filelu.com Open in urlscan Pro
104.26.5.69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://filelu.com/znh9ad2t1zdu
Submission: On August 31 via manual (August 31st 2022, 6:33:49 am UTC) from DE — Scanned from AU

Summary HTTP 129 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 36 domains to perform 129 HTTP transactions. The main IP is 104.26.5.69, located in United States and belongs to CLOUDFLARENET, US. The main domain is filelu.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2022. Valid for: a year.

This is the only time filelu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	104.26.5.69 104.26.5.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	172.217.194.154 172.217.194.154	15169 (GOOGLE) (GOOGLE)
12	74.125.200.155 74.125.200.155	15169 (GOOGLE) (GOOGLE)
5	104.26.6.142 104.26.6.142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.63.54 104.21.63.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.12.97 142.251.12.97	15169 (GOOGLE) (GOOGLE)
1	172.217.194.95 172.217.194.95	15169 (GOOGLE) (GOOGLE)
4	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
2	172.217.194.97 172.217.194.97	15169 (GOOGLE) (GOOGLE)
1	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
2	74.125.200.156 74.125.200.156	15169 (GOOGLE) (GOOGLE)
2	142.250.4.154 142.250.4.154	15169 (GOOGLE) (GOOGLE)
4	172.217.194.102 172.217.194.102	15169 (GOOGLE) (GOOGLE)
2	172.253.118.132 172.253.118.132	15169 (GOOGLE) (GOOGLE)
1	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
11	142.250.4.132 142.250.4.132	15169 (GOOGLE) (GOOGLE)
1	34.209.30.241 34.209.30.241	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
5	74.125.24.132 74.125.24.132	15169 (GOOGLE) (GOOGLE)
1 4	142.251.10.106 142.251.10.106	15169 (GOOGLE) (GOOGLE)
2	104.16.201.58 104.16.201.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.120.135.53 34.120.135.53	15169 (GOOGLE) (GOOGLE)
2	104.16.120.195 104.16.120.195	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	124.146.215.47 124.146.215.47	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	13.224.250.50 13.224.250.50	16509 (AMAZON-02) (AMAZON-02)
2 2	13.227.254.100 13.227.254.100	16509 (AMAZON-02) (AMAZON-02)
2	172.253.118.95 172.253.118.95	() ()
3	74.125.24.94 74.125.24.94	() ()
129	32

26 104.26.5.69 (United States)

ASN13335 (CLOUDFLARENET, US)

filelu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.194.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.26.6.142 (United States)

ASN13335 (CLOUDFLARENET, US)

protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

oaphoace.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.63.54 (None, )

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net

chart.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.97 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.102 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net

156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.30.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-30-241.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.10.106 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.201.58 (None, )

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.120.195 (None, )

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.47 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.250.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-50.sin52.r.cloudfront.net

cr-p3.ladsp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.254.100 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-100.sin52.r.cloudfront.net

cr-pall.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.118.95 (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.94 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	filelu.com filelu.com	255 KB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159	349 KB
16	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	237 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3064 google-bidout-d.openx.net — Cisco Umbrella Rank: 2947 us-u.openx.net — Cisco Umbrella Rank: 399 jp-u.openx.net — Cisco Umbrella Rank: 9434	2 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
6	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 334 www.google-analytics.com — Cisco Umbrella Rank: 45	18 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 361	109 KB
5	protagcdn.com protagcdn.com — Cisco Umbrella Rank: 77141	122 KB
3	gstatic.com www.gstatic.com	15 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 371	2 KB
3	googleapis.com chart.googleapis.com — Cisco Umbrella Rank: 21233 fonts.googleapis.com	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	215 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	94 KB
2	ladsp.com 2 redirects cr-pall.ladsp.com — Cisco Umbrella Rank: 3699	1 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 407	7 KB
2	glotgrx.com pre.glotgrx.com — Cisco Umbrella Rank: 6857	392 B
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 631	141 KB
2	yabidos.com pixel.yabidos.com — Cisco Umbrella Rank: 6689	25 KB
2	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 91302	957 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	87 KB
1	ladsp.jp 1 redirects cr-p3.ladsp.jp — Cisco Umbrella Rank: 22525	224 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1000	853 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3290	8 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 3504	904 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	16 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	693 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 941	5 KB
1	oaphoace.net oaphoace.net — Cisco Umbrella Rank: 150394	357 B
0	yandex.ru Failed an.yandex.ru Failed
0	inmobi.com Failed sync.inmobi.com Failed
0	3lift.com Failed eb2.3lift.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	yahoo.com Failed pr-bh.ybp.yahoo.com Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	googletagservices.com Failed www.googletagservices.com Failed
129	36

	Domain	Requested by
26	filelu.com	filelu.com
11	tpc.googlesyndication.com	pagead2.googlesyndication.com filelu.com tpc.googlesyndication.com 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	filelu.com pagead2.googlesyndication.com tpc.googlesyndication.com 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	filelu.com securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com filelu.com
5	protagcdn.com	filelu.com protagcdn.com
4	cm.g.doubleclick.net	1 redirects google-bidout-d.openx.net 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
4	www.google.com	1 redirects filelu.com tpc.googlesyndication.com 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com
3	www.gstatic.com	156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
3	match.adsrvr.org	3 redirects
3	www.googletagmanager.com	filelu.com www.googletagmanager.com
3	cdnjs.cloudflare.com	filelu.com cdnjs.cloudflare.com
2	fonts.googleapis.com	156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
2	cr-pall.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	us-u.openx.net	google-bidout-d.openx.net
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	pre.glotgrx.com
2	static.xx.fbcdn.net	www.facebook.com
2	oajs.openx.net	1 redirects
2	pixel.yabidos.com	protagcdn.com pixel.yabidos.com
2	156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.com.au	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	ssl.google-analytics.com	filelu.com
2	connect.facebook.net	filelu.com connect.facebook.net
1	cr-p3.ladsp.jp	1 redirects
1	tg.socdm.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	www.facebook.com	connect.facebook.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	chart.googleapis.com	filelu.com
1	use.fontawesome.com	filelu.com
1	oaphoace.net	filelu.com
0	an.yandex.ru Failed	156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
0	sync.inmobi.com Failed	156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
0	eb2.3lift.com Failed	156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
0	sync.srv.stackadapt.com Failed	156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
0	pr-bh.ybp.yahoo.com Failed	156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
0	a.tribalfusion.com Failed	156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
0	www.googletagservices.com Failed	156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
129	46

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
protagcdn.com
t.me
www.reddit.com
web.whatsapp.com
www.pinterest.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-16` - `2023-04-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.protagcdn.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh
oaphoace.net R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-09` - `2022-09-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-08-09` - `2022-11-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://filelu.com/znh9ad2t1zdu
Frame ID: 4415DF24B19CB5EDF4258FB9ABD00263
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Frame ID: 583786691EA23E93096D703B1AFDEE73
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2736668317404366&output=html&adk=1812271804&adf=3025194257&lmt=1661927622&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661927620405&bpp=929&bdt=825&idt=1682&shv=r20220829&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2628638801627&frm=20&pv=2&ga_vid=1285931803.1661927622&ga_sid=1661927622&ga_hid=464623156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069218&oid=2&pvsid=221103372424996&tmod=373562574&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1700
Frame ID: 2A221F3DC80FF7E6CBFCAC2AA6705DCC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2736668317404366&output=html&h=280&slotname=9428671726&adk=2557676952&adf=1823596959&pi=t.ma~as.9428671726&w=1120&fwrn=4&fwrnh=100&lmt=1661927622&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661927621344&bpp=7&bdt=1764&idt=765&shv=r20220829&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2628638801627&frm=20&pv=1&ga_vid=1285931803.1661927622&ga_sid=1661927622&ga_hid=464623156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069218&oid=2&pvsid=221103372424996&tmod=373562574&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ooPrPQpaQY&p=https%3A//filelu.com&dtd=770
Frame ID: BE9050DA9AF0F3FE7E184C7B47C729F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2736668317404366&output=html&h=280&slotname=9424582466&adk=474998563&adf=2498035131&pi=t.ma~as.9424582466&w=980&fwrn=4&fwrnh=100&lmt=1661927622&rafmt=1&psa=1&format=980x280&url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661927622450&bpp=14&bdt=2870&idt=14&shv=r20220829&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=2628638801627&frm=20&pv=1&ga_vid=1285931803.1661927622&ga_sid=1661927622&ga_hid=464623156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069218&oid=2&pvsid=221103372424996&tmod=373562574&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ritbegIlV7&p=https%3A//filelu.com&dtd=18
Frame ID: 743B7DB258F537F3EB2F24EB8A04A253
Requests: 1 HTTP requests in this frame

Frame: https://filelu.com/fileinfo/docx.html
Frame ID: D80B9C9624DBD0C9B7137B304A3407AC
Requests: 1 HTTP requests in this frame

Frame: https://filelu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661918400
Frame ID: 083F67F3D345BB3F5F5A33480B054CE8
Requests: 3 HTTP requests in this frame

Frame: https://protagcdn.com/check-bot/index.html
Frame ID: F5C88D106CCF9421DE0D6E339A7BBBC9
Requests: 1 HTTP requests in this frame

Frame: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2FA2616FF65631A46A41699A906CA608
Requests: 1 HTTP requests in this frame

Frame: https://protagcdn.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661918400
Frame ID: 159F1D3064E8ACD0D9F33EA7BEC0F57E
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v9.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe3ac3d6591ea8%26domain%3Dfilelu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffilelu.com%252Ffdeebada95c16%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Ffilelucom&layout=box_count&locale=en_US&sdk=joey&share=false&size=small&width=28
Frame ID: 1FD7CAA0DDA72691FCE9095BC8674436
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: FBBD503010E01BE23A88A2C1FD83C242
Requests: 13 HTTP requests in this frame

Frame: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=filelu.com&s=filelu.com&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=280&w=336
Frame ID: 26A002337370AA195F1115938F6595D3
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7458F2723DC8EB015F48BCAC07BAAF75
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 358B2A4A4148FE7FB4010F80F3427904
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=filelu.com
Frame ID: 45EE6EC3A605E08C7C70C5E8C408F980
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: BEE8D80800B879D4EBD3890B2DF88FEA
Requests: 6 HTTP requests in this frame

Frame: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 761C80B8C61FD7D0B5C63E897CB15FDB
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AD7A89F3BD035A26CF1F32A0C59132CE
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 731C6C0E3146058A3BEF1F538DC17391
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download Viking Axes and Swords docx - 14 KB

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

129
Requests

89 %
HTTPS

0 %
IPv6

36
Domains

46
Subdomains

32
IPs

5
Countries

1724 kB
Transfer

4845 kB
Size

28
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/filelucom

Search URL Search Domain Scan URL

URL: https://twitter.com/Filelu_com

Search URL Search Domain Scan URL

URL: https://protagcdn.com/r/adplus/?utm_source=filelu.com&utm_medium=banner_ad&utm_campaign=logo_click
Title: Ad.Plus

