www.mediafire.com Open in urlscan Pro
104.16.202.237  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

• https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=537072979&val=CBMbU0qe1MyXGI5

Request Chain 88

• https://x.bidswitch.net/sync?ssp=openx HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
• https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=8aeeece7-2636-44de-9bdd-6a82b9161cd6 HTTP 302
• https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=8aeeece7-2636-44de-9bdd-6a82b9161cd6 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=1f0e2ad5-74c2-412b-9d42-838ef23a864a&ssp=openx HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072968&val=8aeeece7-2636-44de-9bdd-6a82b9161cd6

Request Chain 89

• https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6230533385873967778

Request Chain 90

• https://match.prod.bidr.io/cookie-sync/ox HTTP 303
• https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
• https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJWENrN0N3WGdBQUJ0ZWN2b3JhZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
• https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIXCk7CwXgAABtecvorag&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
• https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
• https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAIXCk7CwXgAABtecvorag&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
• https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAIXCk7CwXgAABtecvorag&pid=558502&do=add HTTP 303
• https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAIXCk7CwXgAABtecvorag&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
• https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5805941979291769334 HTTP 303
• https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAIXCk7CwXgAABtecvorag

Request Chain 91

• https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2ef16160-bc13-4000-ba5f-7c52d2c97ca9

Request Chain 92

• https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=fravKyrkqC9lt6kicb-0I3C2ri5lv_14LLB5c7ER

Request Chain 93

• https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6126520652699585216

Request Chain 95

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2M5NDRhYjctMDhmOC02Yzg5LTQ1ZGEtZGI1MWY3ODQ0ZDA0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2M5NDRhYjctMDhmOC02Yzg5LTQ1ZGEtZGI1MWY3ODQ0ZDA0&google_tc=

Request Chain 96

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMtNRc_3mGeajPP10BQCmnc&google_cver=1

Request Chain 97

• https://c1.adform.net/serving/cookie/match?party=14&cid=2F470B7A-3FB2-460F-9F75-7DCB722CDD9F HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2F470B7A-3FB2-460F-9F75-7DCB722CDD9F

Request Chain 98

• https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6939795783178692722

Request Chain 100

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L0cLej-yRg-fdX3Lcizdnw%3D%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L0cLej-yRg-fdX3Lcizdnw%3D%3D&google_tc= HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 101

• https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=60306160-bc13-4f00-b1b9-bb44945df1cf

Request Chain 102

• https://pixel.onaudience.com/?partner=214&mapped=2F470B7A-3FB2-460F-9F75-7DCB722CDD9F HTTP 302
• https://spl.zeotap.com/?zdid=1332&zcluid=96354ace82708d74 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f469573-1c03-465a-6f1a-7fb7ca3b63a5&reqId=b519b4a0-4c2c-465c-51c2-783b766ab508&zcluid=96354ace82708d74&zdid=1332 HTTP 302
• https://mwzeom.zeotap.com/mw?google_gid=CAESEFpVzFB1HcYtpfw7-QjP4CY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f469573-1c03-465a-6f1a-7fb7ca3b63a5&reqId=b519b4a0-4c2c-465c-51c2-783b766ab508&zcluid=96354ace82708d74&zdid=1332

Request Chain 103

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkY0NzBCN0EtM0ZCMi00NjBGLTlGNzUtN0RDQjcyMkNERDlG&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkY0NzBCN0EtM0ZCMi00NjBGLTlGNzUtN0RDQjcyMkNERDlG&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 104

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJsPPWyvSxePULTnhyjzuDg&google_cver=1

Request Chain 106

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cc436776-1e44-4992-a2cb-8b95ee513f44

Request Chain 107

• https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2115744692855740021

Request Chain 108

• https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3b946160-bc13-4c00-b776-b099d667c4de&gdpr=0&gdpr_consent=

Request Chain 109

• https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6230533385873967778&gdpr=0&gdpr_consent=

Request Chain 110

• https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Hz34Lktv_yoEPP4nEDTjJhE9-SsENKp9TTvX_GQV

