upfilesurls.com Open in urlscan Pro
2606:4700:20::681a:98a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://upfiles.com/wbmWHW
Effective URL:
https://upfilesurls.com/wbmWHW
Submission: On June 25 via manual (June 25th 2023, 1:58:32 pm UTC) from PT — Scanned from DE

Summary HTTP 134 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 25 domains to perform 134 HTTP transactions. The main IP is 2606:4700:20::681a:98a, located in United States and belongs to CLOUDFLARENET, US. The main domain is upfilesurls.com. The Cisco Umbrella rank of the primary domain is 826500.
TLS certificate: Issued by GTS CA 1P5 on May 27th 2023. Valid for: 3 months.

This is the only time upfilesurls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:480c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 13	2606:4700:20:... 2606:4700:20::681a:98a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.109.87.190 23.109.87.190	7979 (SERVERS-COM) (SERVERS-COM)
2	2606:4700:303... 2606:4700:3030::6815:565	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e2:... 2606:4700:e2::ac40:8b25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225b:c600:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	108.138.36.46 108.138.36.46	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	99.80.64.147 99.80.64.147	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
32	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
134	34

1 2606:4700:3031::6815:480c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

upfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:98a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

upfilesurls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.87.190 (Netherlands)

ASN7979 (SERVERS-COM, US)

cschyogh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:565 (United States)

ASN13335 (CLOUDFLARENET, US)

asacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8b25 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:c600:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-46.muc50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.64.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-64-147.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155	229 KB
19	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	289 KB
16	demand.supply live.demand.supply — Cisco Umbrella Rank: 40755	35 KB
13	upfilesurls.com 2 redirects upfilesurls.com — Cisco Umbrella Rank: 826500	349 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	257 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114	7 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	112 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	316 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	25 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	12 KB
2	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 33131	417 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	142 KB
2	asacdn.com asacdn.com — Cisco Umbrella Rank: 234761	66 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	878 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 29182	468 B
1	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1996	906 B
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 49550	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
1	cschyogh.com cschyogh.com	1 KB
1	upfiles.com 1 redirects upfiles.com — Cisco Umbrella Rank: 877865	1 KB
134	25

	Domain	Requested by
32	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com upfilesurls.com 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
17	securepubads.g.doubleclick.net	upfilesurls.com securepubads.g.doubleclick.net live.demand.supply www.googletagservices.com
16	live.demand.supply	upfilesurls.com live.demand.supply client
13	upfilesurls.com	2 redirects upfilesurls.com
9	pagead2.googlesyndication.com	upfilesurls.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	adservice.google.com	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
2	googleads.g.doubleclick.net	8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	securepubads.g.doubleclick.net 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	youradexchange.com	asacdn.com
2	www.googletagmanager.com	upfilesurls.com www.googletagmanager.com
2	asacdn.com	upfilesurls.com asacdn.com
1	mug.criteo.com	upfilesurls.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	region1.google-analytics.com	www.googletagmanager.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	www.gstatic.com	www.recaptcha.net
1	datatechone.com	cdntechone.com
1	www.recaptcha.net	upfilesurls.com
1	cdntechone.com	upfilesurls.com
1	fonts.googleapis.com	upfilesurls.com
1	cschyogh.com	upfilesurls.com
1	upfiles.com	1 redirects
134	34

This site contains links to these domains. Also see Links.

Domain
upfiles.com
youradexchange.com
sulvo.com

Subject Issuer	Validity	Valid
upfilesurls.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh
cschyogh.com R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
asacdn.com E1	`2023-05-13` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2023-06-21` - `2023-09-19`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://upfilesurls.com/wbmWHW
Frame ID: 07400577B2809E5CE67A704552BE2FFC
Requests: 81 HTTP requests in this frame

Frame: https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: 7B0EFAFFE912DE8996DA33F93CD8A5F7
Requests: 2 HTTP requests in this frame

Frame: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 66F9D76B4CA61DAAE621F3B2AC0234DC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=upfilesurls.com
Frame ID: 99C7173DAC2052861ABCF9942999DE3F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslKto5N_qCOXh1VdHzLYNobqtla6MhQQ-9HhEENcCMhvAq4VjCFOeck2QT2Zt8iUmRd5BEaiqZ8YgW7QtiJrccVTaNKk6xnmd7sdGOYDQgT55RTunh5kbLt_ETdEPw882TMiLCN7fhCvyI4JVLl9cOMUVyUk_jjJfJAicrCf_ZwkiE5gxaJzjXU5RD9PtTlH5jupFDmHIT8m_B338xantNE5mXdA8uU2GGgVdNXsa_Mgo80D46ZVWAO39ABq2ChRezq5usjY4ez3wsllId5S2YLR9Ri3LS7mEnD52h7w_5nDCzhyKWFyhCK23saRYPvQSztHuu7Zcm85hqVdXcfgvifP-PEicHLA&sai=AMfl-YRBB8tWcJ5zhqnN7G-3lllGwm8aC7htj_MXN8jNHs40Fdinj6qZBzjNQAiqW7mtxtcfgK97SRWDY2ZdQLOF6eZbfqBQeEFhcOf8EQoOA7Bvp0xH8Us-GbJWg35Lkarca7WPHOsznIoIbqdWH7KS&sig=Cg0ArKJSzMG9KAsDxPNREAE&uach_m=[UACH]&adurl=
Frame ID: B93D905370A581ECEA12EE6B621FD6F9
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C14DAE5E8373F006E2C97E0219D9FC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 029AC1EAE5A671F74FF10B2CAE7550F3
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgn8yZs1yDLp3iQasSGxfjPOcHv9EoW58dKHYSKDYq5wPQaYJaUlS-zM_OtCpyfRyrq74ZC8vssP7oF1G8qAAvWL3zgn_tp1mJuZQ662m2EujiW-bI90rjV_cbL9m-ra_evUNTzbN0xVX_EvJzPpfMz0ztP3Q7iZrdrQB6ZmGlKG8jzoQ12_IyWjBX3x3YZBTrrHyzMYa7FPZMeV2Pp7UoPYkTNnVQFtEDleePWi1N8MswPZoYpd1XhsuVXwYbNEWBLQT8TRQ3mHEMCmNu7t4lwKEU4p6LUHkplznBOBfAl5VML3UOM1o6sIetWMAq7TVHjYeB_97_m-BWgklTJ3KbjDwT4Wsf6wZYzhrWIT1nfrQMi9c3r0q_HlgJwm7KQOKf7sPNl49TFBL2PR0&sai=AMfl-YQZMNpxSQZ_upGy4mWmwxagHwfiGYJKUEjSkZmqemi3MW6tyGK7AfqBgP32HZTLR50eVQAGNbXkYZvqIP8HOdjhs2wKbZlR7NvYlkKc_Nb_zeSVmVpyTfNVZeilePY&sig=Cg0ArKJSzDolkCLIwAUzEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AB8017B9DBAF63B614F6AB9CDD8FC8D2
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2ztZwMYW_8peETdkOn4R77L6Lpgs_afUR4K8d-MuctnOaqreErDRaNRAMCL1mdzMIkV8-kvJNijJ6MBddlyiSUmqu3y_SRFxfgDcsJntA2o1nPnc1Y7MZ84UQMcCLCnNlTMmXHGz1eJ9Yb10Yhy2SeO9qYpCaZf3VB5WE-XnsppMsRz9nd-nJTawAEq8GEKQO8DoCbp7ui8cg7DCZkRf0E9Kj51igQIWjVNeoxzzZBKaoNSks8lo58yp3FSMx0T9V0rsVZFSdKqSNunsWEJaITXOfrf0zAqOABTAav9FMbqAc5n0rJTInCfX6ex6UGwwiNMm57Mb1OMt-gT2ihh1SF7aYCNjnD0jBGEvyZMfv2SXJMXU0kcmlPHGzbnX_qZYHxLRa5znGAHUiMw&sai=AMfl-YS8Tqo29L7_eDdx4CK7qxIc7Ko1vLlTLOn1TKowciBpHhMPsESBaidtRirvp0VXmGsmwspU6_JPM3LLHVl2HLpA27cI8C5rUP7zWpF81r4bT-PDtjUqwzgv62hF7Y4&sig=Cg0ArKJSzJ8KFOKlsVeZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6A3A7B17464EAE5C34391707551A49FA
Requests: 2 HTTP requests in this frame

Frame: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 52DE48AD2CA1259B5A4D68ED506AC7A9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Frame ID: C7D5A5A8E9DD1B84CD45C1B56CFD2083
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9231D34A2D4BB018B3B6C0722830FD54
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IMG_2951.mov

Page URL History Show full URLs

https://upfiles.com/wbmWHW HTTP 302
https://upfilesurls.com/wbmWHW?auth=eyJpdiI6IkdrNHJ6dWFaV3pBVmFJNFpzK2hLTWc9PSIsInZhbHVlIjoiUzVzWW1O... HTTP 302
https://upfilesurls.com/wbmWHW Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

134
Requests

96 %
HTTPS

76 %
IPv6

25
Domains

34
Subdomains

34
IPs

6
Countries

1577 kB
Transfer

4579 kB
Size

22
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://upfiles.com/

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/payment-proof
Title: Payment Proof

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/payout-rates
Title: Payout Rates

Search URL Search Domain Scan URL

URL: https://upfiles.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://upfiles.com/register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://upfiles.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/faq
Title: FAQ

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/terms
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://upfiles.com/page/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://upfilesurls.com/wbmWHW&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://upfiles.com/wbmWHW HTTP 302
https://upfilesurls.com/wbmWHW?auth=eyJpdiI6IkdrNHJ6dWFaV3pBVmFJNFpzK2hLTWc9PSIsInZhbHVlIjoiUzVzWW1OTzNJNHhaQkxlWlIxZW1rZz09IiwibWFjIjoiZTk4ODU3MDUwMjE0YmUwMjg5NWMwNDkyOTkwMzg2ZDJlZjU1MTRiNzFkMzA1N2Y0NTUyMTJiYmYwM2MwNGM0ZCIsInRhZyI6IiJ9 HTTP 302
https://upfilesurls.com/wbmWHW Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

Request Chain 57

https://gum.criteo.com/sid/json?origin=publishertagids&domain=upfilesurls.com&sn=ChromeSyncframe&so=0&topUrl=upfilesurls.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ZZ7963xMZG82c21MLzhONzQ5U3Z3TFgwbWtpQXdJclUzMnpIUDdIRnpVK2hSSER2ajBYYi96cnhZbW50OXp1YWhNMGpjNVY3dWMzNGhzdTZMVHBXZ3BzNExsQmJnMjBucWlaYmE5UFdZVHpBMTY3YThqL0F3V2pPS3RacHRYMXFUdGxZQ1czTFBlMXkrSlZWV3FrUFcvd0VHU3phcVdPOCtBY0hOeEhFbmg0NklVY2ZldzFMbnNMYS9zZ1ZVRERhQmsyNmFuSzhnT2dQYTZ6Y1dxcjhmYlJKUDZPVEsrMWtaNEpOaC9NVjRsUktuNEdaVE9PQTRYOENsL0JDNkpKblFlaExzdzYrTnExNlYyd1VRdlNRVVFMVi9mN3U4RmdlUkl6Y2Iyb3IxZ2VEdEFuZz18&cppv=2