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://file.lu/d/13Hp

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://file.lu/d/13Hp

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https://file.lu/d/13Hp

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://file.lu/d/13Hp

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=https://file.lu/d/13Hp

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://file.lu/d/13Hp

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://filelu.com/znh9ad2t1zdu

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://oajs.openx.net/esp?url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&rid=esp&cc=1

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://match.adsrvr.org/track/cmf/openx?oxid=6b6f0e90-a1a5-7102-fb2d-379a1ef12ab5&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=6b6f0e90-a1a5-7102-fb2d-379a1ef12ab5&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cdcc5892-1030-41f2-9692-65ea219e15a6&ttd_puid=6b6f0e90-a1a5-7102-fb2d-379a1ef12ab5&gdpr=0&gdpr_consent=

Request Chain 95

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yw8AysCo8X0AAHIS1t0AAAAA

Request Chain 96

https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Acl9ujvZ344Hks8ADsd_uRgRn88AAAGC8psYLQ

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN06QVwm4YEsEnDf2eySOwg&google_cver=1

Request Chain 122

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEP8yLZKsE7ueMBdEztwPCbk&google_cver=1&google_push=AehlK4CzuAOTLYpPAMJlxjw3AJ8IKInpXYfTKT5ZotLuSoBnpZDYLtSVy9QfGRCX3547Gsnxb4uPnizhaKmoXfDGSV-ooxcx1JTtAQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Y2RjYzU4OTItMTAzMC00MWYyLTk2OTItNjVlYTIxOWUxNWE2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=cdcc5892-1030-41f2-9692-65ea219e15a6

129 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request znh9ad2t1zdu Show response
filelu.com/ 190 KB
60 KB 2479ms
2279ms Document
text/html 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

750a4e6696214cfd2031b006420f37eebc61423b40bba2e41bfc40cf39d86be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7433bc586c80fe99-MEL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 06:33:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 30 Aug 2022 06:33:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSV8pGUM2%2BQOPgtWlrGiMZKZITyZn8mpS0VQn1BrBeBeMNKGn7rFsK8eDJdPDTQs69FR8k26tRkeRKCPqEsb5HDsZ0jWRXLpD1Xs9OpkMU2XCtbC%2FtpUFg1quBE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 540ms
193ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

fb6a0bbe92423e25430dc3c39248b7fac9baab4a4287312ac02b5fbac00342d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57351
x-xss-protection: 0
server: cafe
etag: 254006030837692356
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 06:33:40 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 518ms
171ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

sffe /

Resource Hash

e39205bb00318514e8691ed9b0b03cd78664511554fd0b2216dc41b511c0eed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28565
x-xss-protection: 0
server: sffe
etag: "1319 / 287 of 1000 / last-modified: 1661897301"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 31 Aug 2022 06:33:40 GMT

GET
H2 200 site.js Show response
protagcdn.com/s/filelu.com/ 335 KB
98 KB 967ms
776ms Script
application/javascript 104.26.6.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/s/filelu.com/site.js
Requested by: Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2376f1ca88d8e017aa73da8be90f875323c4ce590a17143931f494a846f9d498

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=343578
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Mon, 20 Dec 2021 14:40:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niyiAP%2Bn9yTUgNQCgt2SszGn6X%2B3pwrfled9KasjT2vwGe1XWGPcXExteXRg8dfybx3nBoSJL36yFMUxQ2xIMcatuF622cIAoqAMTpFUh8jXAGbYQqzv4faIZwifZIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7433bc72cd555aa8-MEL
expires: Wed, 31 Aug 2022 07:03:42 GMT

GET
H2 204 5336107 Show response
oaphoace.net/401/ 0
357 B 1053ms
348ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oaphoace.net/401/5336107

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: f14a78ddcbee02193aca40fdd923716e
pragma: no-cache
date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 bootstrap.css
filelu.com/css/ 117 KB
20 KB 1092ms
1086ms Stylesheet
text/css 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/css/bootstrap.css

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af5234873fe6e9715ce0e8bc1b9916a219c9b3d114b6b5c345547a13ab1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=144318
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 22 Jan 2022 04:21:00 GMT
server: cloudflare
etag: W/"233be-5d624100ce300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzS9CrF4ptdga%2BcCnpLRslWdhVD8zi6tkWBxYamYg81Y4yTn3JcPc%2BuJB1GnGUqjWCZUbsqvLnQ550lbYmpevzykB5jMWsSLJV2TPgPr6fBmkfxoVSK7AtHQuwU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc6aaee2fe99-MEL
cf-bgj: minify

GET
H2 200 style1.css
filelu.com/css/ 75 KB
14 KB 1087ms
1080ms Stylesheet
text/css 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/css/style1.css

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965295e19a52ff860d7d3dabc0124eabb3fa3b9e9d76da946a4b04d0947e179b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=100249
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Aug 2022 03:26:21 GMT
server: cloudflare
etag: W/"18799-5e6676dc1f140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ2LvHcsMGUT4%2FrjiRNADnIOOq4LMcrvbqfjJfKM2ByIrPQGA2C6pk77QfWEUpjGXUjgEjk1hPSgwWCtP9cY3rbOo01CyCgxaeV2h9286J080pYIYcwZOvjEA2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc6aaee9fe99-MEL
cf-bgj: minify

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 281ms
98ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1151651
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjeNC88TkWUduoCCZ2yiJitELS4AFXYQR1l2PJMYxn8LZRZbCXWcMvep71m7QfGvi9fAnBhrP51xTUPSi6Fi%2F0zfnVtom6Yx7QECZRs2B4oXs2lSyv%2F5X9oh0OJrSIhae0AiZ2X%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7433bc6bca3d5abc-MEL
expires: Mon, 21 Aug 2023 06:33:40 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.6.3/css/ 66 KB
10 KB 854ms
671ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.6.3/css/all.css

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e71ae16087213b71765c34db3d87fe6bb1fb23a51d33c44922c6e5c1275077

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9848
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-10738"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdXaa8G1IgB7ylEHP%2BodvhcsUIXdUCbadLTTcJorpQdayrR7cR9X7sElF0JXaSguugyVfx3faYZCV0HYGDQZmCtk5hOm8b8za0B%2B7k76LJ8yNCqNiMGUMpWIhUiWIIZPRYWrBCJE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7433bc6bca3e5abc-MEL
expires: Mon, 21 Aug 2023 06:33:41 GMT

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.1.1/css/ 26 KB
5 KB 295ms
106ms Stylesheet
text/css 104.21.63.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
Requested by: Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1458c65cd927c3e5bf35667665280eaaf849eef09ed217983334c5c8a78f6759

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12802568
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SMPETJD9P7XD5JS1
x-amz-id-2: q/Dkb+hV3D03NhiWG4JERtFoZYMdiwLReQJyCvp3bPmFn45RWmwJ9yoiTyF0yU5p9ymIyfK42e0=
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
server: cloudflare
etag: W/"01727b5056f65c2ac938f5db4e552b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZObQWPHGK%2BDtxkm7co5hRR%2FCvjCds0VPf8hvCfZp0ol2bkJ1%2B6Z8CCwsqe5AqVTYivNmk15aXWhfSX8CQxUx%2B%2BSLGeKnZI7KL%2F%2BwDpPmSW43n9lL7vacMMAWiRNNr%2F4laLQwCKl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7433bc6bc80d17ca-MEL

GET
H2 200 checkboxamenu.min.css
filelu.com/css/ 1 KB
771 B 1093ms
1088ms Stylesheet
text/css 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/css/checkboxamenu.min.css

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1409a591c1d605f023893e8577f99d1ca3c3759733a55d86518a8689dbfd2c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 04:23:04 GMT
server: cloudflare
etag: W/"5f2-5e434f5091a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSKuPg4pVdeSFU0j5EQrwWwpYnGC9J1CRvhXCgQXqhCBAY9KKLplKc701QC7yBcdDLvoW8uRIpvJJOsRm09hywra7keyiku97qXJwA8i4DTgpBOd%2BAKeeEgjyLY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc6aaeebfe99-MEL

GET
H2 200 jquery.paging.js Show response
filelu.com/js/ 5 KB
2 KB 1091ms
1086ms Script
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/js/jquery.paging.js

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=19364
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 22:54:30 GMT
server: cloudflare
etag: W/"4ba4-5e5eaee7f9580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Je9NecUmj6w2mfElY9iogvnycGsz6SohT3ImT1RRaiwlxf93flUeI3cw1XrsCW2q%2BHszaz3o6Oq%2F3UhOimOcW1Bcvy1oCgWsnHRfJ37YjlRg3lthYa%2Fo0Grag%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc6aaeeefe99-MEL
cf-bgj: minify

GET
H2 200 paging.js Show response
filelu.com/js/ 1 KB
860 B 1104ms
1099ms Script
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/js/paging.js?r=1

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fc96bd4bbaeb5f4f6b9ea81d2f995711064f7ca8e90362892122de20bbfba2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1879
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Aug 2022 07:57:08 GMT
server: cloudflare
etag: W/"757-5e5ca476c7d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONPTyE%2FGJCA29%2FqyQ3V1zcxhIghXNGPoUEocOKlN4xzfPGnkhUQhlHQX%2FtDUlF4IPeLHEOFuS0DjXB4PGVAeEFs8TMkkr7JZ9L3igJ%2FW0mjfVQ7NUsslWFVZfWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc6aaeeffe99-MEL
cf-bgj: minify

GET
H3 200 jquery.cookie.js Show response
filelu.com/js/ 2 KB
1 KB 1264ms
1260ms Script
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/js/jquery.cookie.js

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

250e367ff82ec35e8bdfd782251214c82c9f22640a2b994ecbfdb185c1f28f56

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3121
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 28 Oct 2020 21:38:00 GMT
server: cloudflare
etag: W/"c31-5b2c1fa389e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0Qqzev90GDNN4YNqFa4bgTnfHsDy3%2Fhckn09GaczuWzphbscfeNdfWaG28rZ5uYTf9ZbpTtaeT0AwBioZ5PsXtiOHMAoHSSLlhCEeEbjlHk9sCP3crChbH4gYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc719ab5df28-MEL
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 533ms
184ms Script
application/javascript 142.251.12.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-20S72BHN7V

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

8cfc0e6e92e8fd92ebbe0f6b373f8cff7dabe9e360ddbc470b1fb81d9f7af366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72977
x-xss-protection: 0
expires: Wed, 31 Aug 2022 06:33:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 820ms
471ms Script
application/javascript 142.251.12.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YWJJW1GM8R

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

dfb04b1e28e18315d65a0079165c77c506ea319565a8e7ba672ccdbf44c09888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72986
x-xss-protection: 0
expires: Wed, 31 Aug 2022 06:33:41 GMT

GET
H2 200 upload-chunked.js Show response
filelu.com/js/ 7 KB
3 KB 1096ms
1092ms Script
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/js/upload-chunked.js?f

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d92dcd1f2122340f07cb71b2fd9674dc587ca9931f8d9b1434c4e35145675b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=10326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Feb 2022 02:29:35 GMT
server: cloudflare
etag: W/"2856-5d7a0b89401c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FRGeP0%2F6bmZuH%2Fj7pCMr1zoFlizaGy%2B%2F3HdBPFbVZ6WhARk9CQPrr3BVLouQAhxv8oBFCjJHgu0xtKGihID1WEdIv0NMqphZAfvNVB3MW663pNyT5p1QhnqIeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc6aaef0fe99-MEL
cf-bgj: minify