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request file Show response www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281....	315 KB 84 KB	417ms 379ms	Document text/html	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8486bf0b964cf95b28d817fafd802d012cce625893413a7c3175e89460066104 Security Headers Name Value Strict-Transport-Security max-age=0 X-Frame-Options SAMEORIGIN Request headers :method GET :authority www.mediafire.com :scheme https :path /file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie ukey=t9wsgukr9fzcxmz3r7bqfleesfa4dx6c; expires=Tue, 08-Oct-2041 21:45:51 GMT; Max-Age=631152000; path=/; domain=.mediafire.com; HttpOnly conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FGoogle%20Chrome%22%2C%22mf_campaign%22%3A%2226w8mgjzehkjtaj%22%2C%22mf_term%22%3A%22a661f89c1dcc176f919470e57035adb4%22%7D; expires=Sun, 07-Nov-2021 21:45:51 GMT; Max-Age=2592000; path=/; domain=.mediafire.com __cf_bm=9jputUnAngQdldV8RiQkztuAaTV9VXrNrobvV6hp3Cw-1633729551-0-AT5w5F/3KJSuxqbLMrm12hR8ENyNU9cgBxZZ8a16DXo8B464ncKP0NVOuyWotpJW6JviOM7k2yBbzj0AK2RM8Mk=; path=/; expires=Fri, 08-Oct-21 22:15:51 GMT; domain=.mediafire.com; HttpOnly; Secure; SameSite=None strict-transport-security max-age=0 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, must-revalidate, max-age=0 post-check=0, pre-check=0 pragma no-cache expires 0 x-frame-options SAMEORIGIN x-robots-tag noindex, nofollow report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 69b28effaf022187-DUS content-encoding gzip
GET H2	200	js Show response www.googletagmanager.com/gtag/	97 KB 39 KB	84ms 29ms	Script application/javascript	142.250.185.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-829541-1 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f8.1e100.net Software Google Tag Manager / Resource Hash 3e1146eeb3e7f402ecdf36c330db2ab8459fd0c3c9a9b24edb6afb9c63aecf1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39162 x-xss-protection 0 last-modified Fri, 08 Oct 2021 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 08 Oct 2021 21:45:51 GMT
GET H2	200	AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA= Show response fundingchoicesmessages.google.com/f/	70 KB 26 KB	98ms 49ms	Script application/javascript	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA= Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash 2d78063424d5b67aa25f035a2c6572697b7e4d7fc3d93ac498645ddd394e2781 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9b42I7jp1pf+BVrIKKSXhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9b42I7jp1pf+BVrIKKSXhA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-9b42I7jp1pf+BVrIKKSXhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9b42I7jp1pf+BVrIKKSXhA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	79 KB 27 KB	96ms 40ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 31cbdbcb564da02c7a341b4e7f966ed974f9639dc0e516f5902cf52f468cfa4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1010 / 573 of 1000 / last-modified: 1633728134" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26949 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 08 Oct 2021 21:45:51 GMT
GET H2	200	prebid5.10.0.js Show response www.mediafire.com/js/	212 KB 65 KB	612ms 611ms	Script application/x-javascript	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mediafire.com/js/prebid5.10.0.js Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb7154126cf93af6af94f354ab76cea96918b36efcd3b8f3c13d34ed878f5538 Request headers :path /js/prebid5.10.0.js pragma no-cache cookie ukey=t9wsgukr9fzcxmz3r7bqfleesfa4dx6c; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FGoogle%20Chrome%22%2C%22mf_campaign%22%3A%2226w8mgjzehkjtaj%22%2C%22mf_term%22%3A%22a661f89c1dcc176f919470e57035adb4%22%7D; __cf_bm=9jputUnAngQdldV8RiQkztuAaTV9VXrNrobvV6hp3Cw-1633729551-0-AT5w5F/3KJSuxqbLMrm12hR8ENyNU9cgBxZZ8a16DXo8B464ncKP0NVOuyWotpJW6JviOM7k2yBbzj0AK2RM8Mk= accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.mediafire.com referer https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:52 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Mon, 27 Sep 2021 17:45:30 GMT server cloudflare etag W/"6152033a-34e0c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type application/x-javascript access-control-allow-origin * cache-control max-age=2592000 nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 69b28f024bd92187-DUS expires Sun, 07 Nov 2021 21:45:52 GMT
GET H2	200	element.js Show response translate.google.com/translate_a/	76 KB 27 KB	96ms 48ms	Script text/javascript	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.google.com/translate_a/element.js?cb=googFooterTranslate Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash 823e3c8c93f1fa3de57dea7cb43001118197f769864baf438f37171e3f7ca3e7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"AZM8irajuAAtyVqGve7GQSTq0VGurvVOiUfjvKzysc56O7oR1Y4t0K3_N7a5bit2UEt79w","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irajuAAtyVqGve7GQSTq0VGurvVOiUfjvKzysc56O7oR1Y4t0K3_N7a5bit2UEt79w"}]} p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control no-cache, no-store, max-age=0, must-revalidate content-type text/javascript; charset=utf-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="AZM8irajuAAtyVqGve7GQSTq0VGurvVOiUfjvKzysc56O7oR1Y4t0K3_N7a5bit2UEt79w" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	aax.js Show response c.aaxads.com/	414 KB 114 KB	77ms 27ms	Script text/javascript	104.92.105.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=www.mediafire.com&ver=1.2 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-105-214.deploy.static.akamaitechnologies.com Software Apache / Resource Hash ab8f32416bc4680290006a447c6723e16411a7dd40bbdfd51010817b579406e7 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=604800 content-encoding gzip server Apache date Fri, 08 Oct 2021 21:45:51 GMT vary Accept-Encoding x-mnet-h E content-type text/javascript; charset=utf-8 cache-control max-age=1800 expires Fri, 08 Oct 2021 22:15:51 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	205 KB 65 KB	106ms 61ms	Script application/javascript	142.250.185.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f8.1e100.net Software Google Tag Manager / Resource Hash 8952025daaf972b5035a57f947a03a0784a35e0492a89da1389674fa52637aff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 66166 x-xss-protection 0 last-modified Fri, 08 Oct 2021 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 08 Oct 2021 21:45:51 GMT
GET H2	200	mf_logo_full_color.svg static.mediafire.com/images/backgrounds/header/	3 KB 2 KB	28ms 21ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 28 Oct 2016 22:22:42 GMT server cloudflare age 6713 etag W/"5813cfb2-d1d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 69b28f024bf52187-DUS
GET H2	200	file-zip-v3.png static.mediafire.com/images/filetype/	2 KB 2 KB	28ms 20ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/filetype/file-zip-v3.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 190848 content-length 1872 last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare etag "56e35350-750" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 69b28f024bf82187-DUS expires Fri, 05 Nov 2021 16:44:30 GMT
GET H2	200	icons_sprite.svg www.mediafire.com/images/icons/svg_light/	36 KB 9 KB	147ms 147ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.mediafire.com/images/icons/svg_light/icons_sprite.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02 Request headers :path /images/icons/svg_light/icons_sprite.svg pragma no-cache cookie ukey=t9wsgukr9fzcxmz3r7bqfleesfa4dx6c; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FGoogle%20Chrome%22%2C%22mf_campaign%22%3A%2226w8mgjzehkjtaj%22%2C%22mf_term%22%3A%22a661f89c1dcc176f919470e57035adb4%22%7D; __cf_bm=9jputUnAngQdldV8RiQkztuAaTV9VXrNrobvV6hp3Cw-1633729551-0-AT5w5F/3KJSuxqbLMrm12hR8ENyNU9cgBxZZ8a16DXo8B464ncKP0NVOuyWotpJW6JviOM7k2yBbzj0AK2RM8Mk= accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.mediafire.com referer https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Mon, 27 Sep 2021 17:45:30 GMT server cloudflare etag W/"6152033a-90ab" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * cf-ray 69b28f024bde2187-DUS