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

134 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request wbmWHW Show response
upfilesurls.com/
Redirect Chain

https://upfiles.com/wbmWHW
https://upfilesurls.com/wbmWHW?auth=eyJpdiI6IkdrNHJ6dWFaV3pBVmFJNFpzK2hLTWc9PSIsInZhbHVlIjoiUzVzWW1OTzNJNHhaQkxlWlIxZW1rZz09IiwibWFjIjoiZTk4ODU3MDUwMjE0YmUwMjg5NWMwNDkyOTkwMzg2ZDJlZjU1MTRiNzFkMzA1N...
https://upfilesurls.com/wbmWHW

31 KB
11 KB

1806ms
1806ms

Document
text/html

2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/wbmWHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f402b53d80e27a61dd7f1a316749c1bc55b336872d462e09c15561f59c33a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7dcdb9999c17913d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 25 Jun 2023 13:58:24 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TI3azr%2FYC%2B9YM7va%2FqIkAeKaqfe%2FKVJGAhVOnNQpkq5dwjLNzkLN7yZpNnT31cufEBJiNuxRCKMNJLBjeoYHiS9%2FGBiMoq5i0keHFOzNEa7%2FPW0XWV9Gy28BUdalOEQ2a5fFunncqfXpTy%2BPyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7dcdb98f1cbf913d-FRA
content-type: text/html; charset=UTF-8
date: Sun, 25 Jun 2023 13:58:22 GMT
expires: -1
location: https://upfilesurls.com/wbmWHW
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14sdgUGS9N6Nm3KBMsWBD16vrRFiN6Eu7mfFsqky4O8xIqzmGvkMJtXdLuhqIuwTWCprzfdnY1sUh86Ikpx%2BVxcux531INvUTuyhGmvZyxzEWtPtrY7SJPRN4JE3aBayLvEyQCr8kSTyGa2WCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 frontend.css
upfilesurls.com/css/ 255 KB
47 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/wbmWHW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15719173
content-encoding: br
cf-bgj: minify
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
server: cloudflare
etag: W/"63a354a4-3f918"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJSMV6k8S9ezS34RLlefezLBUPQbttpn6T9%2FdvnKSwAkIoTaduhGFBN6onoNw33QXR1bwWA8C2f0Rombx0YCXq%2BTEDxoA%2Bm%2FH%2BioVnlYd357dQcBoY85r09opJLaS544pWnRT8tg1Ig0iFJnsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7dcdb9a4fe2f913d-FRA

GET
H2 200 logo.svg
upfilesurls.com/img/ 22 KB
6 KB 17ms
16ms Image
image/svg+xml 2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/img/logo.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/wbmWHW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166694
content-encoding: br
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
server: cloudflare
etag: W/"625014b1-56e8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAMrdm7wl8lF2lsdaIjOndxBLPqV446o2MoB0FIKVv%2BMF32cI9AXTIk4VaCkAET9sVVNwWfosnVBAZlP%2FUE447xSmYR37iyDhZO9AEqyDT%2B6iGYGPKEKYh0i2Anm5baynQrCc78I5VcbY4AM5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7dcdb9a4fe31913d-FRA

GET
H2 200 menu.svg
upfilesurls.com/img/ 2 KB
791 B 16ms
13ms Image
image/svg+xml 2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/img/menu.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/wbmWHW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166694
etag: W/"63d009ce-72e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoGPXDMoTQJelO4xG9Jejuy6wBUMGol7pSzTPfq3%2F%2FVFry3I0HPs66eeuhLNQHqrVRV8T7iXBAwVy%2Fh1nUaLz2o%2Ftc%2BA3B%2B2c05JSkA82nJvCSkLVRStGtkQky7mEhVAC%2BptIOBcplBmh%2FBm0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7dcdb9a5df71913d-FRA

GET
H/1.1 200
OK 34742 Show response
cschyogh.com/1clkn/ 0
1 KB 246ms
33ms Script
application/javascript 23.109.87.190
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://cschyogh.com/1clkn/34742

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.87.190 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 13:58:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 suv4.js Show response
asacdn.com/script/ 108 KB
37 KB 70ms
36ms Script
application/javascript 2606:4700:3030::6815:565
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asacdn.com/script/suv4.js
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:565 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd8d05118a2d083ee3b429fcaaf069ab9f1f79ee743d4546483be8873f7e16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1216
x-guploader-uploadid: ADPycdvlz5VDYE3lhl19PRmhe6QwYry6oEwUsxI_bfLgJSvpxVwloKNhU5ni8WKABnTHA-5y_JNsu9W3A4KHkkQI-Uy_
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Jun 2023 08:29:36 GMT
server: cloudflare
etag: W/"672a833f03035f63d241997808615c91"
vary: Accept-Encoding
x-goog-hash: crc32c=O0I7jQ==, md5=ZyqDPwMDX2PSQZl4CGFckQ==
x-goog-generation: 1686904176921820
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lz7vG5D3tdBEAD4Lm0za314AMeqVq7YaMN1UD%2BHfIoKVGNBJFpM34dG6sniYdC7jBhZKf1EO4FVmxpbfAxobR7LFTzPbNtKp3%2BtBVjoN4qKYbtfejN47Inz%2FFg4S7uasxAUqrCYMsAU%2F"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110518
cf-ray: 7dcdb9a54bc837c8-FRA
expires: Sun, 25 Jun 2023 14:13:07 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 134ms
92ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc5c1dcaab369b460b277e1095633fb4a3ad90932355b2543a45ed8a91ea4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26460
x-xss-protection: 0
server: cafe
etag: 980 / 19533 / m202306200101 / config-hash: 3635630053877940451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 13:58:25 GMT

GET
H2 200 faqs-image.svg
upfilesurls.com/img/ 37 KB
13 KB 19ms
16ms Image
image/svg+xml 2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/img/faqs-image.svg

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/wbmWHW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 613973
etag: W/"63c15cbf-95fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMT5ibD4YfemDN7g6MARs2TukT0TE5LF4MeMCN2TY9cOumesbWFL3ZS9tBG%2BaXayqBty6yaPCiswYp9cIcTpvMY0Wglzv%2BQ9pJLdQ%2FgmL9w36Ax47O835pCmAdAAJr%2BJZL4FZ97XuI29du9LTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7dcdb9a5df73913d-FRA

GET
H2 200 plane.svg
upfilesurls.com/img/ 684 B
708 B 23ms
20ms Image
image/svg+xml 2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upfilesurls.com/img/plane.svg
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/wbmWHW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166694
etag: W/"63c15cbf-2ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SergD2TIzJL2dNmkgwObpKxXtOGXhKtQ2folI9TAZa92zzM7rRa1uzTKhuckl5Wsw%2F4LXwrMPGh3SvVCwiId4WLJVpBPlu9jSnnwbtzgcsLi5O38q6gBraY14qkx5MKhNGUpTNw9wmTABNBibg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7dcdb9a5df75913d-FRA

GET
H2 200 ads.js Show response
upfilesurls.com/js/ 2 KB
1022 B 15ms
14ms Script
application/javascript 2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/js/ads.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a6496c9ba51de9268160abd403069b72cbf8a70bec8c61f3df9f0fd119aa953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/wbmWHW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15719043
content-encoding: br
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 14:10:31 GMT
server: cloudflare
etag: W/"63a46557-605"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYC1UObxlVMXjqKh4DjzG%2BbsuAmjlpRGLRnm2gsd0DTvjlhggWr9IeFPPSg3KjD8csafYSglUIGeCnV54i2rCX97ZJFRwrFX%2Bhf%2Fwy1C3ImYDnWbmvO37JtXAVLaj3rlGrRuTCYTd9fTFNQh%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7dcdb9a52e79913d-FRA

GET
H2 200 frontend.js Show response
upfilesurls.com/js/ 958 KB
262 KB 34ms
28ms Script
application/javascript 2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/wbmWHW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14523620
cf-polished: origSize=980842
cf-bgj: minify
last-modified: Sun, 08 Jan 2023 11:38:01 GMT
server: cloudflare
etag: W/"63baab19-ef76a"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3ibYYkNPvbaJugcMv0zP4xho4ldNyu4Dn8vVHKWCk8Ene2UCUKTlwgGm%2FT5udTiXfMFdD0rWcMT3bewIbJUO1SGeLwbmhXG256ddiBfgehC%2FnzoaFS0hsYkxX985tzT1A67bblWMojzX4GKcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7dcdb9a58efd913d-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 45ms
18ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-197252557-1

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28b2411d1842bd8fe96982593e4810c5effec398042f57e5f63c3192686223e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64973
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Jun 2023 13:58:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1 KB 52ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33613d442dd3f6abef01c9bee884b9aa828f42820ee62da8b86ad5a9ea7f58f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Jun 2023 13:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 13:58:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jun 2023 13:58:24 GMT

GET
H2 200 stattag.js Show response
cdntechone.com/ 18 KB
8 KB 45ms
17ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/stattag.js
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 08:43:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 175
etag: W/"646736c9-4859"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaBwufj3eWCpVrd3N9AILmaqPfGpithwOce6PXK%2B1CIaVLhETNyGHIwryiCrBPunCjwyt662oGssJqM%2FwjoEJOUaDx5xhf6rc8C1KvKZZjAjNkcXZ1QwyWFAd5qEbfiVm0uL5KHTKjato%2B7hOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7dcdb9a5fadd1e55-FRA
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 367ms
342ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d4c6510b9b5c317fc37ee5267406a507cb0437179d5847817af5f46afcd0325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2V30QS4Q66T0GN5T2PCPHXV
date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
cf-cache-status: HIT
age: 424
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"6cd3e47d51f2768bca99c60a1b340133-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7dcdb9a5fc6f9219-FRA
link: <https://live.demand.supply/impl.v16.16.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 36ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 16:37:17 GMT
x-content-type-options: nosniff
age: 508867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 16:37:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 31135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 05:19:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 26ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 229337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 22:16:07 GMT

GET
H2 200 ut.js Show response
asacdn.com/script/ 80 KB
28 KB 19ms
18ms Script
application/javascript 2606:4700:3030::6815:565
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asacdn.com/script/ut.js?cb=1687701504958
Requested by: Host: asacdn.com
URL: https://asacdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:565 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758519148bca76af1cfe30b12896dc40207967dd283a8aec6281588d07cb433a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 527
x-guploader-uploadid: ADPycdvdqYDow-5sqlxj7qMVRYPbf-8NUj0M8DYK91BnYYnbxdH6gHXZRFHnUN9nbLd6S43YfntO3vqAhudU4x_kbyTpuQELyLuH
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 May 2023 12:36:05 GMT
server: cloudflare
etag: W/"4549edd6adc0674f59e20ade3b3f8b23"
vary: Accept-Encoding
x-goog-hash: crc32c=e/HddQ==, md5=RUnt1q3AZ09Z4greOz+LIw==
x-goog-generation: 1685450165695067
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1Few2lRtRMPODhu6ghTHKHi14Lx1iHoYJxV%2BhlrR1LIMY1oN5EZPnukdIXrEdH8jguxnhsAfIG5Yl8wUnKZpCiYEF3kKkLDoHEnfO5310MsG55HZtlv8wroHCWuTfbVIWvJD0jg7xoz"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 82158
cf-ray: 7dcdb9a5fcf437c8-FRA
expires: Sun, 25 Jun 2023 14:40:23 GMT