GET
H2 200 dragndrop.js Show response
filelu.com/js/ 812 B
752 B 1086ms
1083ms Script
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/js/dragndrop.js

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d883a7a53b5f1c29c6fc0610278e980052e0d7b5b33c82d76fd69722c2414b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1170
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Sep 2018 16:41:40 GMT
server: cloudflare
etag: W/"492-5753690b4b900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jr819518WjL4e6Ge5MldA9KI853O4wJtzmVwYeVWBuxp%2By3c6EHYWUJDY1spF3kKRzztfAO1d%2FKT%2Be0qB75r%2Fype2%2Bj1QbRM3zo7biFMCqIvhDbvvbCwSoTZ%2B9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc6aaef2fe99-MEL
cf-bgj: minify

GET
H2 200 multiselector1.js Show response
filelu.com/js/ 5 KB
2 KB 1094ms
1091ms Script
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/js/multiselector1.js?r=5

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

156bd7cc6cd754ca14e6783550cb2592a9550196dd9fa8f2c722085cde5298f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6837
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 19 Apr 2022 22:23:02 GMT
server: cloudflare
etag: W/"1ab5-5dd0951e59d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jnVFiQbMrHYVtSupQ1ouNYSoZVZFpCzueJ6Vr9%2B3D8yIqHkt%2FTDOTtRLkAPCg1FIdyINpupCNrA93zuRkz2yyko%2BJgtxAN8zGMHvktwlCaiy8fMezGF7mf1kdE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc6aaef4fe99-MEL
cf-bgj: minify

GET
H2 200 mis.js Show response
filelu.com/js/ 212 B
440 B 1085ms
1082ms Script
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/js/mis.js

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

147fc0423529f792d30c6f4eaf00ebb7f7ae719d2abf7a90add87c0e97790743

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=289
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 03 May 2022 15:38:23 GMT
server: cloudflare
etag: W/"121-5de1d4c88b9c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5UbGctRHZiOUKK16I9XEvnW%2FszsLtlEOSXDdMMq8lfqyuWn%2BD2RLclF6IzdiUExBnLu7TMU8HWcB0kpX6LWR9cmRJsAOP%2BCFE%2B56AeQT63%2BlMWjkD5iXX2Ga7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc6aaef5fe99-MEL
cf-bgj: minify

GET
H3 200 cloud100.png
filelu.com/images/ 3 KB
4 KB 1086ms
1082ms Image
image/png 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://filelu.com/images/cloud100.png

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aff077b0ed0110022945a078db50f530a7c618cc28574cd94e0fe0b6c36af0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4338
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3064
last-modified: Wed, 06 Jan 2021 03:51:09 GMT
server: cloudflare
etag: "10f2-5b8333bc28540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4ZczxA1Xd9YfugUvB6%2FUJimeu9ux2I1MfxHqKLsfe8is105gm9HqLmeCZoWaMPTqbEtwPfKjUzeyLiWc4ij1hSdjpe%2F%2BHqroMdNDAzdWDmWXpnNMwHN1WmCNkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7433bc719abadf28-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 logo406100.png
filelu.com/images/ 6 KB
6 KB 1088ms
1084ms Image
image/png 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://filelu.com/images/logo406100.png

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dd6adc3332598dc8fa19b97ebd1a9bf76c77631476b78e5ecd66222743c7ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7341
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5829
last-modified: Wed, 13 Jan 2021 20:16:15 GMT
server: cloudflare
etag: "1cad-5b8cdcfa421c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YT6bnrMlxNcVq2p9xI2%2FYwIHb3tPhoErlTlI2u2OFQbtxc8NZ%2FKk1daUxB%2F8p09wyWz90V%2FEKi6Lkduy0LpU9tVfJUAHHwQQZ1SPmZ4z400cI536wZ5%2Fmbamwkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7433bc719abbdf28-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 countdown.js Show response
filelu.com/js/ 484 B
844 B 1099ms
1098ms Script
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/js/countdown.js?rand=dfgfg

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68c8b1ff1f38e8c5e7ad80fc75f225610ec3a9a6d3319516785d79336f82d746

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Sep 2018 16:41:40 GMT
server: cloudflare
etag: W/"272-5753690b4b900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzYXSxEG%2F6c6ffdHzeP20nCcJl6jM%2BD7caROItmEsaxMXsxJ5VL7tiYUWU0ww5yjeSx5dQq02dIEUj4uH4GVgNURfpwME9xXoC7Mfpybbi%2Ba1P%2BllkDh1GPlLk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1800
cf-ray: 7433bc717a9bdf28-MEL
cf-bgj: minify

GET
H3 200 docx-128.png
filelu.com/images/icon/ 10 KB
10 KB 1264ms
1260ms Image
image/png 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://filelu.com/images/icon/docx-128.png

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d90330fc1764b24e386fd996eddeb79d6468dc845cc7bbaa5f0b0184cd037a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10158
last-modified: Fri, 27 Aug 2021 20:08:11 GMT
server: cloudflare
etag: "27ae-5ca900aeda0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqXvphxd3cy28qaosQXVDEAuFPk4Ljx0%2F1WsU2L9fpCk778vaUdu85rfxaB3rn4t60a93ZEymQrN%2BdKoTgrf%2FUdB%2BYWd7e7TsfexuFBfZ1hxHIExlcJQuDRICPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7433bc719abcdf28-MEL

GET
H3 200 ico_down.png
filelu.com/images/ 255 B
862 B 1265ms
1261ms Image
image/png 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://filelu.com/images/ico_down.png

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5211a382edbdc5735bcef4a602013024eacec74802285bfe83e19f6b90a7b921

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=381
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 255
last-modified: Thu, 06 Sep 2018 16:41:40 GMT
server: cloudflare
etag: "17d-5753690b4b900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYwdw8T72p4yi4AIws4Fa11NdrM2sMwWPDOMSXzDvwNTadVOb2wjks9hxk11I534fgweO%2FkCcjwya25cjroQyW4plyYyWo%2FWccD8IPWb4%2B%2B6dDZciM4EJtrQyl8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7433bc719abedf28-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 chart
chart.googleapis.com/ 855 B
1 KB 530ms
179ms Image
image/png 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?cht=qr&chl=https://filelu.com/znh9ad2t1zdu&chs=150x150&choe=UTF-8&chld=L|2

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

GoogleChartAPI/1.0 /

Resource Hash

70427ec237de1ed281521c356bb2f40343e73da7141b18a60371dae02c6b79ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 02-May-2018 18:35:04 GMT
server: GoogleChartAPI/1.0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 855
x-xss-protection: 1; mode=block
expires: Thu, 01 Sep 2022 06:33:41 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 527ms
188ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2736668317404366

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

931a805c5b43432bd082dceff6a119116dbfa78feb634d77b39152c49836034e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://filelu.com/
Origin: https://filelu.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57324
x-xss-protection: 0
server: cafe
etag: 4091010072255845488
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 06:33:41 GMT

GET
H3 200 email-decode.min.js Show response
filelu.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 93ms
93ms Script
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:02:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6304b3db-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FZqSLLNK7Dj7cUhTv9OBr677cJn9OExjf2EhwRoTQyT1tI0j9OG60eg9SlL65UFSJkQc0lUBzrwkVH0FooXUc2qEKhSVVTf%2Bd94O9vijsO1NGVPt3ZH04A%2FR%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7433bc718aacdf28-MEL
expires: Fri, 02 Sep 2022 06:33:41 GMT

GET
H3 200 up.png
filelu.com/images/ 3 KB
3 KB 1088ms
1084ms Image
image/png 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://filelu.com/images/up.png

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a268be434ede86fecd757217883d463c53ffbb37f0ca510ffd0fc6ee96c574

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3506
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2918
last-modified: Thu, 14 Oct 2021 03:14:42 GMT
server: cloudflare
etag: "db2-5ce477acfec80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxE2OWXPkR4lXZSfPueoZDrW5nhl%2BA%2B7z7Ck%2FqVedjSVKv0lJfyp5qHJOcwNoQcUDPzEW12%2FdcPtsF8z0OVQsTyGsVgbs8mYORrMkkJOzalx%2B6yrrba5w2tisV8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7433bc719abfdf28-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 sharef.png
filelu.com/images/ 3 KB
4 KB 1265ms
1261ms Image
image/png 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://filelu.com/images/sharef.png

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

687503387bf1c30e1eec2ea6ac746145f45d3c73334f4ff8d8aa6802e62f9f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4182
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3450
last-modified: Tue, 01 Sep 2020 19:45:36 GMT
server: cloudflare
etag: "1056-5ae45c34af800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjhcS8%2FtM6F9YaGHHZHolHS0JuNeWYAz8nlljwbSHRmHDdE9iY3vNPfIYJdQhSR1RMPNOSOo8qRFVBZF0oQHXj953y8XO7ShOklOHY5reg8LN%2B%2BPOAu0oEQp04o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7433bc719ac1df28-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 earnf.png
filelu.com/images/ 4 KB
4 KB 1265ms
1261ms Image
image/png 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://filelu.com/images/earnf.png

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb99026b90af877590e560588f22379d2950b8bc0521726a6d4ab3ec05d6b351

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/znh9ad2t1zdu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4362
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3694
last-modified: Tue, 03 May 2022 22:58:31 GMT
server: cloudflare
etag: "110a-5de237292d3c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zq4Sv3Spmjk3wFJoKjovIS8S8dAiPlJ20aW%2F%2Fstj%2FIxLhnJdyjYQR5zY6sY%2F7%2BsCLPQyKj9pO3ILTz9BPsEnTTpyphggJgZVza%2FqUwo6TE5IqW33pYjgaoMMpNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7433bc719ac2df28-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 522ms
171ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

f45ffda5f1836f646b4a942f55d6c3f7f4d28e0dc88236a677913875059787d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://filelu.com/
Origin: https://filelu.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LtZnKFC/pikG9jLiyaOxtQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: iZ5iX9uQctIzqDF1hGHu4xZb71wkaB+FRxzdJv+M1jMAlNnf3jfMrbWE5LJPsEmXmtS0/Q33hUKm2UYUwgZqfQ==
x-fb-trip-id: 548340344
x-fb-content-md5: 57d372b273810ba79e8ceb55b1b711c9
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 31 Aug 2022 06:33:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ef5cd4e32214490f5d4e46feb9021ad8"
timing-allow-origin: *
expires: Wed, 31 Aug 2022 06:48:47 GMT

GET
H2 200 pubads_impl_2022083001.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 471ms
169ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

sffe /

Resource Hash

4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131975
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 08:35:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Aug 2023 11:03:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 112 B
115 B 509ms
171ms XHR
application/json 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=filelu.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

6b0708fbfd750df7c457e523328dbf6560bdc829cc99c0cc148c274d813c9433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 06:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Wed, 31 Aug 2022 06:33:40 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/ 343 KB
121 KB 501ms
198ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