GET H2	200	dl_promo_logo.png static.mediafire.com/images/backgrounds/download/	2 KB 2 KB	20ms 19ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/dl_promo_logo.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 174d0ce23ddaa3923575af7a8e047e1dbf75199ebee7df1aca5e5713c4a1dd62 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 190865 content-length 2240 last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare etag "56e35350-8c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 69b28f027c672187-DUS expires Fri, 05 Nov 2021 16:44:28 GMT
GET H2	200	apps_list_sprite-v6.png static.mediafire.com/images/backgrounds/download/	8 KB 8 KB	22ms 22ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/apps_list_sprite-v6.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 190872 content-length 8145 last-modified Tue, 05 Oct 2021 21:36:28 GMT server cloudflare etag "615cc55c-1fd1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 69b28f027c692187-DUS expires Fri, 05 Nov 2021 16:44:30 GMT
GET H2	200	arrow_dropdown.svg www.mediafire.com/images/icons/svg_dark/	315 B 358 B	155ms 154ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26 Request headers :path /images/icons/svg_dark/arrow_dropdown.svg pragma no-cache cookie ukey=t9wsgukr9fzcxmz3r7bqfleesfa4dx6c; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FGoogle%20Chrome%22%2C%22mf_campaign%22%3A%2226w8mgjzehkjtaj%22%2C%22mf_term%22%3A%22a661f89c1dcc176f919470e57035adb4%22%7D; __cf_bm=9jputUnAngQdldV8RiQkztuAaTV9VXrNrobvV6hp3Cw-1633729551-0-AT5w5F/3KJSuxqbLMrm12hR8ENyNU9cgBxZZ8a16DXo8B464ncKP0NVOuyWotpJW6JviOM7k2yBbzj0AK2RM8Mk= accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.mediafire.com referer https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 18 Dec 2018 18:09:53 GMT server cloudflare etag W/"5c1937f1-13b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * cf-ray 69b28f027c6c2187-DUS
GET H2	200	check_circle_green.svg static.mediafire.com/images/icons/svg_dark/	444 B 400 B	27ms 27ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/icons/svg_dark/check_circle_green.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 17 Jul 2018 20:30:14 GMT server cloudflare age 6549 etag W/"5b4e51d6-1bc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 69b28f028c6f2187-DUS
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	13 KB 5 KB	66ms 44ms	Script text/javascript	104.16.95.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.95.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69b28f02bf47c4b8-DUS
GET H2	200	fb_16x16.png static.mediafire.com/images/backgrounds/download/social/	181 B 258 B	41ms 41ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/social/fb_16x16.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 190865 content-length 181 last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare etag "56e35350-b5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 69b28f02acc22187-DUS expires Fri, 05 Nov 2021 16:44:28 GMT
GET H2	200	footerIcons.png static.mediafire.com/images/backgrounds/footer/social/	583 B 685 B	22ms 19ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 190865 content-length 583 last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare etag "56e35350-247" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 69b28f02dd0e2187-DUS expires Fri, 05 Nov 2021 16:44:29 GMT
GET H2	200	infinity.js.aspx Show response cdn.otnolatrnup.com/Scripts/	193 KB 66 KB	47ms 16ms	Script application/x-javascript	104.19.215.37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.215.37 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 0f06126dccf3934aa8cadff4b6b25e06b81ab678b9b2943364345634f4393516 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip cf-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 server cloudflare age 8 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="CAO PSA OUR IND" access-control-allow-origin * cache-control public, no-transform, max-age=900 cf-ray 69b28f032c9c216f-DUS content-type application/x-javascript; charset=utf-8
GET H2	200	pxusr.gif c.aaxads.com/	43 B 205 B	7ms 7ms	Image image/gif	104.92.105.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://c.aaxads.com/pxusr.gif Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-105-214.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT last-modified Mon, 26 Feb 2018 13:29:58 GMT server Apache strict-transport-security max-age=604800 content-type image/gif cache-control max-age=267286 accept-ranges bytes content-length 43 expires Tue, 12 Oct 2021 00:00:37 GMT
GET H/1.1	200 OK	pxext.gif www.aaxdetect.com/	43 B 323 B	110ms 8ms	Image image/gif	104.92.70.118 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.aaxdetect.com/pxext.gif Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.70.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-70-118.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 08 Oct 2021 21:45:51 GMT Last-Modified Mon, 26 Feb 2018 13:29:58 GMT Server Apache Content-Type image/gif Cache-Control max-age=482461 Connection keep-alive Accept-Ranges bytes Content-Length 43 Expires Thu, 14 Oct 2021 11:46:52 GMT
GET H2	200	like.php Show response www.facebook.com/plugins/ Frame C16D	0 2 KB	46ms 26ms	Document text/html	31.13.92.36 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-frt3.facebook.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mediafire.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ Response headers content-type text/html;charset=utf-8 pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-content-type-options nosniff x-xss-protection 0 x-fb-debug 9DKNGDiwxDsPEF257Fx79qS1W1FCy9ikj+NfOL5M6O7x0Mw4hsFxMe6MuwI/Y6UnTGVGhSkzxHGrckVz2twAQA== content-length 0 date Fri, 08 Oct 2021 21:45:51 GMT priority u=3,i alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
GET H2	200	world.svg static.mediafire.com/images/backgrounds/download/additional_content/	143 KB 53 KB	31ms 30ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/additional_content/world.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 17 Jul 2018 20:30:14 GMT server cloudflare age 6712 etag W/"5b4e51d6-23ce2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 69b28f036df12187-DUS
GET H2	200	continent-eu.svg static.mediafire.com/images/backgrounds/download/additional_content/	23 KB 9 KB	19ms 19ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/additional_content/continent-eu.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbb99c4149249b280f1d3d924d9bdd29a4a14cba1e71775fb3bdbdf13ebd5a48 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 17 Jul 2018 20:30:14 GMT server cloudflare age 6169 etag W/"5b4e51d6-5ca3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 69b28f036df22187-DUS
GET H2	200	fra.svg static.mediafire.com/images/flags_svg/	249 B 525 B	26ms 25ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/flags_svg/fra.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 241dac7da9d2782f58c2ffdc05090ac486b49cde149c879675d189dee66aedf6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 17 Jul 2018 20:30:14 GMT server cloudflare age 4180 etag W/"5b4e51d6-f9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 69b28f036df32187-DUS
GET H2	200	flag.svg static.mediafire.com/images/backgrounds/download/additional_content/	234 B 280 B	21ms 20ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/additional_content/flag.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 17 Jul 2018 20:30:14 GMT server cloudflare age 6484 etag W/"5b4e51d6-ea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 69b28f036df52187-DUS