GET
H2 204 suurl4.php
youradexchange.com/script/ 0
0 170ms
142ms Fetch 2606:4700:e2::ac40:8b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=5890046&chmob=%3F0&cbur=0.7873487202069642&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=IMG_2951.mov&cbpage=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&cbref=&cbdescription=&cbkeywords=insurance%20quotes%2C%20Car%20insurance%2C%20insurance%20broker%2C%20Life%20Insurance%2C%20insurance%20agent%2C%20insurance%20agent%20salary%2C%20insurance%20benefits%2C%20Auto%20Insurance%2C%20dog%20insurance&cbcdn=asacdn.com&aggr=0&ts=1687701504980
Requested by: Host: asacdn.com
URL: https://asacdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VDhREN1bpXX71iIDuc19VtVAvWcNWYXslsfbLuwMz8MACKIcFhtkjvpU9YdIiTm%2BCacBxkB%2BgLlav%2BXhVjfSw24H3dZGh4uTYRCeXanEXIkC4jQ%2FS42OHy35cxm%2Bv3chW7rl6tZK4X105eENmUykuU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7dcdb9a64a109183-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
906 B 50ms
16ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

355402f0765aa42f5bd56db57fc2f93af8d826c6218c83d2ee14404debdedb42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 584
x-xss-protection: 1; mode=block
expires: Sun, 25 Jun 2023 13:58:25 GMT

GET
H2 200 arrow-down.png
upfilesurls.com/images/ 208 B
647 B 13ms
13ms Image
image/png 2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upfilesurls.com/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/css/frontend.css?id=2396ffb76e738e465b53
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165796
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
server: cloudflare
etag: "625014b1-d0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2ilIuWBPDVyAmCAQ1PhjuKpJ3yWsU0GsAi9HycZYEOWS9gURZygqf%2BLfMYAIL2J7KVEqaDog6tegyN0XD7gfkey5qijEE59TuHXtp5NRQU9neDgEl89kRO3179hosdD6%2F86uTGAQo%2BjGO7r8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7dcdb9a67845913d-FRA

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 68402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 18:58:23 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 92ms
65ms Fetch
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48845
x-xss-protection: 0
server: cafe
etag: 5706787378369228166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 13:58:25 GMT

GET
H2

200

invisible.js Show response
upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame 7B0E
Redirect Chain

https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

7 KB
4 KB

12ms
12ms

Script
application/javascript

2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Server

2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f769a691ad614afe33ef302c42f99513243049536b3cd273135467e35870454d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djd790ystSoK0paObQ%2BFRUWkFCxdiLZhGCwuqLy5upKWrrt67sjae89BQ69BbcG2gzgIA7BX%2Be5sy0St5M6ITpsBhLq9yz%2F304G4ZfBwmnrOQcSnw6fD9r9PnMhh1TzLlVDQL067hbhT%2FQNVtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7dcdb9a71943913d-FRA

Redirect headers

date: Sun, 25 Jun 2023 13:58:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2lKCX0KqTJWwlI2EdwPbsP23FDdXNiCSn5%2FbY2ETGnRnhKbC3zmjDx3%2B9eQZ6MT%2F79t2PDHjXGi76jqzH02u%2Fw2NnqEGZW03WMNP737Ff8l7%2FRf15mnq0inr9o%2BUyZBQxJNVNDbD84T1uo56w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
cache-control: max-age=300, public
cf-ray: 7dcdb9a6d8d2913d-FRA

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
468 B 47ms
13ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 25 Jun 2023 13:58:25 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://upfilesurls.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

POST
H2 204 hb.php
youradexchange.com/ut/ 0
417 B 153ms
136ms Ping
text/plain 2606:4700:e2::ac40:8b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/ut/hb.php?cb=0.4571097118688654
Requested by: Host: asacdn.com
URL: https://asacdn.com/script/ut.js?cb=1687701504958
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIF79QYILPM1x7Lp0VUMbtkvhCZfBVnuWE8%2FBbpdko3RlOz2ElBrLlZyELsA61Y%2FRicZqzTBZ7zMBcKv43fDbFiDq3cVtc%2FtlLoa9sGDmaJ6rplEzKHLASQl%2BwkLqPWp1uOT7VxQkT4DbFKGhO5LCYk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7dcdb9a72dda3a90-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/ 393 KB
125 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 05:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31015
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127691
x-xss-protection: 0
server: cafe
etag: 13681810057703077335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 24 Jun 2024 05:21:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 587 B
326 B 58ms
41ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61f7d9eaabbfde4b1fe0a802ca35b9bc8ce06e6d585a0a10071c155c6bcab518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Sun, 25 Jun 2023 13:58:25 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ 430 KB
173 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upfilesurls.com/
Origin: https://upfilesurls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 11:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Jun 2024 11:28:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
78 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197252557-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2089a5256a870c3b4baaa42da8eceeb6ebd662d07fb2a897c00c8b8fe29eedfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79563
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Jun 2023 13:58:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 42ms
6ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197252557-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 12:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4983
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 25 Jun 2023 14:35:22 GMT

POST
H2 200 7dcdb9999c17913d Show response
upfilesurls.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 7B0E 0
545 B 27ms
27ms XHR
text/plain 2606:4700:20::681a:98a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upfilesurls.com/cdn-cgi/challenge-platform/h/g/cv/result/7dcdb9999c17913d
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:98a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7dcdb9a7da35913d-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tzm5NHevthc6rpl18%2BTsmK0Lo4yOVT9ovFkNY7sMkexMr%2BDOtHRcsbF7ni%2BbGJs07fr%2BgFEqyOUpcfeFqdu9H7EEDEkO5DTWzxLe1RwxRB29wD581aVR5GpOpqsljFVLQdytuMFWUFmDvmYYdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 52ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 57ms
12ms Script
text/javascript 2600:9000:225b:c600:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sun, 25 Jun 2023 05:58:55 GMT
Via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 28771
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: sPHnWiM4I2OlM2FJxwXzYwrIhiTGhJbbrqZKMmhx1KdR4pT5JtEi6Q==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 55ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Jun 2023 13:58:25 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 63ms
12ms Script
text/javascript 108.138.36.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-46.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 05:20:10 GMT
content-encoding: gzip
via: 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 31096
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Ajmu0wy0xOjOGzxnFYOBJ9qzDeaJ9NAUUUtJ285CAsQ7cq0OUs5h9w==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 47ms
18ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: CHW0CV1KM1G02TR2
age: 3384
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7dcdb9a849572ba9-FRA
x-amz-id-2: hFlxSDkxEttJkkfRSTyO3GwTa8aCp+UOCQRgaUh0BOsuJXvioQwBgNOnVTzQSxwwnuIw7f428e8=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 36ms
7ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 25 Jun 2023 13:58:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 9520
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230123-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 55ms
13ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:11:06 GMT
via: 1.1 google
age: 2839
x-guploader-uploadid: ADPycdsZpcVX-RjHq5jM2wDbSeA1in5QIxU1eqye5gs30HF7IISAkZYJN2t0-zUlUoyMqQ_4ri33avlbB2v6h06Ggdp8bzaVI_Q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sun, 25 Jun 2023 14:11:06 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 726 B
384 B 491ms
491ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2885812208335409&correlator=4048834663804238&eid=31072019%2C31075556&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3273233675&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687701505301&lmt=1687701505&dlt=1687701504793&idt=478&adxs=400&adys=281&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1523282048.1687701505&ga_sid=1687701505&ga_hid=1623688768&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYj4rllo8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiPiuWWjzFIAFICCGQSGQoKcHViY2lkLm9yZxiPiuWWjzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yj4rllo8xSABSAghkEhcKCHJ0YmhvdXNlGI-K5ZaPMUgAUgIIZBIZCgp1aWRhcGkuY29tGI-K5ZaPMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb88589ff6e8312eb04ddeeba17adcdbc1790ccfaa9dbb0854a196473965460a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 354
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
22 KB 273ms
273ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2885812208335409&correlator=4048834663804238&eid=31072019%2C31075556&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3273233668&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687701505309&lmt=1687701505&dlt=1687701504793&idt=478&adxs=400&adys=595&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1523282048.1687701505&ga_sid=1687701505&ga_hid=1623688768&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYj4rllo8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiPiuWWjzFIAFICCGQSGQoKcHViY2lkLm9yZxiPiuWWjzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yj4rllo8xSABSAghkEhcKCHJ0YmhvdXNlGI-K5ZaPMUgAUgIIZBIZCgp1aWRhcGkuY29tGI-K5ZaPMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab96517554d166fa0fcb14d01f8930b4b7ffec6637bebdc42d7b389c72f6df77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22650
x-xss-protection: 0
google-lineitem-id: 6282713890
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430325756
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 638 B
309 B 859ms
859ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2885812208335409&correlator=4048834663804238&eid=31072019%2C31075556&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=339263271%3A22776202201%2CGam_upfilesurls.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=3273233670&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687701505312&lmt=1687701505&dlt=1687701504793&idt=478&adxs=400&adys=927&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&frm=20&vis=1&psz=800x250&msz=800x250&fws=0&ohw=0&ga_vid=1523282048.1687701505&ga_sid=1687701505&ga_hid=1623688768&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYj4rllo8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiPiuWWjzFIAFICCGQSGQoKcHViY2lkLm9yZxiPiuWWjzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yj4rllo8xSABSAghkEhcKCHJ0YmhvdXNlGI-K5ZaPMUgAUgIIZBIZCgp1aWRhcGkuY29tGI-K5ZaPMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1faae0f8f478a645d80f390a091d751027aa8f1abf6dfcba46191e298ed62f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 66F9 6 KB
3 KB 75ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:58:25 GMT
expires: Mon, 24 Jun 2024 13:58:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 impl.v16.16.0.js Show response
live.demand.supply/ 74 KB
24 KB 100ms
99ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.16.0.js
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e199b4acaba04f13ab3fcf9c95a4a26c3b6468462a5840365fbd3c3b780bd49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2V21C12TQVRMNKRKSNMKQ2M
date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
cf-cache-status: HIT
age: 1018727
cf-polished: origSize=76159
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"a0209a571f187db24bc09a2a643679ec-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7dcdb9a84fda9219-FRA

GET
H2 200 dXBmaWxlc3VybHMuY29tLw== Show response
live.demand.supply/p4/v16-10-0/ 983 B
616 B 494ms
493ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tLw==
Requested by: Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4f495563692eb81977dea50d6a3439778d73853af335dec0037ea6d78995eb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7dcdb9a84fdc9219-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 15ms
13ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1623688768&t=pageview&_s=1&dl=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&ul=en-us&de=UTF-8&dt=IMG_2951.mov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1137244259&gjid=1690242410&cid=1523282048.1687701505&tid=UA-197252557-1&_gid=479652990.1687701505&_r=1&gtm=457e36l0&jsscut=1&z=1178586211