81087eac5ba9c2eee42e40d7be5359ce66d619f09a6400a707f228bc7b7b1198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123678
x-xss-protection: 0
server: cafe
etag: 10977503231771336790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 06:33:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame 5837 10 KB
5 KB 172ms
171ms Document
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 25381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 23:30:39 GMT
etag: 8616628553774171045
expires: Tue, 13 Sep 2022 23:30:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 511ms
168ms Script
text/javascript 172.217.194.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f97.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1525
date: Wed, 31 Aug 2022 06:08:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 31 Aug 2022 08:08:16 GMT

GET
H3 200 OpenSans-Regular.woff
filelu.com/font/ 66 KB
67 KB 1154ms
1154ms Font
font/woff 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/font/OpenSans-Regular.woff

Requested by

Host: filelu.com
URL: https://filelu.com/css/style1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12fd1d8afb1c2d8cb9d59868336a6c9e357af548f36aa41bcdb12fa19158365

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://filelu.com/css/style1.css
Origin: https://filelu.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67528
last-modified: Thu, 06 Sep 2018 16:41:40 GMT
server: cloudflare
etag: "107c8-5753690b4b900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqRmTdRZ0xYDHr5TWN1CBUT9hMoySQGd7%2Fwwt0whFa7jHMBsE92z3cnr8juVel2jhyMUiN3iATyoc%2FobO26ZSk1EuQCuydPyDMSTShrNmkqGvhWCyX6mrbtDCCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7433bc71badcdf28-MEL

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 470ms
168ms Image
image/gif 172.217.194.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=632356290&utmhn=filelu.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20Viking%20Axes%20and%20Swords%20docx%20-%2014%20KB&utmhid=464623156&utmr=-&utmp=%2Fznh9ad2t1zdu&utmht=1661927621900&utmac=UA-169642122-1&utmcc=__utma%3D99342729.1285931803.1661927622.1661927622.1661927622.1%3B%2B__utmz%3D99342729.1661927622.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1594947593&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f97.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
693 B 521ms
174ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=filelu.com&callback=_gfp_s_&client=ca-pub-2736668317404366&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

dce0c146fdf869be3263b707bedb25e486bc710487fcab69c285f532ab7d6e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 519ms
174ms Script
application/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=filelu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 06:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 517ms
174ms Script
application/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=filelu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 06:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A22 12 KB
5 KB 269ms
268ms Document
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2736668317404366&output=html&adk=1812271804&adf=3025194257&lmt=1661927622&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661927620405&bpp=929&bdt=825&idt=1682&shv=r20220829&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2628638801627&frm=20&pv=2&ga_vid=1285931803.1661927622&ga_sid=1661927622&ga_hid=464623156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069218&oid=2&pvsid=221103372424996&tmod=373562574&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

2b193beda4aabb7502d6efe78385c0d4afacd5a0e956779f42880b767b4df5ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4747
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 06:33:42 GMT
expires: Wed, 31 Aug 2022 06:33:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BE90 436 B
236 B 257ms
257ms Document
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2736668317404366&output=html&h=280&slotname=9428671726&adk=2557676952&adf=1823596959&pi=t.ma~as.9428671726&w=1120&fwrn=4&fwrnh=100&lmt=1661927622&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661927621344&bpp=7&bdt=1764&idt=765&shv=r20220829&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2628638801627&frm=20&pv=1&ga_vid=1285931803.1661927622&ga_sid=1661927622&ga_hid=464623156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069218&oid=2&pvsid=221103372424996&tmod=373562574&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ooPrPQpaQY&p=https%3A//filelu.com&dtd=770

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

ea4d52307cc82807322f628e3e9eb83d0ed3d202f6fcc34d2e9064eb40e15c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 06:33:42 GMT
expires: Wed, 31 Aug 2022 06:33:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
334 B 513ms
170ms Ping
text/plain 172.217.194.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-20S72BHN7V&gtm=2oe8t0&_p=464623156&cid=1285931803.1661927622&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661927622&sct=1&seg=0&dl=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&dt=Download%20Viking%20Axes%20and%20Swords%20docx%20-%2014%20KB&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-20S72BHN7V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://filelu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 482ms
181ms Script
application/javascript 142.251.12.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YWJJW1GM8R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-20S72BHN7V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

bb2c045b9b80649bc825dc710101fe608a3a8f134428d30e4d318739c25c38e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72970
x-xss-protection: 0
expires: Wed, 31 Aug 2022 06:33:42 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 485ms
171ms Ping
text/plain 172.217.194.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YWJJW1GM8R&gtm=2oe8t0&_p=464623156&cid=1285931803.1661927622&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661927622&sct=1&seg=0&dl=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&dt=Download%20Viking%20Axes%20and%20Swords%20docx%20-%2014%20KB&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YWJJW1GM8R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://filelu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.6.3/webfonts/ 77 KB
78 KB 185ms
95ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.6.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.6.3/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f51e2643a16f1154d148aa0e87f674ec5233f4dced02e9c123ad789eed147be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.6.3/css/all.css
Origin: https://filelu.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12662843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79212
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1356c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEEI10vIUvm%2FL8V1af8XydUI%2Bgph3dI8xw8mCOhsoIyBICJsx26MJK94HqpqvnOBfmRan6XuRsELKLvXTStY022egDa1E4ivmaYUXaSrM25l3nO3MWvlAKmrFdjMdsEtJHhWCNtq"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7433bc7928433775-MEL
expires: Mon, 21 Aug 2023 06:33:42 GMT

GET
H3 200 glyphicons-halflings-regular.woff2
filelu.com/font/ 23 KB
23 KB 1099ms
1099ms Font
font/woff2 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/font/glyphicons-halflings-regular.woff2

Requested by

Host: filelu.com
URL: https://filelu.com/css/bootstrap.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://filelu.com/css/bootstrap.css
Origin: https://filelu.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:43 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23424
last-modified: Fri, 22 Jan 2021 20:47:03 GMT
server: cloudflare
etag: "5b80-5b9834a5cbfc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgrYZjWxFyq6GfOqI3HFw3VQrrnkDf2iVpWTlPRYLkCX%2BaE5Q8JXBOl4L104Bdprz%2Ftnnco6t2T0libzDSXUhTne1%2BvvCHrDTKtwTinGi1JRMspH0%2F%2BcDyTECOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7433bc789d04df28-MEL

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 743B 436 B
237 B 238ms
238ms Document
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2736668317404366&output=html&h=280&slotname=9424582466&adk=474998563&adf=2498035131&pi=t.ma~as.9424582466&w=980&fwrn=4&fwrnh=100&lmt=1661927622&rafmt=1&psa=1&format=980x280&url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661927622450&bpp=14&bdt=2870&idt=14&shv=r20220829&mjsv=m202208290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=2628638801627&frm=20&pv=1&ga_vid=1285931803.1661927622&ga_sid=1661927622&ga_hid=464623156&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069218&oid=2&pvsid=221103372424996&tmod=373562574&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ritbegIlV7&p=https%3A//filelu.com&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

b90aee4cd0ad8ee508f79c6e6320f3846b8954313ae45d28f6821cc8f26f5c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 06:33:42 GMT
expires: Wed, 31 Aug 2022 06:33:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 docx.html Show response
filelu.com/fileinfo/ Frame D80B 316 B
714 B 1078ms
1078ms Document
text/html 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/fileinfo/docx.html

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cf5a15e00c6e4ba1ee809bbac8fa1a2ab8af4fc3a89c0022ca0b3300bce1c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://filelu.com/znh9ad2t1zdu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7433bc78ed71df28-MEL
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 06:33:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 30 Jun 2021 04:40:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKXhv65ODxqKShzPaOkeIsnw%2F1OjkRcZn2EwHZqmMAMF7LNMH5ITbYT%2Bi%2BJLN7g3ifuSPK%2FiAwHQCWenat04KKinDb%2Bx8gHa9jVbJWRV3RuYNMc3D2cYONW3PjU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 344ms
170ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1ee423414137f19fdee6147e0c6b4e4e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

215a75b719c9eab3ff9d2433a62120056a7d5cbe7f3b10258cc2b82109dda590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://filelu.com/
Origin: https://filelu.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TjaDo+lYfJek4CXBygpsmg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86512
x-fb-rlafr: 0
x-fb-debug: Zbc1UJDxWphTbDMvazhfplUxOkcoWKUoBUUvTuFz+ekmMncyV/865upxc1EaSInOJzQVeIMNNDdbEDCyYJb4TA==
x-fb-content-md5: c6d1dc8a1080bfd489e894a66526f639
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 31 Aug 2022 06:33:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e57d37eb3c0a6156069bf8c831704b2d"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 31 Aug 2023 04:51:37 GMT

GET
H3 200 invisible.js Show response
filelu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 083F 41 KB
15 KB 169ms
169ms Script
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661918400

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7684c57c06df116d6c0634a10669b4b619f1cee821ec94ce983b0da286d36b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBsGd3GMG1aYThb9EndrojgGvJ3mupCGzNbIzSW3%2FWrRLKQ%2FA7iLj%2FptvrJGrOLbp7811ait8Dpz4Jo%2FyKZUKCxllxVoWL8vQfnmKbOr3DeM6lsfOji1eX2tfAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7433bc78fd7ddf28-MEL
vary: accept-encoding

GET
H3 200 index.html Show response
protagcdn.com/check-bot/ Frame F5C8 2 KB
1 KB 625ms
445ms Document
text/html 104.26.6.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/check-bot/index.html
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/filelu.com/site.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.6.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d53e6a549bc1912ed779d9e7553712e29280d7a8187fde8ed4341eedd5934f6f

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7433bc7a1f625aac-MEL
content-encoding: br
content-type: text/html
date: Wed, 31 Aug 2022 06:33:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 12 Jan 1980 05:00:00 GMT
last-modified: Tue, 31 Aug 2021 15:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeVHIyLeOuj%2BWF7%2BjZ4a4n1J9ArHhdsBiRjZKdXyWz5XS1XiagaeEY8YLvZKicoq1aKFF%2BCiXR40cWmj7DW5uS9KfGUhNtM3r2FNWto09xGUul9BSZeuGzXYCnQgsSM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 83 KB
14 KB 1440ms
1440ms XHR
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=221103372424996&correlator=2852108116392810&eid=31068498%2C31069104%2C31069258%2C31068528&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=162717810%3A22663786011%2Cfilelu.com%2Cbefore_content%2Csticky-bottom&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C970x90%7C728x90&ifi=4&adks=3017979563%2C957145188&sfv=1-0-38&fsapi=false&prev_scp=env%3Dprod%26site%3Dfilelu.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Ffilelu.com%252Fznh9ad2t1zdu%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_segment_20m%3D19%26protag_minutes%3D33%26protag_hours%3D06%26protag_day%3D3%26protag_native%3Dnative%26protag_client%3Dglobal_new_client%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dfilelu.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Ffilelu.com%252Fznh9ad2t1zdu%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_segment_20m%3D19%26protag_minutes%3D33%26protag_hours%3D06%26protag_day%3D3%26protag_client%3Dglobal_new_client%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom&sc=1&cookie_enabled=1&abxe=1&dt=1661927622547&lmt=1661927622&dlt=1661927619580&idt=2548&adxs=566%2C-9&adys=126%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&frm=20&vis=1&psz=1600x0%7C0x-1&msz=1600x0%7C0x-1&fws=0%2C2&ohw=0%2C0&ga_vid=1285931803.1661927622&ga_sid=1661927622&ga_hid=464623156&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