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	82ms 24ms	Script text/javascript	142.250.185.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 11 Aug 2021 00:32:57 GMT server Golfe2 age 3534 date Fri, 08 Oct 2021 20:46:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Fri, 08 Oct 2021 22:46:57 GMT
GET H2	200	pubads_impl_2021100601.js Show response securepubads.g.doubleclick.net/gpt/	365 KB 123 KB	32ms 31ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 62829675b31c3c336b79e09872f249e6d6262c6faa9371985f821223dbaf2d6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 125954 x-xss-protection 0 last-modified Wed, 06 Oct 2021 08:42:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 08 Oct 2021 21:45:51 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	339 B 186 B	68ms 35ms	XHR application/json	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mediafire.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 0ec47383b2dbdefc49b74d00351f225657afbbaf3946816fc05b78380ef67d82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Fri, 08 Oct 2021 21:45:51 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 161 x-xss-protection 0 expires Fri, 08 Oct 2021 21:45:51 GMT
POST H3	204	AGSKWxXFIpfA91Y49YHbslKmXYQwBze3_OshOlOggPzDRnzNO5LosLqLOrHP78NUh0ZHFGaSQWAk6DMZ6sfuoq-aV-w= Show response fundingchoicesmessages.google.com/el/	0 27 B	84ms 40ms	XHR text/html	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXFIpfA91Y49YHbslKmXYQwBze3_OshOlOggPzDRnzNO5LosLqLOrHP78NUh0ZHFGaSQWAk6DMZ6sfuoq-aV-w=?pvid=84D311BC-1539-4A5B-A1B5-6488FC6C2824&anonid=98BAC377-0271-4B9D-B5E5-BADB55D30156 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.ik5C1EDz7hw.es5.O/d=1/rs=AJlcJMxvBPI1OT9_1cW2yF86_W1Eos3a-Q/m=loader_js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-rHHC3U+Ca8N3XW2Yz3zBVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rHHC3U+Ca8N3XW2Yz3zBVw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Fri, 08 Oct 2021 21:45:52 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-rHHC3U+Ca8N3XW2Yz3zBVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rHHC3U+Ca8N3XW2Yz3zBVw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxXFIpfA91Y49YHbslKmXYQwBze3_OshOlOggPzDRnzNO5LosLqLOrHP78NUh0ZHFGaSQWAk6DMZ6sfuoq-aV-w= Show response fundingchoicesmessages.google.com/el/	0 27 B	92ms 48ms	XHR text/html	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXFIpfA91Y49YHbslKmXYQwBze3_OshOlOggPzDRnzNO5LosLqLOrHP78NUh0ZHFGaSQWAk6DMZ6sfuoq-aV-w=?pvid=84D311BC-1539-4A5B-A1B5-6488FC6C2824&anonid=98BAC377-0271-4B9D-B5E5-BADB55D30156 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.ik5C1EDz7hw.es5.O/d=1/rs=AJlcJMxvBPI1OT9_1cW2yF86_W1Eos3a-Q/m=loader_js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-cgqbNLKExEdLKltQolRe0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-cgqbNLKExEdLKltQolRe0w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Fri, 08 Oct 2021 21:45:52 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-cgqbNLKExEdLKltQolRe0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-cgqbNLKExEdLKltQolRe0w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxXFIpfA91Y49YHbslKmXYQwBze3_OshOlOggPzDRnzNO5LosLqLOrHP78NUh0ZHFGaSQWAk6DMZ6sfuoq-aV-w= Show response fundingchoicesmessages.google.com/el/	0 26 B	63ms 46ms	XHR text/html	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXFIpfA91Y49YHbslKmXYQwBze3_OshOlOggPzDRnzNO5LosLqLOrHP78NUh0ZHFGaSQWAk6DMZ6sfuoq-aV-w=?pvid=84D311BC-1539-4A5B-A1B5-6488FC6C2824&anonid=98BAC377-0271-4B9D-B5E5-BADB55D30156 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.ik5C1EDz7hw.es5.O/d=1/rs=AJlcJMxvBPI1OT9_1cW2yF86_W1Eos3a-Q/m=loader_js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-jaqM/8u5hFdBQmarVF2r1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jaqM/8u5hFdBQmarVF2r1Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Fri, 08 Oct 2021 21:45:52 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-jaqM/8u5hFdBQmarVF2r1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jaqM/8u5hFdBQmarVF2r1Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxX8lLv1c0FQR0AGdUMRJRH4aPcUoF-JrhdCKfP57_TUNa5p0XOBaJRiwm0TtaD0whNb0rmWEnV7c9YCJpuG-68= Show response fundingchoicesmessages.google.com/f/	160 KB 44 KB	104ms 59ms	Script application/javascript	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxX8lLv1c0FQR0AGdUMRJRH4aPcUoF-JrhdCKfP57_TUNa5p0XOBaJRiwm0TtaD0whNb0rmWEnV7c9YCJpuG-68=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzNzI5NTUxLDk5MTAwMDAwMF0sIjg0RDMxMUJDLTE1MzktNEE1Qi1BMUI1LTY0ODhGQzZDMjgyNCIsIjk4QkFDMzc3LTAyNzEtNEI5RC1CNUU1LUJBREI1NUQzMDE1NiIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxmYWxzZV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS8yNnc4bWdqemVoa2p0YWovJTI1QzIlMjVBNzQlMjVDMiUyNUE3bFNZTkMlMjVDMiUyNUE3YyUyNUMyJTI1QTdsSFJPWl8lMjVDMiUyNUE3OSUyNUMyJTI1QTdsLV8lMjVDMiUyNUE3ZiUyNUMyJTI1QTdsUGFja18lMjVDMiUyNUE3OSUyNUMyJTI1QTdsVjFfJTI1QzIlMjVBN2YlMjVDMiUyNUE3bCUyNTI4MS44JTI1MjkuemlwL2ZpbGUiXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.ik5C1EDz7hw.es5.O/d=1/rs=AJlcJMxvBPI1OT9_1cW2yF86_W1Eos3a-Q/m=loader_js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash 0b0d2ae7ce3feaa91cd7a1b32c50fb396c73d44dbca2521b710fd9ab0327082a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-7ODIumtJCDZlzFE2QqKPTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-7ODIumtJCDZlzFE2QqKPTw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:52 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin; report-to="ContributorGlobalRouterHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]} content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-7ODIumtJCDZlzFE2QqKPTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-7ODIumtJCDZlzFE2QqKPTw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	translateelement.css translate.googleapis.com/translate_static/css/	18 KB 4 KB	59ms 17ms	Stylesheet text/css	216.58.212.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/translate_static/css/translateelement.css Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.de.9WzEz6na2G8.O/d=1/rs=AN8SPfqsoIhIIohsTl-Bw7VQw8RDhYAscg/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f170.1e100.net Software sffe / Resource Hash 5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 20:54:26 GMT content-encoding br x-content-type-options nosniff age 3086 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3130 x-xss-protection 0 last-modified Wed, 24 Feb 2021 19:45:00 GMT server sffe vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="rosetta" expires Fri, 08 Oct 2021 21:54:26 GMT
GET H2	200	main.js Show response translate.googleapis.com/translate_static/js/element/	6 KB 2 KB	59ms 18ms	Script text/javascript	216.58.212.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/translate_static/js/element/main.js Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.de.9WzEz6na2G8.O/d=1/rs=AN8SPfqsoIhIIohsTl-Bw7VQw8RDhYAscg/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f170.1e100.net Software sffe / Resource Hash 251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 20:54:25 GMT content-encoding br x-content-type-options nosniff age 3087 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2154 x-xss-protection 0 last-modified Mon, 24 May 2021 18:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="rosetta" expires Fri, 08 Oct 2021 21:54:25 GMT
GET H2	200	/ Show response c.adsco.re/	62 KB 22 KB	59ms 22ms	Script text/html	104.17.166.186 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: cdn.otnolatrnup.com URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.166.186 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:52 GMT content-encoding br cf-cache-status HIT server cloudflare age 9602917 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 69b28f04ab5cc4bd-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 08 Nov 2021 21:45:52 GMT