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 13:58:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 41ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-75C4L64NEB&gtm=45je36l0&_p=1623688768&cid=1523282048.1687701505&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687701505&sct=1&seg=0&dl=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&dt=IMG_2951.mov&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 13:58:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 25ms
17ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=368&cs=c&dsReferer=dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
date: Sun, 25 Jun 2023 13:58:25 GMT
cf-cache-status: HIT
age: 762077
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7dcdb9a89df43809-FRA

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed02c56fa1309ff0c191fb46c9374aee10215584792ae70d90c0e3165d06a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26459
x-xss-protection: 0
server: cafe
etag: 397 / 19533 / m202306200101 / config-hash: 3635630053877940451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 13:58:25 GMT

GET
H3 200 dXBmaWxlc3VybHMuY29tL3dibVdIVw== Show response
live.demand.supply/p4/v16-10-0/ 983 B
698 B 873ms
873ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4f495563692eb81977dea50d6a3439778d73853af335dec0037ea6d78995eb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7dcdb9a88c488fd7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
620 B 22ms
15ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H1F2R9ND20Z1DSY7TEW2T124
date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2109778
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7dcdb9a89df63809-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
316 B 26ms
25ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 45c5876825cf27c94b1e0971ec8376ec88956d1a5ba72ad484a798848526f184

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: fc04781d48f47b10c962ac5e5b7438dc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 43ms
21ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://upfilesurls.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://upfilesurls.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 25 Jun 2023 13:58:25 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: adaf7dcd5011004c087c8d5e73305aba

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 99C7 15 KB
6 KB 61ms
17ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=upfilesurls.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:58:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 257881
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 34ms
10ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://upfilesurls.com
date: Sun, 25 Jun 2023 13:58:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 108ms
31ms XHR
application/json 99.80.64.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.64.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-64-147.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 57242f255f0bbf6ce623963c83d6212694af13c5e075b42ad1f54db7ff82894c

Request headers

Referer: https://upfilesurls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 13:58:25 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache
x-server: 10.45.28.172
access-control-allow-credentials: true
content-length: 60
expires: 0

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
483 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
date: Sun, 25 Jun 2023 13:58:25 GMT
cf-cache-status: HIT
age: 2110275
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7dcdb9a8ee673809-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 99C7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=upfilesurls.com&sn=ChromeSyncframe&so=0&topUrl=upfilesurls.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ZZ7963xMZG82c21MLzhONzQ5U3Z3TFgwbWtpQXdJclUzMnpIUDdIRnpVK2hSSER2ajBYYi96cnhZbW50OXp1YWhNMGpjNVY3dWMzNGhzdTZMVHBXZ3BzNExsQmJnMjBucWlaYmE5UFdZVHpBMTY3YThqL0F3V2pPS3RacH...

441 B
662 B

72ms
18ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZZ7963xMZG82c21MLzhONzQ5U3Z3TFgwbWtpQXdJclUzMnpIUDdIRnpVK2hSSER2ajBYYi96cnhZbW50OXp1YWhNMGpjNVY3dWMzNGhzdTZMVHBXZ3BzNExsQmJnMjBucWlaYmE5UFdZVHpBMTY3YThqL0F3V2pPS3RacHRYMXFUdGxZQ1czTFBlMXkrSlZWV3FrUFcvd0VHU3phcVdPOCtBY0hOeEhFbmg0NklVY2ZldzFMbnNMYS9zZ1ZVRERhQmsyNmFuSzhnT2dQYTZ6Y1dxcjhmYlJKUDZPVEsrMWtaNEpOaC9NVjRsUktuNEdaVE9PQTRYOENsL0JDNkpKblFlaExzdzYrTnExNlYyd1VRdlNRVVFMVi9mN3U4RmdlUkl6Y2Iyb3IxZ2VEdEFuZz18&cppv=2

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c4c635758a1a2f6419fa68cf838794027bbce0b3b725ddad92d6f70043af1500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 13:58:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1212420
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 13:58:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ZZ7963xMZG82c21MLzhONzQ5U3Z3TFgwbWtpQXdJclUzMnpIUDdIRnpVK2hSSER2ajBYYi96cnhZbW50OXp1YWhNMGpjNVY3dWMzNGhzdTZMVHBXZ3BzNExsQmJnMjBucWlaYmE5UFdZVHpBMTY3YThqL0F3V2pPS3RacHRYMXFUdGxZQ1czTFBlMXkrSlZWV3FrUFcvd0VHU3phcVdPOCtBY0hOeEhFbmg0NklVY2ZldzFMbnNMYS9zZ1ZVRERhQmsyNmFuSzhnT2dQYTZ6Y1dxcjhmYlJKUDZPVEsrMWtaNEpOaC9NVjRsUktuNEdaVE9PQTRYOENsL0JDNkpKblFlaExzdzYrTnExNlYyd1VRdlNRVVFMVi9mN3U4RmdlUkl6Y2Iyb3IxZ2VEdEFuZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 296556
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B93D 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslKto5N_qCOXh1VdHzLYNobqtla6MhQQ-9HhEENcCMhvAq4VjCFOeck2QT2Zt8iUmRd5BEaiqZ8YgW7QtiJrccVTaNKk6xnmd7sdGOYDQgT55RTunh5kbLt_ETdEPw882TMiLCN7fhCvyI4JVLl9cOMUVyUk_jjJfJAicrCf_ZwkiE5gxaJzjXU5RD9PtTlH5jupFDmHIT8m_B338xantNE5mXdA8uU2GGgVdNXsa_Mgo80D46ZVWAO39ABq2ChRezq5usjY4ez3wsllId5S2YLR9Ri3LS7mEnD52h7w_5nDCzhyKWFyhCK23saRYPvQSztHuu7Zcm85hqVdXcfgvifP-PEicHLA&sai=AMfl-YRBB8tWcJ5zhqnN7G-3lllGwm8aC7htj_MXN8jNHs40Fdinj6qZBzjNQAiqW7mtxtcfgK97SRWDY2ZdQLOF6eZbfqBQeEFhcOf8EQoOA7Bvp0xH8Us-GbJWg35Lkarca7WPHOsznIoIbqdWH7KS&sig=Cg0ArKJSzMG9KAsDxPNREAE&uach_m=[UACH]&adurl=

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Jun 2023 13:58:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame B93D 22 KB
9 KB 55ms
18ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 18:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame B93D 3 KB
1 KB 57ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:48:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B93D 179 KB
56 KB 91ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 13:58:25 GMT

GET
H2 200 811511909485606589
tpc.googlesyndication.com/simgad/ Frame B93D 54 KB
54 KB 57ms
23ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/811511909485606589

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467d23dee5e3ba7f6eeac766fb074fe5e014fec821ce6b6c6cfac4426c8707c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:29:10 GMT
x-content-type-options: nosniff
age: 246555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55229
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 19:45:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Jun 2024 17:29:10 GMT

GET
DATA 200
OK truncated
/ Frame B93D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea343468d4f70cb161ceb6cfdfbc50a8d23b33cc39a9a1ea60be204bc39c39d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B93D 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0UarThfvXRkdUCioWnO4XrX_p76ksBO3nQJSRhKUvy4B5NG2D5a3aqZmE9y1nhJ3B1LTMUFrdVpgsN7zRhAdQnkRJmoQti8APO4AuX2uhsLCHlRcbByW8BvING3xy5Z5PjXX0L8-TWTofCQcjj5BxD8XQYoiFMgA17Wz2maAt0loFFs_puv9HuEEI7Qlo8B_RZENr5rU__vPCKo8PCa3oPAhjs_DrAXO3qqd2XtmRdcTTn9NGf_stl_Tnq1-I9CXxcASRvDQsq4Jzo7BAOqSxmYFtaskMtsJl-t7eNq6maxW5ULIbs_lk5dAH3SigP4-SGdDR6_82H1C0NC-xwGTUlL3s2QeSVLgV&sai=AMfl-YT-99pDLb4tCOhtKv1mHlWBHZeAMB9P62URZQ3aZaRjeiF-CCtEWj1r5o4cjA2sQHXnWilIZFkrrN5CAR2BTZUeiAM1WsTdZdnrpYrHs1frg8KGEKYLmDzj5c2ExmGAlc7pGokD8rGLi1rghNme&sig=Cg0ArKJSzNGCdV8BsgvAEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Jun 2023 13:58:25 GMT

GET
H3 200 upfilesurls.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
376 B 323ms
322ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/upfilesurls.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ddc392229d7f49fb8f025e702215240eaaa54f28b4a6b4975182c9db7b90ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7dcdb9ae1e273809-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 17ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
732 B 250ms
250ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2885812208335409&correlator=2731570972358879&eid=31072019%2C31075556&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C044293ce-89b1-498a-9bcf-8275878b2c1e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=3902365316&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D9ac25c31-c83e-4871-8e73-6d9182be28f2%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D85&eri=1&sc=1&cookie=ID%3D84f61950728fdcc5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_Mb78SDSajo2vbITyGViRXL9A-6C4A&gpic=UID%3D00000c345dd7b8d5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_MaAPd0QQmJz9MsTLusnzSddUQwZfw&abxe=1&dt=1687701506281&lmt=1687701506&dlt=1687701504793&idt=478&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1523282048.1687701505&ga_sid=1687701505&ga_hid=1623688768&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYj4rllo8xSABSAghkEhkKCnB1YmNpZC5vcmcY2Yrllo8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGI-K5ZaPMUgAUgIIZBLCAQoIcnRiaG91c2USrAFseUJjUHhzTHhOTEh5TGdHUTFDNEUrN1pEUUJ3dnZXbC9VOEJMejhuQWtsNTF1b1VmMUY0N0ovUmZXV0lzb2h4d2NxTDZyK2FiQ3ltUVdSeWRENDExdVRpQStGRmJaMkt3RExCZUhRM28yQXFoWnc3M0l5SjVtRDJPQ1RCUTV4TUpGWTN0d05zWDhVZlhQcE9XQXFaT3V0aG5BbFRNNGZId0MrcXVmTnBzOGc9GKGL5ZaPMUgAEhkKCnVpZGFwaS5jb20Yj4rllo8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiMi-WWjzFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f980609e1349b9d2934f84124a28ee78ce85651f4620ddf77f53391525f0d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 703
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/ 37 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab6608273f8d3c48c4080e531a5f99a8365dac7245e362cdb57c59e024b20a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67978
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13138
x-xss-protection: 0
server: cafe
etag: 11137768676305576577
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 23 Jun 2024 19:05:28 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 97ms
97ms Fetch
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/js/frontend.js?id=88f283c744d8a6e43cfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48160
x-xss-protection: 0
server: cafe
etag: 17916425889917271564
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 13:58:26 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 58ms
57ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e77a8935e41b4ee544ec6312b5c155fa143740a3e6839d1fe2f246884145563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11276
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Jun 2023 13:58:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C14 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 81643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 15:17:43 GMT
expires: Sun, 23 Jun 2024 15:17:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 029A 783 B
1 KB 44ms
19ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a0d416e0d8c2f3cf85766fd36b0503061e67a485bc2130ad4559e7c1d9e75d82