5b3076378c41157061292143a6b0fd9f5f3b72cbd94103c382fa03b096c7ec38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13986
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://filelu.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FA2 6 KB
4 KB 524ms
173ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 06:33:42 GMT
expires: Thu, 31 Aug 2023 06:33:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pica.js
filelu.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 083F 21 KB
8 KB 97ms
96ms Other
application/javascript 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6def139b766d2be8833c707031f22dafbd6a4230a11a52dc8677c2cab2a21a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHSOvxEo76Uey0hVM5Q5hJnol7Mab1c2tdzHikSWF1HxKn60RrA%2FbX6V8Aes9%2B4l3iYC1fN5yT%2BIxQDv7CBoFCNE0%2FfiRkn5XHo9ic76HpG0ArBq23DYjRIOmI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7433bc7a1f21df28-MEL
vary: accept-encoding

POST
H3 200 7433bc586c80fe99 Show response
filelu.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 083F 2 B
753 B 125ms
121ms XHR
text/plain 104.26.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://filelu.com/cdn-cgi/challenge-platform/h/b/cv/result/7433bc586c80fe99

Requested by

Host: filelu.com
URL: https://filelu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661918400

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 06:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhOC%2BqqNJWdbiHfsTdXi%2FxdrZWaxEzKAg0Hsn6Q1U%2FPNudzt28fHQ9eyXanvT2IDg7kCiyp6wSu81%2BhgddzirKxJxAq0Ycbc%2F73MUia4M4RSj9BNyR2xHJwL49w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7433bc7d2b3edf28-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 invisible.js Show response
protagcdn.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 159F 41 KB
15 KB 98ms
97ms Script
application/javascript 104.26.6.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661918400
Requested by: Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.6.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7684c57c06df116d6c0634a10669b4b619f1cee821ec94ce983b0da286d36b58

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RQf5y4Itj79vxcmyoGJERPcimvu01RbghzdPvKt%2BxTPnFlYNxLVo5%2FxWOvhZzh1HGozNO50sNRNyUowyg3HmCH8vOb7NI2nRDVSwWmuiEcRNHkskGJTVGakZph3ek4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7433bc7d6e805aac-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
protagcdn.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 159F 19 KB
7 KB 102ms
101ms Other
application/javascript 104.26.6.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.6.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebad97c485cf551ee3c3171a81f497ad4ce44fc5f1f966333441e694094f32a4

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKNuRl3orJKauVpP51p8jJiVRbNeVnIBpzRhrLDSnd%2F1VhSBsJKbLVLp3CGBzr%2F%2BP3Vndt97b1NTcyssmX9824qhpZIuG4wlEMwJ%2BMAfD6PqeaNixNwGnU3u3FO4LzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7433bc7e99475aac-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 179ms
178ms XHR
application/json 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220829&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

6f9575294996c04de499d110023f5ee4b94944069db55fe96bfd7fd61ba59d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 06:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11198
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v9.0/plugins/ Frame 1FD7 35 KB
16 KB 809ms
461ms Document
text/html 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v9.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe3ac3d6591ea8%26domain%3Dfilelu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffilelu.com%252Ffdeebada95c16%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Ffilelucom&layout=box_count&locale=en_US&sdk=joey&share=false&size=small&width=28

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1ee423414137f19fdee6147e0c6b4e4e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

Resource Hash

0e8c6006e59acfa2d92376ad6f64c354dfe170fc4cf214e5c415159f7a3e3ec3

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 31 Aug 2022 06:33:44 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ErvJO2lYQq/YA2suq0lEq5M4YXdsx76oWgcpth5lm07DjvzqWqPjvkRwJ5O2l/UiEWw5uQFe87t8NEd6zLkYKQ==
x-fb-rlafr: 0
x-xss-protection: 0

POST
H3 200 7433bc7a1f625aac Show response
protagcdn.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 159F 2 B
722 B 115ms
112ms XHR
text/plain 104.26.6.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/cdn-cgi/challenge-platform/h/b/cv/result/7433bc7a1f625aac
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661918400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.6.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 06:33:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDdp%2FVa%2B5UPOD6if4kKIuJRCCpAWejswAQEqulXvL8SXj33VOHHb6f0ZrGfPTIgvXrWmjcKjoiNwMWxVHzWdQhKTeqclTORxGFanda8BsYBvdp7Fpy0UR7zoMgHR81w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7433bc813eff5aac-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 753ms
413ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208290101/show_ads_impl_fy2021.js?bust=31069218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 06:33:44 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 767ms
253ms Script
application/javascript 34.209.30.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.30.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-30-241.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:44 GMT
cache-control: public, max-age=86400
last-modified: Tue, 30 Aug 2022 21:33:52 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 268ms
87ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 21:57:35 GMT
content-encoding: gzip
age: 2018169
x-guploader-uploadid: ADPycdsSc74OmZ62STed-LfeHx3ZHsns03BgrTUhBSZTy6RPw8wouovK3vurNM6IGoAoZ-29f0nBn5OjuzB9iOYjH_chp34qanBj
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 07 Aug 2023 21:57:35 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 689ms
341ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b47eb2c147c468eb6aa9c3ba546db61b822d6d7be251f41e06aefc0d3c828163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:09 GMT
server: nginx
etag: W/"63041db1-9dbd"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Sep 2022 06:33:44 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208121708000/ Frame FBBD 221 KB
61 KB 516ms
170ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 124011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61526
x-xss-protection: 0
server: sffe
date: Mon, 29 Aug 2022 20:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b1753c5424806777"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 29 Aug 2023 20:06:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame FBBD 14 KB
5 KB 803ms
458ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 513279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Thu, 25 Aug 2022 07:59:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "23fb7130d171a0c1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 25 Aug 2023 07:59:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame FBBD 94 KB
28 KB 828ms
483ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Tue, 30 Aug 2022 01:01:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd6960dd2dd8774b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 30 Aug 2023 01:01:50 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame FBBD 5 KB
2 KB 819ms
474ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 553591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1914
x-xss-protection: 0
server: sffe
date: Wed, 24 Aug 2022 20:47:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6863aa0ddd5cf3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 24 Aug 2023 20:47:13 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame FBBD 40 KB
13 KB 901ms
556ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 237478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12954
x-xss-protection: 0
server: sffe
date: Sun, 28 Aug 2022 12:35:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "008ca125395468a7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 28 Aug 2023 12:35:46 GMT

GET
DATA 200
OK truncated
/ Frame FBBD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19c91f6856970414288eb0e9a840e50e179819ca47e2f8fc885c4732d8e043bc

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1159041325368047756
tpc.googlesyndication.com/simgad/ Frame FBBD 38 KB
39 KB 337ms
182ms Image
image/png 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1159041325368047756?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmErxRTmok2RWd6gdVYzQaRe3lQOQ

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

0dace9b53446c415277abd2be4e70866a2ce84122274b1b7e306f02259391604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 21:56:32 GMT
x-content-type-options: nosniff
age: 31032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39417
x-xss-protection: 0
last-modified: Mon, 30 May 2022 18:57:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 21:56:32 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FBBD 3 KB
3 KB 327ms
172ms Image
image/png 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 07:54:02 GMT
x-content-type-options: nosniff
server: cafe
age: 81582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 31 Aug 2022 07:54:02 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FBBD 344 B
807 B 307ms
171ms Image
image/png 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 10:24:56 GMT
x-content-type-options: nosniff
server: cafe
age: 72528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 31 Aug 2022 10:24:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FBBD 0
0 566ms
221ms Image
text/html 142.251.10.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrqloG35mkNPpzzfZUtQoHbQpeuXxiYuVHS_VaIrA1nZWZL4viyhqDDd0SGd6u8EUUmu1OCCevF8ATRpxbsGzZOizuCw
Requested by: Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f106.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FBBD 0
0 185ms
184ms Image
text/html 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COfMVxgAPY9bhKdqo9QOHv4noBN2WlYhs7_Op9csQppOoia0wEAEgktjfSmClwKOApAGgAbyD170ByAECqQLr7zzdvzqxPuACAKgDAcgDCKoE5QFP0MUDys3rhnvJxgQEBB-Lc1R99SSLCYBkauDso707jTgehT9RFmcigjWgoiyfkr8-9HfQPpn__SwuU7Z77mTRkakIo066pVA4oaTRy4N5wUn2QvgJ5pM-6QyELoTSm1DlCjZmJxhcxHhXaZ3twAUYjyoDZIyFbLbxSRD8zn7HKB-inKh920V7Jzpa_FimCq13fYcM18F7dIpXc9jobZKukFmZB_jocMGY896l45bMcb54VGM8UgTCl5PknyVzvfvXv0ArO7fXbXYBRG0eD1_H37ksxgtmg8_Jx0WSmS4Y4GBRszjnwATex5WK9QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHrPyowgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC5o1vSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItMjM5MzMyMDY0NTA1NTAyMhiymCo&sigh=ZkdUGuL3UvA&uach_m=[UACH]
Requested by: Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame 26A0 2 KB
1 KB 311ms
126ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=filelu.com&s=filelu.com&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=280&w=336
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/filelu.com/site.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:48 GMT
server: cloudflare
age: 2397
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7433bc83bc325aa4-MEL
content-length: 1168
expires: Wed, 31 Aug 2022 08:33:44 GMT

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&rid=esp&cc=1

85 B
103 B

363ms
273ms

Fetch
application/json

34.120.135.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&rid=esp&cc=1
Protocol: H3
Server: 34.120.135.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 3a6a80d2011e85e3e1c85099517398ad57cb0d70dfbaee5653b22c7ef585ec38

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:44 GMT
via: 1.1 google
etag: W/"55-vAQQUtXM553mtFpNVuUFiuvxBQo"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://filelu.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 31 Aug 2022 06:33:44 GMT
via: 1.1 google
access-control-allow-origin: https://filelu.com
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 26A0 31 KB
24 KB 103ms
103ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1661927624355&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=a09rruso0xrl&cid=1069
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=filelu.com&s=filelu.com&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=280&w=336
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:48 GMT
server: cloudflare
age: 6856
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7433bc848ddd5aa4-MEL
content-length: 24217
expires: Wed, 31 Aug 2022 08:33:44 GMT

GET
H2 200 -vzBdBV5eDl.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yo/l/en_US/ Frame 1FD7 536 KB
140 KB 172ms
171ms XHR
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yo/l/en_US/-vzBdBV5eDl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v9.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe3ac3d6591ea8%26domain%3Dfilelu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffilelu.com%252Ffdeebada95c16%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Ffilelucom&layout=box_count&locale=en_US&sdk=joey&share=false&size=small&width=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