GET H2	200	log l3.aaxads.com/	35 B 194 B	91ms 5ms	Image image/gif	104.92.105.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dgw=desktop&flg=AAX3221EY&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=mediafire.com&vhuyqdph=ssp-serving-f8bbbb765-bpxtn&vyu=100511_296_100511_266_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001633729551892036324922885913&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_delay400&deg=2&gvwduw=32&ghqg=242&uhtxuo=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F26w8mgjzehkjtaj%2F%2525C2%2525A74%2525C2%2525A7lSYNC%2525C2%2525A7c%2525C2%2525A7lHROZ_%2525C2%2525A79%2525C2%2525A7l-_%2525C2%2525A7f%2525C2%2525A7lPack_%2525C2%2525A79%2525C2%2525A7lV1_%2525C2%2525A7f%2525C2%2525A7l%2525281.8%252529.zip%2Ffile&nzui= Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-105-214.deploy.static.akamaitechnologies.com Software Jetty(9.4.35.v20201120) / Resource Hash 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:52 GMT server Jetty(9.4.35.v20201120) content-type image/gif access-control-allow-origin * cache-control max-age=0, no-cache, no-store content-length 35 expires Fri, 08 Oct 2021 21:45:52 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	58ms 27ms	XHR text/plain	142.250.185.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2072417137&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F26w8mgjzehkjtaj%2F%2525C2%2525A74%2525C2%2525A7lSYNC%2525C2%2525A7c%2525C2%2525A7lHROZ_%2525C2%2525A79%2525C2%2525A7l-_%2525C2%2525A7f%2525C2%2525A7lPack_%2525C2%2525A79%2525C2%2525A7lV1_%2525C2%2525A7f%2525C2%2525A7l%2525281.8%252529.zip%2Ffile&ul=en-us&de=UTF-8&dt=%C2%A74%C2%A7lSYNC%C2%A7c%C2%A7lHROZ%20%C2%A79%C2%A7l-%20%C2%A7f%C2%A7lPack%20%C2%A79%C2%A7lV1%20%C2%A7f%C2%A7l(1.8)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1830163335&gjid=616717668&cid=1874812755.1633729552&tid=UA-829541-1&_gid=1537490571.1633729552&_r=1&gtm=2oua60&cd1=unregistered&cd7=legacy&cd3=archive&cd4=34&cd5=zip&cd8=%2F20%2F50%2F100%2F&z=741523663 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f14.1e100.net Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:52 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ 6.adsco.re/	0 389 B	56ms 17ms	Other text/plain	104.17.166.186 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.166.186 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Origin https://www.mediafire.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:52 GMT server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://www.mediafire.com access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 69b28f05292cfad4-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 0
GET H/1.1	200 OK	/ 4.adsco.re/	0 465 B	75ms 28ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Origin https://www.mediafire.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 08 Oct 2021 21:45:52 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://www.mediafire.com Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H3	200	element_main.js Show response translate.googleapis.com/element/TE_20210503_00/e/js/element/	252 KB 90 KB	36ms 14ms	Script text/javascript	216.58.212.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js Requested by Host: translate.googleapis.com URL: https://translate.googleapis.com/translate_static/js/element/main.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f170.1e100.net Software sffe / Resource Hash 09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 10:54:26 GMT content-encoding gzip x-content-type-options nosniff age 39086 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91906 x-xss-protection 0 last-modified Mon, 03 May 2021 09:56:24 GMT server sffe vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="rosetta" expires Sat, 08 Oct 2022 10:54:26 GMT
POST H3	204	AGSKWxULJEB5nh37ZDGoQ5fe4YZ3GksrnUgF8Qg4reYuttBNmDyO3WDWc_52qdE7GrsTkEmOMBE9QCitEWnvaJGFCIX1R28scQfiCcTv4IW3knrXhBYakbm_lhx9kcz0JgJOlNm9YQx8vW612rMSCFygwJA1_hJcBNdgg5LyYJIshKxpK8BWliya2AA2xGTM Show response fundingchoicesmessages.google.com/el/	0 27 B	43ms 43ms	XHR text/html	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxULJEB5nh37ZDGoQ5fe4YZ3GksrnUgF8Qg4reYuttBNmDyO3WDWc_52qdE7GrsTkEmOMBE9QCitEWnvaJGFCIX1R28scQfiCcTv4IW3knrXhBYakbm_lhx9kcz0JgJOlNm9YQx8vW612rMSCFygwJA1_hJcBNdgg5LyYJIshKxpK8BWliya2AA2xGTM?dmid=1a7aac38284b88d2 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.2H171NmMojU.es5.O/d=1/rs=AJlcJMwtYn3h4wMsp-hQS0db0hndSrfUEQ/m=iabtcfv2wallscript Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9OVnYSF9Jl6P5TTTtZ9s1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9OVnYSF9Jl6P5TTTtZ9s1w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Fri, 08 Oct 2021 21:45:52 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-9OVnYSF9Jl6P5TTTtZ9s1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9OVnYSF9Jl6P5TTTtZ9s1w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxULJEB5nh37ZDGoQ5fe4YZ3GksrnUgF8Qg4reYuttBNmDyO3WDWc_52qdE7GrsTkEmOMBE9QCitEWnvaJGFCIX1R28scQfiCcTv4IW3knrXhBYakbm_lhx9kcz0JgJOlNm9YQx8vW612rMSCFygwJA1_hJcBNdgg5LyYJIshKxpK8BWliya2AA2xGTM Show response fundingchoicesmessages.google.com/el/	0 27 B	44ms 44ms	XHR text/html	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxULJEB5nh37ZDGoQ5fe4YZ3GksrnUgF8Qg4reYuttBNmDyO3WDWc_52qdE7GrsTkEmOMBE9QCitEWnvaJGFCIX1R28scQfiCcTv4IW3knrXhBYakbm_lhx9kcz0JgJOlNm9YQx8vW612rMSCFygwJA1_hJcBNdgg5LyYJIshKxpK8BWliya2AA2xGTM?dmid=1a7aac38284b88d2 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.2H171NmMojU.es5.O/d=1/rs=AJlcJMwtYn3h4wMsp-hQS0db0hndSrfUEQ/m=iabtcfv2wallscript Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-i+xwlvRfUQ+qyt7LZ4Vv5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-i+xwlvRfUQ+qyt7LZ4Vv5Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Fri, 08 Oct 2021 21:45:52 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-i+xwlvRfUQ+qyt7LZ4Vv5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-i+xwlvRfUQ+qyt7LZ4Vv5Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/	54 KB 4 KB	83ms 33ms	Stylesheet text/css	142.250.185.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.2H171NmMojU.es5.O/d=1/rs=AJlcJMwtYn3h4wMsp-hQS0db0hndSrfUEQ/m=iabtcfv2wallscript Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f10.1e100.net Software ESF / Resource Hash 81178b436b493a97e10943f162ee6f7b8023043e7f069f7b7a11b4ef66c5c2c4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 08 Oct 2021 21:45:52 GMT server ESF date Fri, 08 Oct 2021 21:45:52 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Fri, 08 Oct 2021 21:45:52 GMT
GET H2	200	npGXpUc0N4CK7SHFux57ayiqLI4mxZzRMFqfdJskHl3whc8U3XuWXwCuTdKHaylDfQnu79iXhSexFH9VwIxP51W91Xj_nfY678xwxK_OKY86afD6YxnBnQ=h60 lh3.googleusercontent.com/	12 KB 12 KB	102ms 24ms	Image image/png	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/npGXpUc0N4CK7SHFux57ayiqLI4mxZzRMFqfdJskHl3whc8U3XuWXwCuTdKHaylDfQnu79iXhSexFH9VwIxP51W91Xj_nfY678xwxK_OKY86afD6YxnBnQ=h60 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software fife / Resource Hash cf7137aae8e21d7b4a5d0a322b25dfc27c7a1e9b1a06bb4d5f813ef9e3459df3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 18:30:20 GMT x-content-type-options nosniff age 11732 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12249 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 09 Oct 2021 18:30:20 GMT