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hFPWneN57BX6Iscr5oiUlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-hFPWneN57BX6Iscr5oiUlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:58:26 GMT
expires: Sun, 25 Jun 2023 13:58:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C14 37 KB
14 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 03:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14515
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Jun 2024 03:50:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 029A 0
0 40ms
39ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306200101&jk=2885812208335409&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1C14 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EWg14A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
date: Sun, 25 Jun 2023 13:58:26 GMT
cf-cache-status: HIT
age: 762078
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7dcdb9afe8bc3809-FRA

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
731 B 137ms
137ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2885812208335409&correlator=81145072610818&eid=31072019%2C31075556&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C8218a573-db51-4303-a715-73cced357d63&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=655150013&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D9ac25c31-c83e-4871-8e73-6d9182be28f2%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D85&eri=1&sc=1&cookie=ID%3D84f61950728fdcc5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_Mb78SDSajo2vbITyGViRXL9A-6C4A&gpic=UID%3D00000c345dd7b8d5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_MaAPd0QQmJz9MsTLusnzSddUQwZfw&abxe=1&dt=1687701506546&lmt=1687701506&dlt=1687701504793&idt=478&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1523282048.1687701505&ga_sid=1687701505&ga_hid=1623688768&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYj4rllo8xSABSAghkEhkKCnB1YmNpZC5vcmcY2Yrllo8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGI-K5ZaPMUgAUgIIZBLCAQoIcnRiaG91c2USrAFseUJjUHhzTHhOTEh5TGdHUTFDNEUrN1pEUUJ3dnZXbC9VOEJMejhuQWtsNTF1b1VmMUY0N0ovUmZXV0lzb2h4d2NxTDZyK2FiQ3ltUVdSeWRENDExdVRpQStGRmJaMkt3RExCZUhRM28yQXFoWnc3M0l5SjVtRDJPQ1RCUTV4TUpGWTN0d05zWDhVZlhQcE9XQXFaT3V0aG5BbFRNNGZId0MrcXVmTnBzOGc9GKGL5ZaPMUgAEhkKCnVpZGFwaS5jb20Yj4rllo8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiMi-WWjzFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62d470ad1f870bc28185b4c1b25fa54270b67c42af16867b429e43cbe7537850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 702
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_728x90_sticky_display_bottom&pdc=0.28424370288848877&ucv=null&e=tcp&dsReferer=dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
date: Sun, 25 Jun 2023 13:58:26 GMT
cf-cache-status: HIT
age: 762078
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7dcdb9b018fa3809-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 85ms
85ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H1Y05AGFG29ZH03J7RFS19F8
date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 540120
etag: W/"f22f1835d396aa5be9932139c44fe2f7-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7dcdb9b01b738fd7-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 19ms
19ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=upfilesurls.com_auto_728x90_sticky_display_bottom&dsReferer=dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H0WH53N5DXY1S5GWJ4J08TX0
date: Sun, 25 Jun 2023 13:58:26 GMT
cf-cache-status: HIT
age: 2110276
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7dcdb9b019003809-FRA

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 502ms
501ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2885812208335409&correlator=3746918663766518&eid=31072019%2C31075556&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2Ca39f815d-1bc8-4975-9513-f19a5ddcf651&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=2297404149&sfv=1-0-40&prev_scp=ti%3D9ac25c31-c83e-4871-8e73-6d9182be28f2%26chrand%3Dy%26pof%3D0%26bid%3D0.28%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D85&eri=1&sc=1&cookie=ID%3D84f61950728fdcc5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_Mb78SDSajo2vbITyGViRXL9A-6C4A&gpic=UID%3D00000c345dd7b8d5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_MaAPd0QQmJz9MsTLusnzSddUQwZfw&abxe=1&dt=1687701506583&lmt=1687701506&dlt=1687701504793&idt=478&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1523282048.1687701505&ga_sid=1687701505&ga_hid=1623688768&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYj4rllo8xSABSAghkEhkKCnB1YmNpZC5vcmcY2Yrllo8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGI-K5ZaPMUgAUgIIZBLCAQoIcnRiaG91c2USrAFseUJjUHhzTHhOTEh5TGdHUTFDNEUrN1pEUUJ3dnZXbC9VOEJMejhuQWtsNTF1b1VmMUY0N0ovUmZXV0lzb2h4d2NxTDZyK2FiQ3ltUVdSeWRENDExdVRpQStGRmJaMkt3RExCZUhRM28yQXFoWnc3M0l5SjVtRDJPQ1RCUTV4TUpGWTN0d05zWDhVZlhQcE9XQXFaT3V0aG5BbFRNNGZId0MrcXVmTnBzOGc9GKGL5ZaPMUgAEhkKCnVpZGFwaS5jb20Yj4rllo8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiMi-WWjzFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f805775028682191c81ac336379aba3e622c0cf516c0b124d12cad24016b7b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12038
x-xss-protection: 0
google-lineitem-id: 5564063231
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 91ms
90ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
date: Sun, 25 Jun 2023 13:58:26 GMT
cf-cache-status: HIT
age: 762078
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7dcdb9b0da6e3809-FRA

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
725 B 278ms
277ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2885812208335409&correlator=3939333108895139&eid=31072019%2C31075556&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C924bb2f9-87c6-44fc-98aa-87c9fd0ebc73&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&adks=2177133344&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D9ac25c31-c83e-4871-8e73-6d9182be28f2%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D85&eri=1&sc=1&cookie=ID%3D84f61950728fdcc5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_Mb78SDSajo2vbITyGViRXL9A-6C4A&gpic=UID%3D00000c345dd7b8d5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_MaAPd0QQmJz9MsTLusnzSddUQwZfw&abxe=1&dt=1687701506712&lmt=1687701506&dlt=1687701504793&idt=478&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1523282048.1687701505&ga_sid=1687701505&ga_hid=1623688768&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYj4rllo8xSABSAghkEhkKCnB1YmNpZC5vcmcY2Yrllo8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGI-K5ZaPMUgAUgIIZBLCAQoIcnRiaG91c2USrAFseUJjUHhzTHhOTEh5TGdHUTFDNEUrN1pEUUJ3dnZXbC9VOEJMejhuQWtsNTF1b1VmMUY0N0ovUmZXV0lzb2h4d2NxTDZyK2FiQ3ltUVdSeWRENDExdVRpQStGRmJaMkt3RExCZUhRM28yQXFoWnc3M0l5SjVtRDJPQ1RCUTV4TUpGWTN0d05zWDhVZlhQcE9XQXFaT3V0aG5BbFRNNGZId0MrcXVmTnBzOGc9GKGL5ZaPMUgAEhkKCnVpZGFwaS5jb20Yj4rllo8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiMi-WWjzFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d006ac6330b275580c20d0d0b58d644494ba6cd63f871288d15ce9202968458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 696
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B93D 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstI-JkNOdYN2YABogC9VaCy552ZMiTX-CaJ9nidKlnbkJ2YoB1z286WA_4ZeECsvF01ZshP-yLF0SdJD5BfgoOkd1n2J80teX8-O-s1R8l9U5H9Df1x&sig=Cg0ArKJSzOMrnmrTwdSwEAE&id=lidar2&mcvt=1000&p=595,650,845,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230621&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3273233668&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687701505603&rpt=194&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 13:58:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 16ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_interstitial_desktop&e=nai&dsReferer=dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
date: Sun, 25 Jun 2023 13:58:27 GMT
cf-cache-status: HIT
age: 762079
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7dcdb9b2cd3a3809-FRA