82e04a82bd61abf99a4691e152fec8ff1a4059fde9a7cfc3a8cfa5b4d82b8acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EgOv0cSrSGVuKV3HquebkA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 142951
x-fb-rlafr: 0
x-fb-debug: YeLNGZ4JqYuf+5VK2J+3DFATuatgN7+JILUptNWwiI8HP3VGOG1SG2FlDC38oCBbuOfxKw91MOBoXZi2KbM3Lg==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 30 Aug 2023 20:20:40 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 1FD7 299 B
724 B 517ms
171ms Image
image/png 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:44 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: scJ1jT69IsizmjH7NxSLAljEHz0qhe/qgnqewhHNLuAlbBqYU2vxDJB1AkcDEsbsDMr0Qk6MZDHuG0vtsWmzxw==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 27 Aug 2023 19:15:57 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 26A0 26 B
304 B 296ms
98ms Image
image/gif 104.16.120.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1661927624502&rnd=a09rruso0xrl&ifm=2&uai=2&cid=1069&s=filelu.com&p=filelu.com&x=4404325371&adtg=protag-before_content&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.120.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:44 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:39 GMT
server: cloudflare
age: 4701
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7433bc86dc1c5a67-MEL
content-length: 26
expires: Wed, 31 Aug 2022 08:33:44 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 26A0 26 B
88 B 298ms
100ms Image
image/gif 104.16.120.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1661927624488109&ver=1.2r81&qid=73533313f553633313f593630313&p=filelu.com&s=filelu.com&x=4404325371&cid=1069&od1=&od2=&adtg=protag-before_content&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=a09rruso0xrl&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=336&h=280&lat=&lon=&ci=&1=6c47f21b1a604968adcb1eb2f7b68c9c&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-10-s-fl-10-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-21-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=23
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.120.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:44 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:39 GMT
server: cloudflare
age: 4700
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7433bc86dc1e5a67-MEL
content-length: 26
expires: Wed, 31 Aug 2022 08:33:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 178ms
178ms Image
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=221103372424996&vrg=2022083001&nw_id=162717810%5C%2C22663786011&nslots=3&eid=31068498%2C31069104%2C31069258%2C31068528%2C676982961&pub_url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&qid=CNbc3uy68PkCFVpUfQodh18CTQ&iu=%2F162717810%2C22663786011%2Ffilelu.com%2Fbefore_content&e=0&ret=336x280&req=468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250&bm=0&efh=1&stk=0&ifi=5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7458 13 KB
5 KB 473ms
171ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 55843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 15:03:02 GMT
expires: Wed, 30 Aug 2023 15:03:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 358B 783 B
1001 B 475ms
174ms Document
text/html 142.251.10.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f106.1e100.net

Software

GSE /

Resource Hash

16a9a3ed5be29b1e3939e805264770ac1f4cb77594367abdcacf2c4459becd6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-87uAIkSYbGrX_hMqvvFakg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-87uAIkSYbGrX_hMqvvFakg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 06:33:45 GMT
expires: Wed, 31 Aug 2022 06:33:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 45EE 15 KB
6 KB 516ms
172ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=filelu.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

f6252faa0a83ae1e8e0d08a2810dba4bcf1ebfc800e7ea68c5e798f96fa05044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 06:33:44 GMT
server-processing-duration-in-ticks: 2399
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame FBBD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

178ms
177ms

Image
text/html

74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: filelu.com
URL: https://filelu.com/znh9ad2t1zdu
Protocol: H3
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 31 Aug 2022 06:33:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame BEE8 483 B
733 B 357ms
177ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 8cce93b7dbfc35ca8b5a3e307df0b72842b10d7659c8b80c906f9bb46751506f

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 306
content-type: text/html
date: Wed, 31 Aug 2022 06:33:45 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 358B 0
0 175ms
175ms Image
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220829&jk=221103372424996&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 kgODt4LT3wRHpfZf-cCV6tHK-CEpZ0phJKiXjce9MW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7458 36 KB
15 KB 175ms
175ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kgODt4LT3wRHpfZf-cCV6tHK-CEpZ0phJKiXjce9MW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

sffe /

Resource Hash

920383b782d3df0447a5f65ff9c095ead1caf82129674a6124a8978dc7bd316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 20:13:58 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 45EE 441 B
539 B 174ms
173ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=filelu.com&sn=ChromeSyncframe&so=0&topUrl=filelu.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=filelu.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

ca63b5b3065d43c38877a596f1c9e59869d52266ca55d37f6e886673125b280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=filelu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:45 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4598
strict-transport-security: max-age=31536000; preload;
expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7458 0
10 B 169ms
168ms Image
text/plain 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bUxK-w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame BEE8
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=6b6f0e90-a1a5-7102-fb2d-379a1ef12ab5&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=6b6f0e90-a1a5-7102-fb2d-379a1ef12ab5&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cdcc5892-1030-41f2-9692-65ea219e15a6&ttd_puid=6b6f0e90-a1a5-7102-fb2d-379a1ef12ab5&gdpr=0&gdpr_consent=

43 B
62 B

266ms
175ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=cdcc5892-1030-41f2-9692-65ea219e15a6&ttd_puid=6b6f0e90-a1a5-7102-fb2d-379a1ef12ab5&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:46 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=cdcc5892-1030-41f2-9692-65ea219e15a6&ttd_puid=6b6f0e90-a1a5-7102-fb2d-379a1ef12ab5&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame BEE8
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yw8AysCo8X0AAHIS1t0AAAAA

43 B
106 B

179ms
176ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yw8AysCo8X0AAHIS1t0AAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:46 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 34
Date: Wed, 31 Aug 2022 06:33:46 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":34,"gdpr":false,"ipv4":"103.209.254.58","key":"Yw8AysCo8X0AAHIS1t0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad290"}
X-SO-Ads-Time: 2
X-SO-Key: Yw8AysCo8X0AAHIS1t0AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad290
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yw8AysCo8X0AAHIS1t0AAAAA
Cache-Control: private
X-SO-HostName: m-ad290.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: m-tgng25.dc4p.scaleout.jp
X-SO-IP: 103.209.254.58

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame BEE8
Redirect Chain

https://cr-p3.ladsp.jp/cookiesender/3
https://cr-pall.ladsp.com/cookiesender/3
https://cr-pall.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Acl9ujvZ344Hks8ADsd_uRgRn88AAAGC8psYLQ

43 B
61 B

175ms
174ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Acl9ujvZ344Hks8ADsd_uRgRn88AAAGC8psYLQ
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:46 GMT
via: 1.1 bf37a08a8e52d3968f35ae1bb4eaae78.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Acl9ujvZ344Hks8ADsd_uRgRn88AAAGC8psYLQ
cache-control: no-cache
content-length: 0
x-amz-cf-id: XT11H4c04nKK8j8LmdZ2XMJt752ndoMvYEa5sJOkThas3jm7f9HKXQ==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame BEE8 170 B
243 B 178ms
177ms Image
image/png 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDcwMGRkNWEtNjhkMi0yZmE2LWVlY2QtNmQyM2Q0MTNlNGQ1

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BEE8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN06QVwm4YEsEnDf2eySOwg&google_cver=1

43 B
180 B

178ms
177ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN06QVwm4YEsEnDf2eySOwg&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:45 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN06QVwm4YEsEnDf2eySOwg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 177ms
177ms Image
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220829&jk=221103372424996&bg=!w8ClwITNAAaXrHhMt6w7ACkAdvg8WkmviVMahkJVJ3fm84dTbhxUsQP-bNKO1qtAmULKinWraWvi4QIAAABNUgAAAAFoAQeZAqAwTzC2oLrGMLxs27biLa_HQGUbUXmCzgWy01IhV7wY8t1tMTQ7croKQRMVTu_agdD9kgjBNcu-ikMOMBx7KRNDO_txIp3nlra20KgNxYsKHabZTe6LFpEwdh4hsJe53ru9b6oIH6Ns4UIn0erLJYJyIZVNiGAwwlH55mYmYTW8D5GF7wf62PfYuSyQuDAjqkJdTYXBgnAt30NIIN5m_jZqde6WB_FJQhSCdT8yiUhXrY-4gsZw7aj1NTJg1q82lJelP0yOsxv6485tetGwi9PyNYp9C1AjlxrGMW9IU1rpulLNa3UDjePuxBQM8TLXX4Z_HaDYm4LEssUakodDAanOST-ijiTlJ8fNiTnFqWnHYKsneoS-jgDYWNNSJR4xAXgxklMbwcS7168yifyR_N4ug-n1OYU7eg87Y6gLW2u9xlkHr1QxKLiVV-ORaqGzLWjWEqESfWjLMbq7DXwE5F4T_NhanYZ74_YE2zhNno8Ow7bCPrPWKvVwtTOei7bZWB6tB1szxL8n3QIdH0Acf8X4HFvqz4MlF2N5VNcbO-a7qvxbP9YzTYtjfFN_-8_ODKrHtKEESHn_dILlwhxvja3g66cZz4wru3mugPuFxfimwtljLnT2F3kjaxAgENeQOlXgdpLDicrPDiobKP04eDFfo58BxaXVgsAkbeHJozEnrrR8YT-auqpq-lix2cq4qqCFlxeo26IMg84n8ceAmkXx9_8mm9H9z3m2Jiy6DOHmP1CmBdr_ZO1u3b62QqlrTDRsR1CvSQ-NZPXOxzVKUiLxvd0I6Ud6C8aY9uZWnfdpM00Xy5_u_AwncR7venpNwyBPlRICIXjTaQOkRAv-CU1NtGYqRwQ6PxoN9mAPuUMx1jNdyLwg40Q5X9wUr4ZuheE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FBBD 42 B
64 B 183ms
183ms Image
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPI5STJQpq9jB8hGTTDM071lNMpCrNZoLnDNMLHNvu_F021_8nFKCdO8sFoHY7WY4M68hJXTHSkLh1Blh5OF1ScxrbuWgXsTi7EIDJARzFVdJ8CzFcd6u0fDnfcuZtPX08-t8&sai=AMfl-YS5EvJTBGjhCoGfduyxRZzUy19NG5OP4WiWcxSDKm7JOyWZwl4E6k3Ws9diGof9hW-7l66Lgj1Mpjp-Ub_-Vfx7X9pLGBXccNCVpNk-PmlLn_EI28j8olOxZ0XN&sig=Cg0ArKJSzDdacdztdPIbEAE&cid=CAASFeRo3rPAhIPWTy-FjpqgbcwWvF_Hpg&id=ampim&o=632,126&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=931&tls=1931&g=100&h=100&tt=1931&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 471ms
169ms Ping
text/plain 172.217.194.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-20S72BHN7V&gtm=2oe8t0&_p=464623156&cid=1285931803.1661927622&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661927622&sct=1&seg=0&dl=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&dt=Download%20Viking%20Axes%20and%20Swords%20docx%20-%2014%20KB&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-20S72BHN7V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://filelu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 470ms
169ms Ping
text/plain 172.217.194.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YWJJW1GM8R&gtm=2oe8t0&_p=464623156&cid=1285931803.1661927622&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661927622&sct=1&seg=0&dl=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&dt=Download%20Viking%20Axes%20and%20Swords%20docx%20-%2014%20KB&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YWJJW1GM8R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://filelu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
165 B 473ms
172ms Script
application/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=filelu.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 06:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 474ms
173ms Script
application/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=filelu.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 06:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 136 KB
41 KB 556ms
556ms XHR
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=221103372424996&correlator=2852108116392810&eid=31068498%2C31069104%2C31069258%2C31068528%2C676982961&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=162717810%3A22663786011%2Cfilelu.com%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=672062541&sfv=1-0-38&ists=1&fas=8&fsapi=false&prev_scp=env%3Dprod%26site%3Dfilelu.com%26referrer%3D-%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Ffilelu.com%252Fznh9ad2t1zdu%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_segment_20m%3D19%26protag_minutes%3D33%26protag_hours%3D06%26protag_day%3D3%26protag_client%3Dglobal_new_client%26protag_interstitial%3Dinterstitial%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-interstitial&sc=1&cookie=ID%3Df80bc04c6e528001%3AT%3D1661927622%3AS%3DALNI_MYSNpl0glIUvLNBIUAJF1GiMmeFQw&gpic=UID%3D0000094c42bb3bab%3AT%3D1661927622%3ART%3D1661927622%3AS%3DALNI_MYHYpd_o5JuLYCKzOQBVP_aKqFbqg&abxe=1&dt=1661927627531&lmt=1661927627&dlt=1661927619580&idt=2548&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ffilelu.com%2Fznh9ad2t1zdu&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1285931803.1661927622&ga_sid=1661927622&ga_hid=464623156&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYw6DslK8wSABSAghqEj4KBW9wZW54EixleUpwSWpvaWRVMU5lSGxSWjJsVWRsZG9LeTg1ZVdWMFdWcFRRVDA5SW4wPRiQo-yUrzBIAA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