POST H3	204	AGSKWxXFIpfA91Y49YHbslKmXYQwBze3_OshOlOggPzDRnzNO5LosLqLOrHP78NUh0ZHFGaSQWAk6DMZ6sfuoq-aV-w= Show response fundingchoicesmessages.google.com/el/	0 26 B	42ms 42ms	XHR text/html	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxXFIpfA91Y49YHbslKmXYQwBze3_OshOlOggPzDRnzNO5LosLqLOrHP78NUh0ZHFGaSQWAk6DMZ6sfuoq-aV-w=?pvid=84D311BC-1539-4A5B-A1B5-6488FC6C2824&anonid=98BAC377-0271-4B9D-B5E5-BADB55D30156 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.ik5C1EDz7hw.es5.O/d=1/rs=AJlcJMxvBPI1OT9_1cW2yF86_W1Eos3a-Q/m=loader_js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-NJcNlzNDE/rtsZp+rCbRGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-NJcNlzNDE/rtsZp+rCbRGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Fri, 08 Oct 2021 21:45:52 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-NJcNlzNDE/rtsZp+rCbRGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-NJcNlzNDE/rtsZp+rCbRGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	p Show response adsco.re/	0 426 B	76ms 24ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 08 Oct 2021 21:45:52 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK lon223 Access-Control-Allow-Origin https://www.mediafire.com Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 4.adsco.re/	48 B 465 B	35ms 24ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 64c447eb593f3991a5e1898ea297f4f4ca2433f94b9d1663a17953bd658cf5b2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 08 Oct 2021 21:45:52 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://www.mediafire.com Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H3	200	/ Show response 6.adsco.re/	0 368 B	43ms 16ms	XHR text/plain	104.17.166.186 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.166.186 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:52 GMT server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://www.mediafire.com access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 69b28f057a348749-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 0
POST H/1.1	200 OK	/ 82xi11sfhn8k.l4.adsco.re/	0 464 B	72ms 16ms	Ping text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://82xi11sfhn8k.l4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS adscore.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 08 Oct 2021 21:45:52 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ 82xi11sfhn8k.n4.adsco.re/	0 464 B	369ms 91ms	Ping text/html	38.132.109.186 M247
General Check archive.org Show headers Download Go to Full URL https://82xi11sfhn8k.n4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 38.132.109.186 New York, United States, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 08 Oct 2021 21:45:52 GMT Last-Modified Mon, 30 Jul 2018 15:32:42 GMT ETag "5b5f2f9a-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ 82xi11sfhn8k.s4.adsco.re/	0 464 B	1987ms 159ms	Ping text/html	185.200.116.90 M247
General Check archive.org Show headers Download Go to Full URL https://82xi11sfhn8k.s4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB), Reverse DNS no-mans-land.m247.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 08 Oct 2021 21:45:54 GMT Last-Modified Mon, 30 Jul 2018 15:38:01 GMT ETag "5b5f30d9-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H3	200	/ Show response c.adsco.re/ Frame 6B58	62 KB 22 KB	45ms 19ms	Document text/html	104.17.166.186 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.166.186 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers :method GET :authority c.adsco.re :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mediafire.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ Response headers date Fri, 08 Oct 2021 21:45:52 GMT content-type text/html cache-control public, max-age=2678400 link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch expires Mon, 08 Nov 2021 21:45:52 GMT etag W/"2Ma3006J78KgzL0RD+7gUg==" cf-cache-status HIT age 9602917 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 69b28f0589572181-DUS content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H3	204	AGSKWxULJEB5nh37ZDGoQ5fe4YZ3GksrnUgF8Qg4reYuttBNmDyO3WDWc_52qdE7GrsTkEmOMBE9QCitEWnvaJGFCIX1R28scQfiCcTv4IW3knrXhBYakbm_lhx9kcz0JgJOlNm9YQx8vW612rMSCFygwJA1_hJcBNdgg5LyYJIshKxpK8BWliya2AA2xGTM Show response fundingchoicesmessages.google.com/el/	0 27 B	39ms 38ms	XHR text/html	142.250.185.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxULJEB5nh37ZDGoQ5fe4YZ3GksrnUgF8Qg4reYuttBNmDyO3WDWc_52qdE7GrsTkEmOMBE9QCitEWnvaJGFCIX1R28scQfiCcTv4IW3knrXhBYakbm_lhx9kcz0JgJOlNm9YQx8vW612rMSCFygwJA1_hJcBNdgg5LyYJIshKxpK8BWliya2AA2xGTM?dmid=1a7aac38284b88d2 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.2H171NmMojU.es5.O/d=1/rs=AJlcJMwtYn3h4wMsp-hQS0db0hndSrfUEQ/m=iabtcfv2wallscript Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VgVyuED4esvCIxsgCSnk5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VgVyuED4esvCIxsgCSnk5w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Fri, 08 Oct 2021 21:45:52 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VgVyuED4esvCIxsgCSnk5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VgVyuED4esvCIxsgCSnk5w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 464 B	91ms 35ms	XHR text/plain	142.250.13.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-829541-1&cid=1874812755.1633729552&jid=1830163335&gjid=616717668&_gid=1537490571.1633729552&_u=YEBAAUAAAAAAAC~&z=1660437590 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.13.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS we-in-f155.1e100.net Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 08 Oct 2021 21:45:52 GMT content-type text/plain access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ 6.adsco.re/ Frame 6B58	0 327 B	19ms 19ms	Other text/plain	104.17.166.186 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.166.186 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c.adsco.re/ Origin https://c.adsco.re Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:52 GMT server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://c.adsco.re access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 69b28f074ca88749-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 0
GET H/1.1	200 OK	/ 4.adsco.re/ Frame 6B58	0 458 B	24ms 24ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c.adsco.re/ Origin https://c.adsco.re Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 08 Oct 2021 21:45:52 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://c.adsco.re Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v109/	111 KB 111 KB	112ms 55ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v109/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash ed6818649489f3c542a92f2e189696e69f304ca0f4e9a85dfa340e669c6f3304 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.mediafire.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 05 Oct 2021 00:19:55 GMT x-content-type-options nosniff age 336357 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 113660 x-xss-protection 0 last-modified Tue, 05 Oct 2021 00:04:22 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 05 Oct 2022 00:19:55 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v26/	44 KB 44 KB	77ms 21ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.mediafire.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 07 Oct 2021 17:03:52 GMT x-content-type-options nosniff age 103320 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44760 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 07 Oct 2022 17:03:52 GMT
GET DATA	200 OK	truncated Show response / Frame 93DE	2 KB 2 KB		Document text/html
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1 Request headers Upgrade-Insecure-Requests 1 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type text/html;charset=UTF-8
GET H2	200	translate_24dp.png www.gstatic.com/images/branding/product/1x/	825 B 1 KB	77ms 21ms	Image image/png	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/1x/translate_24dp.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software sffe / Resource Hash 1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:40:02 GMT x-content-type-options nosniff age 350 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 825 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 08 Oct 2022 21:40:02 GMT