GET view
securepubads.g.doubleclick.net/pcs/ Frame AB80 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB80 0
0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 376ms
376ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2885812208335409&correlator=4024935150872923&eid=31072019%2C31075556&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C09dea4b7-b301-4406-9573-8ca469e4fde9&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=8&adks=1444295116&sfv=1-0-40&prev_scp=ti%3D9ac25c31-c83e-4871-8e73-6d9182be28f2%26chrand%3Dy%26pof%3D0%26bid%3D0.1%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D85&eri=1&sc=1&cookie=ID%3D84f61950728fdcc5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_Mb78SDSajo2vbITyGViRXL9A-6C4A&gpic=UID%3D00000c345dd7b8d5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_MaAPd0QQmJz9MsTLusnzSddUQwZfw&abxe=1&dt=1687701507122&lmt=1687701507&dlt=1687701504793&idt=478&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1523282048.1687701505&ga_sid=1687701505&ga_hid=1623688768&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYj4rllo8xSABSAghkEhkKCnB1YmNpZC5vcmcY2Yrllo8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGI-K5ZaPMUgAUgIIZBLCAQoIcnRiaG91c2USrAFseUJjUHhzTHhOTEh5TGdHUTFDNEUrN1pEUUJ3dnZXbC9VOEJMejhuQWtsNTF1b1VmMUY0N0ovUmZXV0lzb2h4d2NxTDZyK2FiQ3ltUVdSeWRENDExdVRpQStGRmJaMkt3RExCZUhRM28yQXFoWnc3M0l5SjVtRDJPQ1RCUTV4TUpGWTN0d05zWDhVZlhQcE9XQXFaT3V0aG5BbFRNNGZId0MrcXVmTnBzOGc9GKGL5ZaPMUgAEhkKCnVpZGFwaS5jb20Yj4rllo8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiMi-WWjzFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0d7d65a05781a607c3ec02a62ec4e781e44423f04a3e2c046c93e5878c99d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12018
x-xss-protection: 0
google-lineitem-id: 5564061269
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306200101&jk=2885812208335409&bg=!GhmlGU3NAAYQ3eRoMN07ADkAdvg8WtiXlSO8I9UStWMMAGwwnUA3tfN1fN5tsQ_VlMnR2RXRBVDSTeioSJtUnxumg_GHxpnbO3ACAAAATVIAAAATaAEHmQKhEtD8mPjkBhZSqEcmz-gDX2rToUOd4whF4Xl_IzakYzctU6uvvTOPa4Ldk1M5_NK5BDumm6rAZowwoaYKam3B2i0Ye5jkpdksDILvKckiSNhhpVrWDF5SACiBGY1M8mmPjP6Gh0FAOVKHjZVHvDVFk16W3tRORDd0kMpU3cPy348PL_FELJOoAeYPvp90QuqC9Xw3E2W_KqXV6c9uN4GJsyI09vY_PaD8pBJH1pCaUfTXEVo-pBv0gUbqusws3AUJ8nGlQ1J_lshDApgkV5Z0KPvT6XF4j7pEr73hA9358-SEf6IxIfv9l7r7kv-KaqONbl7ZU6nmyzd2RopYx78tlpeto8GmAC-ff0tR-nDxbaVq8799cBL37CPo_GB9RpdJd36PR_HlVLf6Emb1kvmcIfsHCukwccRXqsi1rrwIa_uFaWYXECIPJR3H_ijcRs-Dk9ivaMXcw_zixmDLTAq6kOqb7yt10taAYK8uSmpTTWf3577hQ0oM6UbHSv-xucWPVF9VhdFcilyTmHYLwKhsGA2BSQvslVQz2filUDpAFQcY46jQ8v1akqmV_E6TxfGmJi_ghkgnPbhbTyYckt_GYYLcIEyvsgNgRLo1KfykTGtJWOkcNJPwriVYO9rQOwPEzMUkwj3K2l-njhSewWZKANwAyUte1bC5YEBssJ-WIgpV5buG16MERmCzKI4XB7xJ86otF3QkwAmkpBZyd73eDWsNtOzMj3poSFH33kyKlsvI_Ta4F4Cu8cYs-3vWOz8ss0GilGBNWpnGKf2YkXgHzfhuoj_Vq8eqX41tuE8_pqB5kOlYj6sVUdsC6MS8eA4z9weff2XprcVYuyaypoSxqKfSskJQNaVGv6P2CB2HzhDRSGrCsXfaAleSCUVr7YqjcQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET view
securepubads.g.doubleclick.net/pcs/ Frame 6A3A 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6A3A 0
0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upfilesurls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 141 KB
50 KB 191ms
191ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2885812208335409&correlator=3148671888749541&eid=31072019%2C31075556&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=44890869%3A22859910411%2Cca-pub-3831894559014614-tag%2C442c7285-9bff-4435-aac6-7d5249177d41&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=9&adks=1775280552&sfv=1-0-40&prev_scp=ti%3D9ac25c31-c83e-4871-8e73-6d9182be28f2%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D85&eri=1&sc=1&cookie=ID%3D84f61950728fdcc5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_Mb78SDSajo2vbITyGViRXL9A-6C4A&gpic=UID%3D00000c345dd7b8d5%3AT%3D1687701505%3ART%3D1687701505%3AS%3DALNI_MaAPd0QQmJz9MsTLusnzSddUQwZfw&abxe=1&dt=1687701507545&lmt=1687701507&dlt=1687701504793&idt=478&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fupfilesurls.com%2FwbmWHW&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1523282048.1687701505&ga_sid=1687701505&ga_hid=1623688768&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYj4rllo8xSABSAghkEhkKCnB1YmNpZC5vcmcY2Yrllo8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGI-K5ZaPMUgAUgIIZBLCAQoIcnRiaG91c2USrAFseUJjUHhzTHhOTEh5TGdHUTFDNEUrN1pEUUJ3dnZXbC9VOEJMejhuQWtsNTF1b1VmMUY0N0ovUmZXV0lzb2h4d2NxTDZyK2FiQ3ltUVdSeWRENDExdVRpQStGRmJaMkt3RExCZUhRM28yQXFoWnc3M0l5SjVtRDJPQ1RCUTV4TUpGWTN0d05zWDhVZlhQcE9XQXFaT3V0aG5BbFRNNGZId0MrcXVmTnBzOGc9GKGL5ZaPMUgAEhkKCnVpZGFwaS5jb20Yj4rllo8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiMi-WWjzFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5205d82d1d2c123750422c2df49da8d9931d41350b9c27eb132f9b5a2811589d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMLi4obK3v8CFQ65dwodMJAHRA&gqi=&layout=/sadbundle/%24csp%253Der3%24/16346139938887045070/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMLi4obK3v8CFQ65dwodMJAHRA&gqi=&layout=/sadbundle/%24csp%253Der3%24/16346139938887045070/index.html
date: Sun, 25 Jun 2023 13:58:27 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50974
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upfilesurls.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 52DE 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upfilesurls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:58:25 GMT
expires: Mon, 24 Jun 2024 13:58:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 102ms
101ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=upfilesurls.com_auto_728x90_sticky_display_bottom&pn=1&sn=3&pc=0.28424370288848877&ds=true&e=wdp&dsReferer=dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
date: Sun, 25 Jun 2023 13:58:27 GMT
cf-cache-status: HIT
age: 762079
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7dcdb9b77e013809-FRA

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=upfilesurls.com_auto_728x90_sticky_display_bottom&sy=08a752b0-1672-49e8-a59c-6a05fc74116c&ts=85&cd=2&pud=368&pus=c&pue=5306&pid=102&pis=c&pie=5431&ppd=495&pps=a&ppe=5825&pcl=5101&ttc=6253&tti=7766&ttif=0&lca=5825&lcak=ppe&lct=5825&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=upfilesurls.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=9ac25c31-c83e-4871-8e73-6d9182be28f2&e=lm&dsReferer=dXBmaWxlc3VybHMuY29tL3dibVdIVw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upfilesurls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H0WH535VZPRFR8SSXVB2WVS7
date: Sun, 25 Jun 2023 13:58:27 GMT
cf-cache-status: HIT
age: 762079
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "dfe0abe17839ba4f36623d3c9332b694-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7dcdb9b77e0e3809-FRA

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 151 KB
21 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html

Requested by

Host: upfilesurls.com
URL: https://upfilesurls.com/wbmWHW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bbeea353baa206119b544cd5ef1972b620a3ebb99fc0253adc27e19d6bab9c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 402556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21880
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 22:09:11 GMT
expires: Wed, 19 Jun 2024 22:09:11 GMT
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 52DE 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 18:49:13 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9231 143 B
384 B 33ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:55:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 52DE 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:48:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 52DE 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:19:38 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C7D5 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 25 Jun 2023 17:08:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C7D5 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 26 Jun 2023 01:47:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 52DE 179 KB
56 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 13:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 13:58:27 GMT

GET
DATA 200
OK truncated
/ Frame 52DE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d1838923cc20962713034287f77088ad927999aa9747557e03473b4d12fcaa6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Show response
pagead2.googlesyndication.com/bg/ Frame C7D5 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 03:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14515
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Jun 2024 03:50:31 GMT

GET
H3 200 logo_klein.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 7 KB
3 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_klein.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58e045f5cc886898a55d4450daffaa78bc91f481333bd7d8ccf5c806e1ac6e62

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 22:07:22 GMT
age: 57065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2963
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 22:07:22 GMT

GET
H3 200 logo_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 7 KB
3 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_01.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7ca1d475d75b95f330757ed1eef0d5e2a0a63372d968c31c9ffe3159f29b141

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 09:52:23 GMT
age: 101164
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3091
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 09:52:23 GMT

GET
H3 200 logo_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 7 KB
3 KB 13ms
11ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_02.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3349f90f1da5e8e9c8234aaa9b932f3157e8dc2ac7c67852d2c531fa9e80f082

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Jun 2023 19:02:49 GMT
age: 413738
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3091
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Jun 2024 19:02:49 GMT

GET
H3 200 cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 5 KB
2 KB 13ms
11ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/cta.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e1780fcf095277e5932ebe4308ba7c209a0ffd929e80fa1dac9de7efaacb043

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 22:36:31 GMT
age: 55316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2056
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 22:36:31 GMT

GET
H3 200 logo_subline_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 5 KB
2 KB 20ms
18ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_subline_02.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976df8c6fc830abbcba51b76b07f7b795fbc02d466ddd4530861161464f14dd3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 22:07:22 GMT
age: 57065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 22:07:22 GMT

GET
H3 200 logo_subline_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 14 KB
4 KB 19ms
17ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_subline_01.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd7fcadf77947aedfa9df2220b7b33ae98b978e617e5c1100c1dd422d31a5fda

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 05:59:50 GMT
age: 115117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 05:59:50 GMT

GET
H3 200 widget_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 16 KB
5 KB 19ms
17ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_01.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9518f4b66ec416aaf33168598d4f4dc33186f8daa2476c70a4a330342813bb3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 22:41:33 GMT
age: 55014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5538
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 22:41:33 GMT

GET
H3 200 widget_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 10 KB
4 KB 17ms
15ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_02.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26c30f9f6dcdf84d05a4bc923ba8b51306d18f165c1bf7d8f8c802d5e3d70be

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Jun 2023 22:08:46 GMT
age: 143381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3871
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jun 2024 22:08:46 GMT

GET
H3 200 widget_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 12 KB
5 KB 14ms
12ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_03.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d37eea3a77597d079cccca5118edc840165fc85a98d0c278729975099a074eb0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 22:07:22 GMT
age: 57065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4654
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 22:07:22 GMT

GET
H3 200 widget_04.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 12 KB
4 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_04.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ffa651cec5c4c05bc751cd2e56792bd4aa449762ca625dfa51280c5e2278bf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 15:22:06 GMT
age: 81381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4362
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 15:22:06 GMT

GET
H3 200 widget_05.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 18 KB
5 KB 15ms
13ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_05.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f97e21f3eec9e3e533d436de3a395dd755e1a309ed6e05282c16fe0c11f523e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 00:55:58 GMT
age: 46949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5282
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 24 Jun 2024 00:55:58 GMT

GET
H3 200 widget_06.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 16 KB
6 KB 17ms
16ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_06.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42560ef9cd88b29d780c7b1b9dfacd9ebcce9d6a786377f06ac4c85ecbffac33

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Jun 2023 05:38:48 GMT
age: 29979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5815
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 24 Jun 2024 05:38:48 GMT

GET
H3 200 form.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 791 B
566 B 16ms
14ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/form.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b127fac4cc6707a510e3bb39b4ca7c4e7f9df01d06b9d72988c9a02792a0d0fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 22:23:09 GMT
age: 56118
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 527
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 22:23:09 GMT

GET
H3 200 color_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 851 B
529 B 22ms
20ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_01.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b30aaaa21366d52f75323f59949ba8520cfec50fa89ef9aa9a165687348aa5d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 22:07:22 GMT
age: 57065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 22:07:22 GMT

GET
H3 200 color_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 761 B
522 B 20ms
18ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_02.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22f418c33faa6c31cfe76fab61c5fe1bb9c5031dc4fe5602ef8fd802581aff30

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 22:07:22 GMT
age: 57065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 482
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 22:07:22 GMT

GET
H3 200 color_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 797 B
519 B 20ms
19ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_03.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387a63e314f5fdb0a7ec0a0e38d457e8c86b46e76a866dc112e823ca53cf3392

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 22:40:32 GMT
age: 55075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 479
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 22:40:32 GMT

GET
H3 200 color_04.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 856 B
529 B 22ms
21ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_04.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7251f253a7f14b9f7946a59d2003dc87be21baab047d4394e3cf2802d6d01e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 10:50:55 GMT
age: 97652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 10:50:55 GMT

GET
H3 200 color_05.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 692 B
494 B 22ms
20ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_05.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a52397ac20d14b7063c608f61261318da8ecb23fe996f92803563b060ba13ce0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Jun 2023 22:03:46 GMT
age: 143681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 454
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Jun 2024 22:03:46 GMT

GET
H3 200 color_06.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame C7D5 692 B
495 B 21ms
19ms Image
image/svg+xml 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_06.svg

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1e9c5ee6f84f7f34f2ba8fd2f01fa7574343afd0e09e64691245ce1745528f6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 15:52:36 GMT
age: 79551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 455
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 15:52:36 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9231
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
310 B

15ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:58:27 GMT
expires: Sun, 25 Jun 2023 13:58:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 13:58:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 52DE 225 B
256 B 7ms
6ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: 8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 09:08:46 GMT
x-content-type-options: nosniff
server: cafe
age: 17381
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Mon, 26 Jun 2023 09:08:46 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 52DE 0
0 52ms
52ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfI8_A0iYZILVI47y3gOwoJ6gBP-Popxx7qTYm6YQg52M7qoJEAEglZvKIWCV-peCrAegAaXgjNwDyAEJqQI2xPCRH0eyPuACAKgDAcgDSKoE-gFP0E5GcVxAEa5PhGTnX3DIaf073oisa-RRtVwK6PMSgYG6TuYzJPAw3nlzEab3UBT7DSclJUyRwxhxqDjj4ENNV-yKp_yIu-rqFtnDZEAUPNMqo3s_vbJemABpPy-J_Te7pRr0qV9MItA00qZ1swZ-ksTzJW1MqlV-GaK_Mote6qQjxgmg0Ykh8OoMPzL9jfXJtvaqOooJ4OCqaKf5qHWfofQquST-u4w_hz02vIAZgNBkb7Y_XaskSFWVN9O3-wtZEpiL09hm2aumzxrRdHitwqR94DIue2FTjPmJNGO4hpwFviGnxIf4PbRz3x7JAu2LNtVbQfclMltewASQwIbtoATgBAGSBQQIBBgBkgUECAUYBKAGLoAHs5GrKKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELq_BNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwGiDAgqBgoEw7CxAtgTAtAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=yEEVwkKJiDE&uach_m=[UACH]&cid=CAQSPABygQiDvqdU88wBSZHFdopjLvQ0DQUDGPU6VGOPCFxiK2OohfaAovlMOa-vsDdXgm_d4cH6_ALkj6zbxhgB&template_id=419&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 52DE 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvD0FeAlVDJvBgJn1un4gMCHghh_ENa7PLHpKtOe2XxavjvuJ-_UC0TeejDtZhq3kQMrUWHki38I6-u33zB9SDSeWahftk9JKQhZohDqctdAIpWS8XiKyBqjDCKYD0hlBzc_gwnjyh3QPT5&sai=AMfl-YQvw51yjnJUXaxIIJ6gkMN65ihrw9ZxBowZM8fuDrBEU_S_HPEAKAHts0F_UsIltwcR-S5JYe8mYj_r_lcSChDfJgE9qSIkfOB3OHya50TbwO12I0XbId2pUvAp&sig=Cg0ArKJSzJ2KQX4CvB7-EAE&cid=CAQSPABygQiDvqdU88wBSZHFdopjLvQ0DQUDGPU6VGOPCFxiK2OohfaAovlMOa-vsDdXgm_d4cH6_ALkj6zbxhgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1775280552&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687701507751&rpt=166&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 13:58:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgn8yZs1yDLp3iQasSGxfjPOcHv9EoW58dKHYSKDYq5wPQaYJaUlS-zM_OtCpyfRyrq74ZC8vssP7oF1G8qAAvWL3zgn_tp1mJuZQ662m2EujiW-bI90rjV_cbL9m-ra_evUNTzbN0xVX_EvJzPpfMz0ztP3Q7iZrdrQB6ZmGlKG8jzoQ12_IyWjBX3x3YZBTrrHyzMYa7FPZMeV2Pp7UoPYkTNnVQFtEDleePWi1N8MswPZoYpd1XhsuVXwYbNEWBLQT8TRQ3mHEMCmNu7t4lwKEU4p6LUHkplznBOBfAl5VML3UOM1o6sIetWMAq7TVHjYeB_97_m-BWgklTJ3KbjDwT4Wsf6wZYzhrWIT1nfrQMi9c3r0q_HlgJwm7KQOKf7sPNl49TFBL2PR0&sai=AMfl-YQZMNpxSQZ_upGy4mWmwxagHwfiGYJKUEjSkZmqemi3MW6tyGK7AfqBgP32HZTLR50eVQAGNbXkYZvqIP8HOdjhs2wKbZlR7NvYlkKc_Nb_zeSVmVpyTfNVZeilePY&sig=Cg0ArKJSzDolkCLIwAUzEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2ztZwMYW_8peETdkOn4R77L6Lpgs_afUR4K8d-MuctnOaqreErDRaNRAMCL1mdzMIkV8-kvJNijJ6MBddlyiSUmqu3y_SRFxfgDcsJntA2o1nPnc1Y7MZ84UQMcCLCnNlTMmXHGz1eJ9Yb10Yhy2SeO9qYpCaZf3VB5WE-XnsppMsRz9nd-nJTawAEq8GEKQO8DoCbp7ui8cg7DCZkRf0E9Kj51igQIWjVNeoxzzZBKaoNSks8lo58yp3FSMx0T9V0rsVZFSdKqSNunsWEJaITXOfrf0zAqOABTAav9FMbqAc5n0rJTInCfX6ex6UGwwiNMm57Mb1OMt-gT2ihh1SF7aYCNjnD0jBGEvyZMfv2SXJMXU0kcmlPHGzbnX_qZYHxLRa5znGAHUiMw&sai=AMfl-YS8Tqo29L7_eDdx4CK7qxIc7Ko1vLlTLOn1TKowciBpHhMPsESBaidtRirvp0VXmGsmwspU6_JPM3LLHVl2HLpA27cI8C5rUP7zWpF81r4bT-PDtjUqwzgv62hF7Y4&sig=Cg0ArKJSzJ8KFOKlsVeZEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
upfiles.com/	1970-01-20 12:48:28	Name: XSRF-TOKEN Value: eyJpdiI6IlVnYVc0RHhQYTlXY3pOdVhyNWFsTkE9PSIsInZhbHVlIjoiSW1DYTM4MXhQYXgwSm1INGt5a3ZrcVR3N3RyYlRCbTdLMG9ZNFgxMTRWS1NVdGRmOVhhWGxJdzlndEdnQ2I4Mk5YRDVYRkQ5cW85YnFBOWE3a2RVOVNzYm9kL214Qjk0OXBILyt0SGFOY0VVblJ0SitSakxCRUlJQ0FDZXVjcDQiLCJtYWMiOiJjNDg1ODk5MzQ0MmRjMDFiNWIwNmMxZWRhM2Y4M2RlMDkwNGM5NzkzMmQxMmU4NGJkM2JkNzYyMDU3M2ZiODNkIiwidGFnIjoiIn0%3D
upfiles.com/	1970-01-20 12:48:28	Name: upfiles_session Value: eyJpdiI6ImdDbE1OYmxOQWhMU2hhZkJ5RU04UWc9PSIsInZhbHVlIjoiMUF1SzNnOHJxaVc3MVU2WkllSXZqZWF5UitjbGhVMzZiUExvbVRXV0EwUHpPODhNTDdDMnFDVzlDakp1SWtZd0F1VjdzZ2hSNFJkTHQ5dWdOTEgwM0JVK2lRMlVqQ3owcUE4RnJvVEViMGs3UXhJSnhqNUROcHJwMzA3YzZPck8iLCJtYWMiOiJmZTE3N2VmMGFhNzZkNzU1YjZjZTMwOTc0ZjU3NTMyZTFhMTIxOTc4ZWQyOGVjZDI4ODZiMmU4YjJkYTBkZTdlIiwidGFnIjoiIn0%3D
upfilesurls.com/	1969-12-31 23:59:59	Name: auth Value: eyJpdiI6IkdrNHJ6dWFaV3pBVmFJNFpzK2hLTWc9PSIsInZhbHVlIjoiUzVzWW1OTzNJNHhaQkxlWlIxZW1rZz09IiwibWFjIjoiZTk4ODU3MDUwMjE0YmUwMjg5NWMwNDkyOTkwMzg2ZDJlZjU1MTRiNzFkMzA1N2Y0NTUyMTJiYmYwM2MwNGM0ZCIsInRhZyI6IiJ9
upfilesurls.com/	1970-01-20 12:48:28	Name: XSRF-TOKEN Value: eyJpdiI6Im5SbGNkYmdMQUJhWm9lYWgyNVJEZ2c9PSIsInZhbHVlIjoiZkN4bUEvWWhqSEFkVTJuS2MzZDVxWGszT1ZtdjdRZWxOTDFIc2d6YUt5dFlUeUNibjRGbnFGdmZweXN1WU8xWjZEN0l2Y3JaazFKR3EzdmRJWkhBT243UURiTzdmSUhQYlM0N2NsTk54ZWJHVWhjd1lrUkM4QnpLOG5hSlFzQVUiLCJtYWMiOiI2NDVkMDFkODE1Y2I0NzIwZDcwMDliODJlZTkwZWMzZmU1MWVjZWRlODA3YTM4NTYzNDBiZTBmNDBlMDVmZGJhIiwidGFnIjoiIn0%3D
upfilesurls.com/	1970-01-20 12:48:28	Name: upfiles_session Value: eyJpdiI6ImRhR1ZaU0tGbmdOdkV4d3gxQkREaVE9PSIsInZhbHVlIjoiOEI4S1RjY0ZZUnV1MUdTMEZCSkhCS3hObm95TStkNTQ5dGduMnpxaXBKY05vMys0UVdWSkQ0NTJOOUtldUpKcFYrbmRzR1BUbTdVaE1UaGlFSUVuc0U0RGhzZ0dJNkxIeDZwbmRvdkptZkkyZVdXK0xWSjVCbDZTdUlKc0V0N1MiLCJtYWMiOiI2MTA0Yzg5OTM5YmQwNmExZTc2ZGIxNjc2NGEwMmE2OWFjMWU3NWRlMzI5NzYzODg2ZmE0YWNkNjQ5NzVmYjc2IiwidGFnIjoiIn0%3D
upfilesurls.com/	1969-12-31 23:59:59	Name: ab Value: 2
cschyogh.com/	1970-01-20 12:49:47	Name: GL_UI4 Value: eJw9jd1OhDAYRPln1QWdhAfwEWiBXW%2BND%2BElaekniwvtplSIb29joldzMjmTCYIgqh4RblmC%2BEt0eH458UbyliuSbcOajncNZ0oKdpYnfuYd7qa1d0LO5BIc1kVY17stwXEkTXYa%2BsEoKvDkrb%2Fmqs2uE6TSCq0KpIs35gK5tGZfyVYxEi0WQvZ2scZnuohPYxEz1nqetOewRmTWKi7vkb9PWvlheUTE6rLMAjzcZuE%2BjF36SWUh0tEKRQhfcRiEo9HYb%2BSK1qszN8DMqv%2F3f3%2FjndXIFG3T4M%2BNu5D9AWmMTYI%3D
cschyogh.com/	1970-01-20 12:49:47	Name: GL_GI10 Value: eJwtTj1PwzAUjJ8SQxFYPSk7%2BQOtGpWBzinQoUAnhmxPrikWxIlsF4l%2Fz0NiOt3pvoqioPoG5CeYdn2%2FbDeb5R%2Bs76BOoO0DyAZcPLk4cPiBiqCdaDGg2rmUHJQFHiOHz%2FdzzA0PzTP7AOUx33Jmy8PU7P3gszuCQsKsG%2BM0Rs6SnLQC5VGTzPv62gh2vbmCPkQ%2BnZ2sWFC7MpemNhpV1y%2FaldyxUtIv%2Fj3qozLzUqxfJVRC%2Bfp2eIHKQr4rUDrWhbnVs19yfDHq
.upfilesurls.com/	1970-01-20 12:48:23	Name: __cf_bm Value: VycusiIspeshoM7EVtZ7uPo6AnfsXjV32YJc7hYWAVc-1687701505-0-AZHXmED1zodhDsLr295wCaKEuhRcsZldVIa3MIMPCTm9w/8LZKsvzn0eB70+iTNNJA==
live.demand.supply/	1970-01-20 22:24:21	Name: demandSupplyTi Value: 9ac25c31-c83e-4871-8e73-6d9182be28f2
.demand.supply/	1970-01-20 12:48:23	Name: __cf_bm Value: OdkrCXtqKFhT9oLrkydRUjU.BIoJVgAAIU22XBXf8.o-1687701505-0-AdMU0PEi+i5Pqz/II5G/4/MwXzh8hG3fmkCThUAkAkmmgl1VsMvVO63yOet7GU8JI+OnLrx4ErXUaIP3ILxy2Ns=
.upfilesurls.com/	1970-01-20 12:49:47	Name: _gid Value: GA1.2.479652990.1687701505
.upfilesurls.com/	1970-01-20 12:48:21	Name: _gat_gtag_UA_197252557_1 Value: 1
.upfilesurls.com/	1970-01-20 22:24:21	Name: _ga_75C4L64NEB Value: GS1.1.1687701505.1.0.1687701505.0.0.0
.upfilesurls.com/	1970-01-20 22:24:21	Name: _ga Value: GA1.1.1523282048.1687701505
.criteo.com/	1970-01-20 22:09:57	Name: uid Value: 11845ca0-c812-45a7-a296-244739067bfb
.upfilesurls.com/	1970-01-20 22:09:57	Name: cto_bundle Value: 7Lowc19mR0JCYURubDlBWTlwT2hZZHAyQ1VVbmdUaCUyQiUyQld4UGJkM2xBempMNWNSYVcyVWxGJTJCTzF3cTVqYzJYOFJzZEkwMzFUbUxrZDN5S0FkNGVYTiUyRjVNVVA0a2pidERYREFsJTJCUnpXekVwVjNuRDYzRFJsaUU0JTJGRjlxTXpKRnUxQ05VR0tGQWxHSXBHc29JaFYlMkJRWXhkRzFiUSUzRCUzRA
