRrg7TDORoXxiujd_AutCP2pmlcRyWeoUZqAQc6PeuyvXi9qJJQqpN4AEgmclvKp_OE4d0YBKRgQ6i-GWDwpKZogQuLvzUzWB2r8hmio8Ax7cR_Y0gPDnjin8noOq-2Q7PS3W9RrXxW7sjyeOTsBfTvqO0WHjFQ3JySFi4VkTDxfCdXK_jOx4ojwDbWsTvrqx2e2uaJr0KMZmy-40cbQksnRVbL8Ve18GValbHtuW0SRns6WxGK348VxMcgDjV23KsMpGAUqKmMg2gvArBzrNwZLO-px2aJYF_Jk67u_68IPm6JBuWxQ0N0DjNrI9NPBGYibN2RFixPRqfUCUuW6HHh5v7yKWua4y6YQUhMxmtxDgjT5APVIZQaaAYkthsYZykZ6BVgjwTka96wCghzCyNmXIgpXoEX3VtI_FEn9nzVtPnW3aNIzX7P2bu5MLUA7lh4TxPhCQIim8wdCleJ2gegbOV_87L_in0tmKPamIUtgv0Hrdv0qkYeQdLDMq-XDBaoevhf7u_WJ_J_B1ikTrVGRhL7MdHuDXd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fakeupdate.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame C44B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=5f5c51d2-d21e-e209-796e-3d04b4de527b&tv=%7Bc:qXFsfk,pingTime:5,time:6271,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:133%7D,%7Br:r,w:728,h:90,t:269%7D,%7Bpiv:100,vs:i,r:,t:1270%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1270,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1217~0,0~100%5D,as:%5B216~0.0,1001~728.90%5D%7D%7D,%7Bsl:i,t:1270,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:136,fm:tSBgN55+11%7C12%7C13%7C14%7C15%7C16*.1475223-71249331%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:135,sis:304%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:1419:c476:4c3f:7442 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:37 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C44B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=5f5c51d2-d21e-e209-796e-3d04b4de527b&tv=%7Bc:qXFsfk,pingTime:5,time:6271,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:133%7D,%7Br:r,w:728,h:90,t:269%7D,%7Bpiv:100,vs:i,r:,t:1270%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1270,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:133,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1217~0,0~100%5D,as:%5B216~0.0,1001~728.90%5D%7D%7D,%7Bsl:i,t:1270,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:136,fm:tSBgN55+11%7C12%7C13%7C14%7C15%7C16*.1475223-71249331%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:135,sis:304%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:1419:c476:4c3f:7442 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:25:37 GMT
server
nginx
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 string| GoogleAnalyticsObject function| ga function| printMsg function| toggleVideo function| $ function| jQuery object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| __twttrll object| twttr object| __twttr object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_daaos_ts object| google_erank object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpi object| asptt object| asro object| sepiia object| asiscm object| seiel object| asla object| asaa object| sedf object| sefa object| sugawps object| ascmds object| google_shadow_mode object| google_privacy_treatments object| adsbygoogle object| dataLayer object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

15 Cookies

Domain/Path Name / Value
.fakeupdate.net/ Name: _ga
Value: GA1.2.1955876280.1697228730
.fakeupdate.net/ Name: _gid
Value: GA1.2.1733085842.1697228730
.fakeupdate.net/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: flSwnyLjyH4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: aayIDVsk7zw
.fakeupdate.net/ Name: _ga_YD6QLMNJS9
Value: GS1.2.1697228729.1.0.1697228729.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUlkdNiZfvITP-H85Sb4OH_qXPdhX7q375BvKqwswhAFo7WjoI2BOLAK9YpB
.casalemedia.com/ Name: CMID
Value: ZSmnuqkmEYMUUQM3PuRqMAAA
.casalemedia.com/ Name: CMPS
Value: 2227
.casalemedia.com/ Name: CMPRO
Value: 2227
.adnxs.com/ Name: uuid2
Value: 8670183419012830222
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlbmYySf!]tbPl1M>e)ZlrFUfJ+tGXxomRf`kV@.w#:HPCNHUA$jN>>A^0[8/W0gBytC3If)y3KL9D3I?+^gWN^0
.doubleclick.net/ Name: APC
Value: AfxxVi67TxGaJI79CYTn7EL3SY_vzQ_LHe21RU9l90iuW5ba3ujUUw
.fakeupdate.net/ Name: __gads
Value: ID=1298e98202b85fe9:T=1697228730:RT=1697228730:S=ALNI_MbUZHDfHdai4lvghZBw1Rc0Mz844A
.fakeupdate.net/ Name: __gpi
Value: UID=00000c97a00d46b5:T=1697228730:RT=1697228730:S=ALNI_MbrUXHLEg_7R0oUk1WHyxFtnu1_ww