GET H2	200	googlelogo_color_42x16dp.png www.gstatic.com/images/branding/googlelogo/1x/	910 B 1000 B	78ms 22ms	Image image/png	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software sffe / Resource Hash 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 15:28:03 GMT x-content-type-options nosniff age 22669 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 910 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 08 Oct 2022 15:28:03 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 522 B	102ms 44ms	Image image/gif	142.250.184.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-829541-1&cid=1874812755.1633729552&jid=1830163335&_u=YEBAAUAAAAAAAC~&z=959072254 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:52 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 522 B	101ms 43ms	Image image/gif	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-829541-1&cid=1874812755.1633729552&jid=1830163335&_u=YEBAAUAAAAAAAC~&z=959072254 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:52 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	translate_24dp.png www.gstatic.com/images/branding/product/2x/	2 KB 2 KB	71ms 22ms	Image image/png	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/2x/translate_24dp.png Requested by Host: translate.googleapis.com URL: https://translate.googleapis.com/translate_static/css/translateelement.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software sffe / Resource Hash 5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://translate.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:02:07 GMT x-content-type-options nosniff age 2625 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1847 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 08 Oct 2022 21:02:07 GMT
POST H2	204	v1 Show response dmx.districtm.io/b/	0 285 B	49ms 18ms	XHR text/plain	104.16.190.66 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Fri, 08 Oct 2021 21:45:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin https://www.mediafire.com access-control-allow-credentials true cf-ray 69b28f088838c4bd-DUS access-control-allow-headers Content-Type, Origin
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 117 B	78ms 16ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.mediafire.com date Fri, 08 Oct 2021 21:45:52 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	613 B 1 KB	122ms 66ms	XHR application/json	185.33.221.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 91583bfddf473567b0942c0c1c1d061511061a9669f4e9965ab9bda6bf18f9f4 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Fri, 08 Oct 2021 21:45:52 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 216.131.111.132; 216.131.111.132; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid ad311611-f543-448d-953e-cef0c8fa0274 Server nginx/1.17.9 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.mediafire.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	511 B 1 KB	97ms 42ms	XHR application/json	185.33.221.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 47f1eb2ecc546004ded0987a131b61388cc844534fab1886aab059d9fd20ab26 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 08 Oct 2021 21:45:52 GMT X-Proxy-Origin 216.131.111.132; 216.131.111.132; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 7deccb1d-1b77-4636-bb3e-b711e8bf407c Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.mediafire.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 511 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	v1 Show response btlr.sharethrough.com/WYu2BXv1/	0 114 B	96ms 29ms	XHR text/plain	18.156.157.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/WYu2BXv1/v1 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.156.157.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-157-131.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.mediafire.com date Fri, 08 Oct 2021 21:45:52 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/WYu2BXv1/	0 114 B	87ms 20ms	XHR text/plain	18.156.157.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/WYu2BXv1/v1 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.156.157.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-157-131.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.mediafire.com date Fri, 08 Oct 2021 21:45:52 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/WYu2BXv1/	0 115 B	77ms 10ms	XHR text/plain	18.156.157.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/WYu2BXv1/v1 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.156.157.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-157-131.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.mediafire.com date Fri, 08 Oct 2021 21:45:52 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/WYu2BXv1/	0 114 B	81ms 15ms	XHR text/plain	18.156.157.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/WYu2BXv1/v1 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.156.157.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-157-131.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.mediafire.com date Fri, 08 Oct 2021 21:45:52 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/WYu2BXv1/	0 114 B	81ms 16ms	XHR text/plain	18.156.157.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/WYu2BXv1/v1 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.156.157.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-157-131.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.mediafire.com date Fri, 08 Oct 2021 21:45:52 GMT access-control-allow-credentials true vary Origin
GET H2	200	arj Show response mediafire-d.openx.net/w/1.0/	174 B 562 B	90ms 38ms	XHR application/json	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mediafire-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F26w8mgjzehkjtaj%2F%2525C2%2525A74%2525C2%2525A7lSYNC%2525C2%2525A7c%2525C2%2525A7lHROZ_%2525C2%2525A79%2525C2%2525A7l-_%2525C2%2525A7f%2525C2%2525A7lPack_%2525C2%2525A79%2525C2%2525A7lV1_%2525C2%2525A7f%2525C2%2525A7l%2525281.8%252529.zip%2Ffile&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=494ddf45-47d5-4861-ab3a-434d5ebb9970%2C1b9559b7-f106-47cc-9361-692e4b14ae20%2Cea5ed458-9fbd-40d1-9704-18371b4fecbc%2Cea387ef5-22e4-4d33-963d-06e336327e35%2C9d013793-d916-4730-9073-0cc5d0ec29dc&nocache=1633729552700&aus=728x90%7C336x280%2C300x250%7C336x280%2C300x250%7C728x90%7C728x90&divids=div-gpt-ad-1583943974201-0%2Cdiv-gpt-ad-1583943910909-0%2Cdiv-gpt-ad-1583943842379-0%2Cdiv-gpt-ad-1583943738910-0%2Cdiv-gpt-ad-1573581836508-0&aucs=%2C%2C%2C%2C&auid=539074863%2C539074864%2C539074865%2C539074866%2C539074866 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.216.4 / Resource Hash aa9e9285353688c90cc15eed18b715d725e470ce381abedcb4eb2b75f5553e1e Request headers Referer https://www.mediafire.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:52 GMT content-encoding gzip server OXGW/16.216.4 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.mediafire.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 165 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	/ Show response c.adsco.re/ Frame 6B58	62 KB 22 KB	28ms 27ms	XHR text/html	104.17.166.186 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.166.186 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:52 GMT content-encoding br cf-cache-status HIT server cloudflare age 9602917 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 69b28f087f322181-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Mon, 08 Nov 2021 21:45:52 GMT
GET		/ 6.adsco.re/ Frame 6B58	0 0
GET		/ 4.adsco.re/ Frame 6B58	0 0