.doubleclick.net/	1970-01-20 22:09:57	Name: IDE Value: AHWqTUmixW6btYR81ZKuY6iWNj9NVEdErdVGKv-TrttpxI6iW5xSPBaw-rD8wAxxt9k
.doubleclick.net/	1970-01-20 12:48:22	Name: test_cookie Value: CheckForPermission
.upfilesurls.com/	1970-01-20 22:09:57	Name: __gads Value: ID=84f61950728fdcc5:T=1687701505:RT=1687701505:S=ALNI_Mb78SDSajo2vbITyGViRXL9A-6C4A
.upfilesurls.com/	1970-01-20 22:09:57	Name: __gpi Value: UID=00000c345dd7b8d5:T=1687701505:RT=1687701505:S=ALNI_MaAPd0QQmJz9MsTLusnzSddUQwZfw
.doubleclick.net/	1970-01-20 12:48:25	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16346139938887045070/index.html".
javascript	warning	URL: https://upfilesurls.com/wbmWHW Message: The resource https://live.demand.supply/p4/v16-10-0/dXBmaWxlc3VybHMuY29tLw== was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8e59bef58cfb493ca1bbf9ba817466d1.safeframe.googlesyndication.com
adservice.google.com
asacdn.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdntechone.com
cschyogh.com
datatechone.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
upfiles.com
upfilesurls.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
youradexchange.com
securepubads.g.doubleclick.net
www.googletagservices.com
108.138.36.46
139.45.195.253
162.19.138.119
178.250.7.13
2001:4860:4802:32::178
2001:4860:4802:32::36
23.109.87.190
2600:9000:225b:c600:a:e047:753:be1
2606:4700:10::6816:3456
2606:4700:20::681a:98a
2606:4700:3030::6815:565
2606:4700:3031::6815:480c
2606:4700::6810:8516
2606:4700:e2::ac40:8b25
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:d::d
2a04:4e42:200::485
2a06:98c1:3121::3
34.96.70.87
35.190.39.111
99.80.64.147
0d1838923cc20962713034287f77088ad927999aa9747557e03473b4d12fcaa6
0ea343468d4f70cb161ceb6cfdfbc50a8d23b33cc39a9a1ea60be204bc39c39d
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1faae0f8f478a645d80f390a091d751027aa8f1abf6dfcba46191e298ed62f3d
2089a5256a870c3b4baaa42da8eceeb6ebd662d07fb2a897c00c8b8fe29eedfb
22f418c33faa6c31cfe76fab61c5fe1bb9c5031dc4fe5602ef8fd802581aff30
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28b2411d1842bd8fe96982593e4810c5effec398042f57e5f63c3192686223e3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3349f90f1da5e8e9c8234aaa9b932f3157e8dc2ac7c67852d2c531fa9e80f082
33613d442dd3f6abef01c9bee884b9aa828f42820ee62da8b86ad5a9ea7f58f2
355402f0765aa42f5bd56db57fc2f93af8d826c6218c83d2ee14404debdedb42
387a63e314f5fdb0a7ec0a0e38d457e8c86b46e76a866dc112e823ca53cf3392
3a6496c9ba51de9268160abd403069b72cbf8a70bec8c61f3df9f0fd119aa953
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea
3e1780fcf095277e5932ebe4308ba7c209a0ffd929e80fa1dac9de7efaacb043
42560ef9cd88b29d780c7b1b9dfacd9ebcce9d6a786377f06ac4c85ecbffac33
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
45c5876825cf27c94b1e0971ec8376ec88956d1a5ba72ad484a798848526f184
467d23dee5e3ba7f6eeac766fb074fe5e014fec821ce6b6c6cfac4426c8707c5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
5205d82d1d2c123750422c2df49da8d9931d41350b9c27eb132f9b5a2811589d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
57242f255f0bbf6ce623963c83d6212694af13c5e075b42ad1f54db7ff82894c
58e045f5cc886898a55d4450daffaa78bc91f481333bd7d8ccf5c806e1ac6e62
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c
5d006ac6330b275580c20d0d0b58d644494ba6cd63f871288d15ce9202968458
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f402b53d80e27a61dd7f1a316749c1bc55b336872d462e09c15561f59c33a3a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f7d9eaabbfde4b1fe0a802ca35b9bc8ce06e6d585a0a10071c155c6bcab518
62d470ad1f870bc28185b4c1b25fa54270b67c42af16867b429e43cbe7537850
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5
6b30aaaa21366d52f75323f59949ba8520cfec50fa89ef9aa9a165687348aa5d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
758519148bca76af1cfe30b12896dc40207967dd283a8aec6281588d07cb433a
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
85ddc392229d7f49fb8f025e702215240eaaa54f28b4a6b4975182c9db7b90ca
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8dd8d05118a2d083ee3b429fcaaf069ab9f1f79ee743d4546483be8873f7e16b
8e199b4acaba04f13ab3fcf9c95a4a26c3b6468462a5840365fbd3c3b780bd49
923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0
976df8c6fc830abbcba51b76b07f7b795fbc02d466ddd4530861161464f14dd3
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322
9d4c6510b9b5c317fc37ee5267406a507cb0437179d5847817af5f46afcd0325
9e77a8935e41b4ee544ec6312b5c155fa143740a3e6839d1fe2f246884145563
9f980609e1349b9d2934f84124a28ee78ce85651f4620ddf77f53391525f0d7f
a0d416e0d8c2f3cf85766fd36b0503061e67a485bc2130ad4559e7c1d9e75d82
a26c30f9f6dcdf84d05a4bc923ba8b51306d18f165c1bf7d8f8c802d5e3d70be
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a52397ac20d14b7063c608f61261318da8ecb23fe996f92803563b060ba13ce0
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6
ab6608273f8d3c48c4080e531a5f99a8365dac7245e362cdb57c59e024b20a94
ab96517554d166fa0fcb14d01f8930b4b7ffec6637bebdc42d7b389c72f6df77
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0bbeea353baa206119b544cd5ef1972b620a3ebb99fc0253adc27e19d6bab9c
b127fac4cc6707a510e3bb39b4ca7c4e7f9df01d06b9d72988c9a02792a0d0fb
b7251f253a7f14b9f7946a59d2003dc87be21baab047d4394e3cf2802d6d01e1
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c0ffa651cec5c4c05bc751cd2e56792bd4aa449762ca625dfa51280c5e2278bf
c4c635758a1a2f6419fa68cf838794027bbce0b3b725ddad92d6f70043af1500
c7ca1d475d75b95f330757ed1eef0d5e2a0a63372d968c31c9ffe3159f29b141
c7fc5c1dcaab369b460b277e1095633fb4a3ad90932355b2543a45ed8a91ea4c
cb88589ff6e8312eb04ddeeba17adcdbc1790ccfaa9dbb0854a196473965460a
d0d7d65a05781a607c3ec02a62ec4e781e44423f04a3e2c046c93e5878c99d4b
d37eea3a77597d079cccca5118edc840165fc85a98d0c278729975099a074eb0
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d
dd7fcadf77947aedfa9df2220b7b33ae98b978e617e5c1100c1dd422d31a5fda
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f495563692eb81977dea50d6a3439778d73853af335dec0037ea6d78995eb2
e51161fcc5b2c4b90c3381e517152eb275d52a6c288954e502479d7421386240
e87e0991dcfaa2c7b015d284d8b5d872363eb52af458b63c8449351b4b24612f
ed02c56fa1309ff0c191fb46c9374aee10215584792ae70d90c0e3165d06a4ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e9c5ee6f84f7f34f2ba8fd2f01fa7574343afd0e09e64691245ce1745528f6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f769a691ad614afe33ef302c42f99513243049536b3cd273135467e35870454d
f805775028682191c81ac336379aba3e622c0cf516c0b124d12cad24016b7b21
f9518f4b66ec416aaf33168598d4f4dc33186f8daa2476c70a4a330342813bb3
f97e21f3eec9e3e533d436de3a395dd755e1a309ed6e05282c16fe0c11f523e6
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

upfilesurls.com Open in urlscan Pro 2606:4700:20::681a:98a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

96 %HTTPS

76 %IPv6

25 Domains

34 Subdomains

34 IPs

6 Countries

1577 kBTransfer

4579 kBSize

22 Cookies

12 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

upfilesurls.com Open in urlscan Pro
2606:4700:20::681a:98a Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

96 %
HTTPS

76 %
IPv6

25
Domains

34
Subdomains

34
IPs

6
Countries

1577 kB
Transfer

4579 kB
Size

22
Cookies

134 HTTP transactions
4 data transactions