aba824f9a41bb87a9112bc4bb98e74b7066bb945f34132c2ffd0b3b1037aea91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42396
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://filelu.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022083001.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 174ms
174ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022083001.js?cb=31069258

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

sffe /

Resource Hash

e452e427426a73874dc18f54731b508406883dd902393dc5e393625ab22fd574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://filelu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13587
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 08:35:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Aug 2023 11:05:27 GMT

GET
H2 200 container.html Show response
156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 761C 6 KB
3 KB 473ms
172ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js?cb=31069258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://filelu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 06:33:42 GMT
expires: Thu, 31 Aug 2023 06:33:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 761C 4 KB
1 KB 511ms
171ms Stylesheet
text/css 172.253.118.95

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 06:11:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 31 Aug 2022 06:33:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Aug 2022 06:33:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AD7A 8 KB
966 B 497ms
172ms Stylesheet
text/css 172.253.118.95

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 06:10:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 31 Aug 2022 06:33:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Aug 2022 06:33:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame AD7A 2 KB
902 B 169ms
169ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 05:56:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 05:56:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame AD7A 23 KB
9 KB 169ms
169ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite_fy2021.js

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9615
x-xss-protection: 0
server: cafe
etag: 5965352936607719246
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 06:29:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame AD7A 3 KB
1 KB 233ms
231ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 06:30:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame AD7A 17 KB
7 KB 173ms
171ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 06:24:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AD7A 0
0 221ms
219ms Image
text/html 142.251.10.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4yj9UdZAiFethLg1Ly0WsaFTq0fIydnlmynUDsik4M4MiwaqtPPvzvzgRhxy9hw8Y1iA1LXpckiV-AGTdWlddneJ3iQ
Requested by: Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f106.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AD7A 0
0

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame AD7A 33 KB
14 KB 510ms
170ms Script
text/javascript 74.125.24.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 08:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 01:10:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 08:06:26 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/ Frame 761C 19 KB
8 KB 196ms
196ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8311
x-xss-protection: 0
server: cafe
etag: 13410161823615325117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 06:29:07 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 761C 205 B
519 B 546ms
211ms Image
image/png 74.125.24.94

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 02:32:46 GMT
x-content-type-options: nosniff
age: 14463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 31 Aug 2023 02:32:46 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 761C 604 B
696 B 546ms
211ms Image
image/png 74.125.24.94

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 13:14:06 GMT
x-content-type-options: nosniff
age: 407983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 26 Aug 2023 13:14:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 731C 1 KB
749 B 174ms
174ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 45113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 18:01:56 GMT
etag: 48472445140208031
expires: Wed, 31 Aug 2022 18:01:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET i.match
a.tribalfusion.com/ Frame 731C 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 731C
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEP8yLZKsE7ueMBdEztwPCbk&google_cver=1&google_push=AehlK4CzuAOTLYpPAMJlxjw3AJ8IKInpXYfTKT5ZotLuSoBnpZDYLtSVy9QfGRCX3547Gsnxb4uPnizhaKmoXfDGSV...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Y2RjYzU4OTItMTAzMC00MWYyLTk2OTItNjVlYTIxOWUxNWE2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=cdcc5892-1030-41f2-9692-65ea219e15a6

170 B
188 B

179ms
179ms

Image
image/png

172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Y2RjYzU4OTItMTAzMC00MWYyLTk2OTItNjVlYTIxOWUxNWE2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=cdcc5892-1030-41f2-9692-65ea219e15a6

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 06:33:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=Y2RjYzU4OTItMTAzMC00MWYyLTk2OTItNjVlYTIxOWUxNWE2&google_push&gdpr=0&gdpr_consent=&ttd_tdid=cdcc5892-1030-41f2-9692-65ea219e15a6
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 423

GET adx
pr-bh.ybp.yahoo.com/sync/ Frame 731C 0
0

GET sync
sync.srv.stackadapt.com/ Frame 731C 0
0

GET ebda
eb2.3lift.com/ Frame 731C 0
0

GET gob
sync.inmobi.com/ Frame 731C 0
0

GET CAESEMwHksbtnEq1M1vDopK3xIs
an.yandex.ru/mapuid/google/ Frame 731C 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 731C 0
12 B 179ms
178ms Image
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jk5pcigMuqVuff1HehKgIcZxe_zBAQX2W-85dGCQJpcUG4jytHDtFp6k3ERlCXm2i8P4KEqhA

Requested by

Host: 156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
URL: https://156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:33:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEASbY1JMHjS9KOFm98MKFzc&google_cver=1&google_push=AehlK4DPfzHF2NwIVWWYyS97r2dGlv6duA8bJDzLcSoxl2gS7KI--vIYyZ7kEQaX4OhD-mrzIaN53oRq6ZvqrxXeSPbSJH9mnJUHXA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4DPfzHF2NwIVWWYyS97r2dGlv6duA8bJDzLcSoxl2gS7KI--vIYyZ7kEQaX4OhD-mrzIaN53oRq6ZvqrxXeSPbSJH9mnJUHXA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHzxXTy-xGTxYOjH1ta10qc&google_cver=1&google_push=AehlK4DwqprYelGcyvxpSkv1eguPXjXg_gdjQccn7wmvPFrdNrK4uoiQg4_P5VAeadjjd2QTmCf6zv13P6yGVoqQ7UZB840-iu6lPQ

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOtizsIe0Shmrj0JVSOS3eI&google_cver=1&google_push=AehlK4COsZsmVrgIkqOV_efm9uSD9lUOrsA3ql1GOGXm1jEDtgaCK7ZZ5D-KEFgBj0nVfFwRiphPwSayKcd04QpBy7rWAow6qqW0xQ

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJHna6h6bE3CF9voCTyA3HM&google_cver=1&google_push=AehlK4CGVQUyysonaEXhTNNtX5-YZ3XETdUGC_HizqWHqFlhc5el_zy2IJY2dnaRicBtNzj-QZwxlGw9ynry9qwLnf-e4Y6JK6A5

Domain: sync.inmobi.com
URL: https://sync.inmobi.com/gob?google_gid=CAESEKohBa0sNMtFXPfdn7OaStc&google_cver=1&google_push=AehlK4Ce1IZwtQuIcu4wZ5fapuqwlTgcunuKBXr7vJVS1GqYPVbWPNB049sXCmehMpn5y-52LZKA1lze7oN5C-E1Q71dLyEv_o6bwzE

Domain: an.yandex.ru
URL: https://an.yandex.ru/mapuid/google/CAESEMwHksbtnEq1M1vDopK3xIs?ext-param=AehlK4DkaupDiqSH_qQmA-ItbhgLkdqN6drKApmjf6aznfhRDWBJGTszXtkuUuDVmXXFeM2EyKJ4_aQPDMHsBBPk8lwf69nhy_Wbmzw&partner-tag=yandex_ag&google_cver=1