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fakeupdate.net
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
jnn-pa.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
region1.google-analytics.com
s0.2mdn.net
static.adsafeprotected.com
static.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
104.18.26.193
104.244.42.200
142.250.185.130
142.250.186.162
146.75.116.157
2001:4860:4802:34::36
2600:1f18:1aca:4282:1419:c476:4c3f:7442
2600:9000:2175:8a00:8:48e:53c0:93a1
2606:4700:3032::6815:361e
2606:4700::6811:180e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2016
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a02:26f0:3500:6::17d8:4da9
2a03:2880:f177:185:face:b00c:0:25de
37.252.171.21
54.76.47.0
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
150220933003cf016fd13951ed557a4dad49573f91fc1411e3001cedf93c496f
151d59450184ea5cc5a7c111b04c6b6553e67e6ae924b63a8441dfcdeb38109f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1d5197dcd797ff593a393617ed3331abb4cc43e731b412e42f0f56d3b8e67f0e
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3519a8027c56f18b25c4f8236946a6d627c7841f7facd577810f9fa3b2ccdd52
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40644628946332f66c49f12d4e48dd3c56777ef977d9f737c45a63b0f3ce5bbe
42a7cc281486797e01ebe3a788936ad71fe96f32b47fd27d39399345dea17256
43413995f1f49404432f2926189ed51d915e2a728d966165dca20232c91474da
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4802499c63d2e6e19004b408bfb4852b15f9540311eee943c0bc2fd2a16f5949
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
607ff69a26e07e4f9c3d8b2893e8f43dee37fc25b1d9590eb5a90ade2e2c52ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6ef64778599fe439848fc6d187af043565c206d0df34134367073bdf60ecb99a
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
73cce5aa769833efac4a35709bc1f036d8780541a7e451288392591ea5085ae1
73e00bca7a06a81607918516a7303dae49f5a27b4955e2cd97153fa6e31ec8a4
782a985c52ffd8a29e764698cc3d3bf67d2ea18e43a628697d1ce26035421965
7beb0c53a82151bd6bba2fe3a370f76af882edc9e4998147e80a638964856030
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
8290ad40ac2027d9a1c629cbb0106fea28df654f181f97900f5a154a8a4d4858
8308dcd44b0353aba5b383d4afcd9d927b168879ad1fb4b17ff34cb2d65f1271
856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7
85afca69f3bbc2074d63c5e7a9b697b1552be9a79a11aec967fe2ab9b058d5bf
87ee0b30227febd044b55a5fba34452126042938490f77e58aa255e104f42934
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
90f860227e821b502e8996d56a9fe6daafb00b1d45a9b162abb5155c0e8c12a9
92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
95252e23463ed09d33676a3b1b51d9e89a6927b8eb3ab6ae9ca3960f81d8db90
95f04d26db95a0751e381aaf1164839e947aa24aadde6a4b38167c3cf8fad74d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2858e3f2a6d4f45c3ac7fc437c9f668d7b9ced76ef9e362d5129da76fd02b21
a287be710554c3741b70e5a07511903de728248f02766390fdcc4b57e413a730
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af7ffff44add144cd4d3d78ae3bb377921c9f6f10aebb9965e85cb16c43672bd
b0983d3b049412f41efa52320538de65a976f4ca5a16d3578856dab59836d13c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1d1ab20d78c80c5057b793854dacaf8b09d0221d5339fae079f7a64a4b861ba
c45b1bf2e93964a0c63249c9b1e53537fdc953293b16d1288354aee39b44acbf
ca5ec0ed8ffc6a5a23f5968ef87f4cfa571f0f7d74f3bbca1ba553b8a9f674b9
ccba5caf7bb4c74b3a8f95b7be6f65485af72a072a1639207707607fa0ab1ccb
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
d08d5e76a3d36d826f4e450a594b92059b0ec258c3fd0f8889e0ead1fe9b8d2c
d11a0cf76becb7b7167d927824b0d39a899ca10aafd158893b884b6d8ceae037
d151cee42aef15964c2591cd563bd396f1ddb52a1c4a822990e0d0c2465827a2
d223cb293c5898ae7783a6e727e779eab784fb9c9fa9c390f7e0e4bf37c0c6f9
d452ead97b55f21aa9017e9a6f1fe20b8880fa46560f87e92f2f80d8698f89e6
d54e72f60515d8419c9d00be5c022a8bb8408d87150ad9945add926facdaa4b8
d77db2c7036ebdbb7d330154ce9c1b9f526418313aa56282bf0d53cedeb88927
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42256d76ecddefb56eb06f91f860eab2c64a80f4664663322832cc152ea8fc9
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
ebf592802aea6f82a5e0b675cd352f3b2e832404a695234ff38605ebb6982863
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef56f3ea9645bd0ce011acc8b7c1ed77227b28b550a935d8cdec2f904fae5b83
f0c3d0bc233ea0399082b6f06ddbca59157df3ee3b4888aef56998d42c53175f
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca
fce756cc852c212dcb3695e2cd9c1b2d00c4443ad437bab1daac8845bf831ec7
fd88d7d9f9f6b6e8e82e2e76abf6fddf174511fc169e063b763dff64638815e2