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.filelu.com/	1969-12-31 23:59:59	Name: lang Value: english
.filelu.com/	1970-01-20 05:58:57	Name: affiliate Value: v6vYZ9rkV8PdQiX%2F2UnqmyK3XaWLp2QPjgvUvZKbAzcBJn%2Bldb353LL8%2F6RMNULYudKoQjpInk%2BTzpldId06iY8olZN%2FQA%3D%3D
.filelu.com/	1970-01-20 05:39:30	Name: 103.209.254.58 Value: IP
.filelu.com/	1970-01-20 15:14:47	Name: __utma Value: 99342729.1285931803.1661927622.1661927622.1661927622.1
.filelu.com/	1969-12-31 23:59:59	Name: __utmc Value: 99342729
.filelu.com/	1970-01-20 10:01:35	Name: __utmz Value: 99342729.1661927622.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.filelu.com/	1970-01-20 05:38:48	Name: __utmt Value: 1
.filelu.com/	1970-01-20 05:38:49	Name: __utmb Value: 99342729.1.10.1661927622
.filelu.com/	1970-01-20 15:14:47	Name: _ga_20S72BHN7V Value: GS1.1.1661927622.1.0.1661927622.0.0.0
.filelu.com/	1970-01-20 15:14:47	Name: _ga Value: GA1.1.1285931803.1661927622
.filelu.com/	1970-01-20 15:14:47	Name: _ga_YWJJW1GM8R Value: GS1.1.1661927622.1.0.1661927622.0.0.0
.filelu.com/	1970-01-20 05:38:49	Name: __cf_bm Value: Dmgm4gYKAKknkwjHpIwZb4XrKL5e2Fy2nKdSo6PcU8s-1661927623-0-AeQTvF8SzAb998XqYur2crD1O+nBVlmKdZNxRw5amvX15k7fN0+Ld0oEDscdze1Y45ITSEInSJ6onvzVujhhsTNU98Q1OygN0rCxi04xo/I8j8v6JhHVXbAvfDs/np0Nw+HuFXMGBFsDoP5j9U0Nsik=
.protagcdn.com/	1970-01-20 05:38:49	Name: __cf_bm Value: 8zbQClK4ZlfW29IczDzNEHehz.Ysy.wB.E1Xb_4QUog-1661927623-0-AX4rPWKU9Jg28PSOw4h+bhRhiX7K/c7WvdCoBU4Y/JB7vBRE1AscZsbEBrosZFdfDVP9t1tu1CCIYf/+r8IZAcOpK8VBJgiBIqmB9X4jfEHe/dPQzAPBEgEImet2UX37oZ6RrfAjZYOr6AZLwfjA9Z0=
.doubleclick.net/	1970-01-20 15:14:47	Name: IDE Value: AHWqTUkoZq8nYWm0dR40apqvJELBZ2qE2wfiELAgS1wla9W0uI9rjFxfyaF_RiXZVtc
.filelu.com/	1970-01-20 15:00:23	Name: __gads Value: ID=f80bc04c6e528001:T=1661927622:S=ALNI_MYSNpl0glIUvLNBIUAJF1GiMmeFQw
.filelu.com/	1970-01-20 15:00:23	Name: __gpi Value: UID=0000094c42bb3bab:T=1661927622:RT=1661927622:S=ALNI_MYHYpd_o5JuLYCKzOQBVP_aKqFbqg
.openx.net/	1970-01-20 14:24:23	Name: i Value: b8c331c9-0822-4ef5-a1fb-ff727ad61948\|1661927624
.criteo.com/	1970-01-20 15:00:23	Name: uid Value: ae8fe51d-3a1e-4c31-9c41-bd83222968f7
.doubleclick.net/	1970-01-20 05:38:51	Name: DSID Value: NO_DATA
.filelu.com/	1970-01-20 15:00:23	Name: cto_bundle Value: LBkOAV9XWUp6d3pMdUJlc1I3cnRJQkIwT2U4ejRkU0w0ZURCJTJCJTJCamVaYXQ2SyUyQmpvTWZOY3h6aXlsS0VFMTJ1YzRudk9rbVJraDR6OXlMJTJCMzBRJTJGQVU4UXA0ekNzQ1ZwJTJGUWZOeTRpMWxNWDZlSm1LJTJGYVRINHRJNFo4SklkRUVYNTFMenpIb285UzlMVUJ5cFZaTmlGUWxsd0wlMkJBJTNEJTNE
.openx.net/	1970-01-20 06:00:23	Name: pd Value: v2\|1661927625\|jElYiuvOhI
.adsrvr.org/	1970-01-20 14:24:23	Name: TDID Value: cdcc5892-1030-41f2-9692-65ea219e15a6
.adsrvr.org/	1970-01-20 14:24:23	Name: TDCPM Value: CAEYBSABKAIyCwiayvvJr8mFOxAFOAE.
.openx.net/	1970-01-20 06:00:23	Name: univ_id Value: 537072971\|cdcc5892-1030-41f2-9692-65ea219e15a6\|1661927626056743
.socdm.com/	1970-01-20 15:14:47	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjYxOTI3NjI2fQ
.ladsp.com/	1970-01-20 05:38:51	Name: cr Value: 1
.ladsp.com/	1970-01-20 15:14:47	Name: smn_uid Value: exgbPVh72DwVhXSOCA9JSw7Hf7kYEZ8
.ladsp.com/	1970-01-20 15:14:47	Name: lum Value: CK2w7JSvMBIFCAMQ0AU

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://filelu.com/znh9ad2t1zdu Message: Refused to execute script from 'https://oaphoace.net/401/5336107' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

156f3c4b6833421fd3df1e88f88e04d0.safeframe.googlesyndication.com
a.tribalfusion.com
adservice.google.com
adservice.google.com.au
an.yandex.ru
cdn.ampproject.org
cdnjs.cloudflare.com
chart.googleapis.com
cm.g.doubleclick.net
connect.facebook.net
cr-p3.ladsp.jp
cr-pall.ladsp.com
eb2.3lift.com
filelu.com
fonts.googleapis.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id.sharedid.org
jp-u.openx.net
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
oaphoace.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
protagcdn.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
static.xx.fbcdn.net
sync.inmobi.com
sync.srv.stackadapt.com
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
a.tribalfusion.com
an.yandex.ru
eb2.3lift.com
pr-bh.ybp.yahoo.com
sync.inmobi.com
sync.srv.stackadapt.com
www.googletagservices.com
104.16.120.195
104.16.201.58
104.17.25.14
104.21.63.54
104.26.5.69
104.26.6.142
124.146.215.47
13.224.250.50
13.227.254.100
139.45.197.239
142.250.4.132
142.250.4.154
142.251.10.106
142.251.10.154
142.251.12.97
157.240.235.1
157.240.235.35
172.217.194.102
172.217.194.154
172.217.194.95
172.217.194.97
172.253.118.132
172.253.118.95
182.161.73.129
182.161.73.136
34.102.146.192
34.120.135.53
34.209.30.241
34.98.64.218
35.244.159.8
35.71.131.137
74.125.200.155
74.125.200.156
74.125.24.132
74.125.24.94
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dace9b53446c415277abd2be4e70866a2ce84122274b1b7e306f02259391604
0e8c6006e59acfa2d92376ad6f64c354dfe170fc4cf214e5c415159f7a3e3ec3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1409a591c1d605f023893e8577f99d1ca3c3759733a55d86518a8689dbfd2c4a
1458c65cd927c3e5bf35667665280eaaf849eef09ed217983334c5c8a78f6759
147fc0423529f792d30c6f4eaf00ebb7f7ae719d2abf7a90add87c0e97790743
156bd7cc6cd754ca14e6783550cb2592a9550196dd9fa8f2c722085cde5298f4
16a9a3ed5be29b1e3939e805264770ac1f4cb77594367abdcacf2c4459becd6e
19c91f6856970414288eb0e9a840e50e179819ca47e2f8fc885c4732d8e043bc
1aff077b0ed0110022945a078db50f530a7c618cc28574cd94e0fe0b6c36af0d
215a75b719c9eab3ff9d2433a62120056a7d5cbe7f3b10258cc2b82109dda590
2376f1ca88d8e017aa73da8be90f875323c4ce590a17143931f494a846f9d498
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
250e367ff82ec35e8bdfd782251214c82c9f22640a2b994ecbfdb185c1f28f56
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2af5234873fe6e9715ce0e8bc1b9916a219c9b3d114b6b5c345547a13ab1777f
2b193beda4aabb7502d6efe78385c0d4afacd5a0e956779f42880b767b4df5ae
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
3a6a80d2011e85e3e1c85099517398ad57cb0d70dfbaee5653b22c7ef585ec38
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cf5a15e00c6e4ba1ee809bbac8fa1a2ab8af4fc3a89c0022ca0b3300bce1c91
3dd6adc3332598dc8fa19b97ebd1a9bf76c77631476b78e5ecd66222743c7ca4
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51e71ae16087213b71765c34db3d87fe6bb1fb23a51d33c44922c6e5c1275077
5211a382edbdc5735bcef4a602013024eacec74802285bfe83e19f6b90a7b921
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5b3076378c41157061292143a6b0fd9f5f3b72cbd94103c382fa03b096c7ec38
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
687503387bf1c30e1eec2ea6ac746145f45d3c73334f4ff8d8aa6802e62f9f29
68c8b1ff1f38e8c5e7ad80fc75f225610ec3a9a6d3319516785d79336f82d746
6b0708fbfd750df7c457e523328dbf6560bdc829cc99c0cc148c274d813c9433
6def139b766d2be8833c707031f22dafbd6a4230a11a52dc8677c2cab2a21a17
6f9575294996c04de499d110023f5ee4b94944069db55fe96bfd7fd61ba59d90
6fc96bd4bbaeb5f4f6b9ea81d2f995711064f7ca8e90362892122de20bbfba2e
70427ec237de1ed281521c356bb2f40343e73da7141b18a60371dae02c6b79ba
750a4e6696214cfd2031b006420f37eebc61423b40bba2e41bfc40cf39d86be9
7684c57c06df116d6c0634a10669b4b619f1cee821ec94ce983b0da286d36b58
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81087eac5ba9c2eee42e40d7be5359ce66d619f09a6400a707f228bc7b7b1198
82e04a82bd61abf99a4691e152fec8ff1a4059fde9a7cfc3a8cfa5b4d82b8acb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cce93b7dbfc35ca8b5a3e307df0b72842b10d7659c8b80c906f9bb46751506f
8cfc0e6e92e8fd92ebbe0f6b373f8cff7dabe9e360ddbc470b1fb81d9f7af366
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
920383b782d3df0447a5f65ff9c095ead1caf82129674a6124a8978dc7bd316d
931a805c5b43432bd082dceff6a119116dbfa78feb634d77b39152c49836034e
94a268be434ede86fecd757217883d463c53ffbb37f0ca510ffd0fc6ee96c574
965295e19a52ff860d7d3dabc0124eabb3fa3b9e9d76da946a4b04d0947e179b
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aba824f9a41bb87a9112bc4bb98e74b7066bb945f34132c2ffd0b3b1037aea91
b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a
b47eb2c147c468eb6aa9c3ba546db61b822d6d7be251f41e06aefc0d3c828163
b90aee4cd0ad8ee508f79c6e6320f3846b8954313ae45d28f6821cc8f26f5c9d
bb2c045b9b80649bc825dc710101fe608a3a8f134428d30e4d318739c25c38e1
bb99026b90af877590e560588f22379d2950b8bc0521726a6d4ab3ec05d6b351
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
ca63b5b3065d43c38877a596f1c9e59869d52266ca55d37f6e886673125b280a
d12fd1d8afb1c2d8cb9d59868336a6c9e357af548f36aa41bcdb12fa19158365
d53e6a549bc1912ed779d9e7553712e29280d7a8187fde8ed4341eedd5934f6f
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d883a7a53b5f1c29c6fc0610278e980052e0d7b5b33c82d76fd69722c2414b74
d90330fc1764b24e386fd996eddeb79d6468dc845cc7bbaa5f0b0184cd037a33
d92dcd1f2122340f07cb71b2fd9674dc587ca9931f8d9b1434c4e35145675b9a
dce0c146fdf869be3263b707bedb25e486bc710487fcab69c285f532ab7d6e12
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfb04b1e28e18315d65a0079165c77c506ea319565a8e7ba672ccdbf44c09888
e39205bb00318514e8691ed9b0b03cd78664511554fd0b2216dc41b511c0eed2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e452e427426a73874dc18f54731b508406883dd902393dc5e393625ab22fd574
ea4d52307cc82807322f628e3e9eb83d0ed3d202f6fcc34d2e9064eb40e15c6f
ebad97c485cf551ee3c3171a81f497ad4ce44fc5f1f966333441e694094f32a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45ffda5f1836f646b4a942f55d6c3f7f4d28e0dc88236a677913875059787d4
f51e2643a16f1154d148aa0e87f674ec5233f4dced02e9c123ad789eed147be3
f6252faa0a83ae1e8e0d08a2810dba4bcf1ebfc800e7ea68c5e798f96fa05044
f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6
fb6a0bbe92423e25430dc3c39248b7fac9baab4a4287312ac02b5fbac00342d2

filelu.com Open in urlscan Pro 104.26.5.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

129 Requests

89 %HTTPS

0 %IPv6

36 Domains

46 Subdomains

32 IPs

5 Countries

1724 kBTransfer

4845 kBSize

28 Cookies

10 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

filelu.com Open in urlscan Pro
104.26.5.69 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

89 %
HTTPS

0 %
IPv6

36
Domains

46
Subdomains

32
IPs

5
Countries

1724 kB
Transfer

4845 kB
Size

28
Cookies

129 HTTP transactions
1 data transactions