POST H2	200	rum Show response www.mediafire.com/cdn-cgi/	0 243 B	19ms 19ms	XHR text/plain	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mediafire.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-fetch-mode cors origin https://www.mediafire.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest empty cookie ukey=t9wsgukr9fzcxmz3r7bqfleesfa4dx6c; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FGoogle%20Chrome%22%2C%22mf_campaign%22%3A%2226w8mgjzehkjtaj%22%2C%22mf_term%22%3A%22a661f89c1dcc176f919470e57035adb4%22%7D; __cf_bm=9jputUnAngQdldV8RiQkztuAaTV9VXrNrobvV6hp3Cw-1633729551-0-AT5w5F/3KJSuxqbLMrm12hR8ENyNU9cgBxZZ8a16DXo8B464ncKP0NVOuyWotpJW6JviOM7k2yBbzj0AK2RM8Mk=; aasd=1%7C1633729551892; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633729551968]]; __aaxsc=2; _ga=GA1.2.1874812755.1633729552; _gid=GA1.2.1537490571.1633729552; _gat_gtag_UA_829541_1=1; a=k3aULdiQEm8yA4Q3rEyIRFBscXeQ2MxW content-length 20480 :path /cdn-cgi/rum? pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json accept */* cache-control no-cache :authority www.mediafire.com referer https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file :scheme https sec-fetch-site same-origin :method POST Referer https://www.mediafire.com/file/26w8mgjzehkjtaj/%25C2%25A74%25C2%25A7lSYNC%25C2%25A7c%25C2%25A7lHROZ_%25C2%25A79%25C2%25A7l-_%25C2%25A7f%25C2%25A7lPack_%25C2%25A79%25C2%25A7lV1_%25C2%25A7f%25C2%25A7l%25281.8%2529.zip/file Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers date Fri, 08 Oct 2021 21:45:52 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://www.mediafire.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 69b28f08efdc2187-DUS vary Origin
POST H/1.1	200 OK	p Show response adsco.re/	115 B 683 B	153ms 153ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 300418e40280abf0c2e91a7b2ff64be34ff0250cae08ab51bb5f0e65a5e2191d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers AS-P-G OK Date Fri, 08 Oct 2021 21:45:52 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-H OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK lon223 Access-Control-Allow-Origin https://www.mediafire.com Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET H2	204	Tag.vrfy Show response otnolatrnup.com/	0 56 B	26ms 16ms	Script text/plain	104.19.215.37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://otnolatrnup.com/Tag.vrfy?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=79856&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F26w8mgjzehkjtaj%2F%2525C2%2525A74%2525C2%2525A7lSYNC%2525C2%2525A7c%2525C2%2525A7lHROZ_%2525C2%2525A79%2525C2%2525A7l-_%2525C2%2525A7f%2525C2%2525A7lPack_%2525C2%2525A79%2525C2%2525A7lV1_%2525C2%2525A7f%2525C2%2525A7l%2525281.8%252529.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&sig=BAYAYWC8EAFhYLwQgAGBAcAAIOj6OYAyK_mIyptFywwpPW8ZRJhgVx07Yn1Xd7GDvR58wQAgl4GNABLRj7Zyhzahfl644G-4FY7loIJUa528ga6A-0M Requested by Host: cdn.otnolatrnup.com URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.215.37 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:53 GMT server cloudflare cf-ray 69b28f0a49f4216f-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding
GET H3	200	verify Show response otnolatrnup.com/	17 B 316 B	36ms 21ms	XHR application/json	104.19.215.37 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://otnolatrnup.com/verify?sig=BAYAYWC8EAFhYLwQgAGBAcAAIOj6OYAyK_mIyptFywwpPW8ZRJhgVx07Yn1Xd7GDvR58wQAgl4GNABLRj7Zyhzahfl644G-4FY7loIJUa528ga6A-0M Requested by Host: cdn.otnolatrnup.com URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.215.37 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:53 GMT server cloudflare x-adscore-status bot expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control no-cache access-control-allow-headers Content-Type cf-ray 69b28f0ac8c0c4a4-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 17
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 1CB4	52 KB 17 KB	41ms 8ms	Document text/html	2.21.141.148 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-21-141-148.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.mediafire.com/ Accept-Encoding gzip, deflate, br Cookie icu=ChgIkbVJEAoYASABKAEwkPiCiwY4AUABSAEQkPiCiwYYAA..; uuid2=6230533385873967778 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Content-Type text/html Access-Control-Allow-Origin * Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Sat, 09 Oct 2021 21:45:57 GMT Date Fri, 08 Oct 2021 21:45:55 GMT Connection keep-alive Vary Accept-Encoding
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame A511	14 KB 5 KB	53ms 7ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?kdntuid=1&p=158936 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mediafire.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=149394 expires Sun, 10 Oct 2021 15:15:49 GMT date Fri, 08 Oct 2021 21:45:55 GMT vary Accept-Encoding
GET H2	204	index.html cdn.districtm.io/ids/ Frame 302E	0 0	24ms 16ms	Document text/plain	104.16.190.66 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/index.html Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority cdn.districtm.io :scheme https :path /ids/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mediafire.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ Response headers date Fri, 08 Oct 2021 21:45:55 GMT access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type, Origin access-control-allow-methods GET, HEAD, POST, OPTIONS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 69b28f1c0a26c4bd-DUS
GET H2	200	pd Show response eu-u.openx.net/w/1.0/ Frame 7E70	1006 B 862 B	102ms 24ms	Document text/html	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.10.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.216.4 / Resource Hash c36bc9bf7737f536d090273fbd09a959cc83ed3c6e279d115866c0fe36e4cb63 Request headers :method GET :authority eu-u.openx.net :scheme https :path /w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mediafire.com/ accept-encoding gzip, deflate, br cookie i=8357a624-6808-0dda-0aec-49005941b099|1633729552 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.mediafire.com/ Response headers vary Accept, Accept-Encoding set-cookie i=8357a624-6808-0dda-0aec-49005941b099|1633729552; Version=1; Expires=Sat, 08-Oct-2022 21:45:55 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1633729555|mOgeginskin0vNomiygu; Version=1; Expires=Sat, 23-Oct-2021 21:45:55 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.216.4 p3p CP="CUR ADM OUR NOR STA NID" date Fri, 08 Oct 2021 21:45:55 GMT content-type text/html content-length 545 content-encoding gzip via 1.1 google alt-svc clear
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame A511	2 KB 3 KB	85ms 22ms	Script text/html	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31986869&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash bf3773fae8b1c53c7820957cd1391c01c4c92b00d07f3e32a20eb856d00ae153 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:55 GMT content-type text/html; charset=UTF-8 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 1CB4	0 580 B	14ms 14ms	Script text/html	185.33.221.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Fri, 08 Oct 2021 21:45:55 GMT X-Proxy-Origin 216.131.111.132; 216.131.111.132; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid b9f2047e-2aea-4fe2-9427-a7fb658f4f96 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 7E70 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ https://eu-u.openx.net/w/1.0/sd?id=537072979&val=CBMbU0qe1MyXGI5	43 B 106 B	23ms 23ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=537072979&val=CBMbU0qe1MyXGI5 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.216.4 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT via 1.1 google server OXGW/16.216.4 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Pragma no-cache Date Fri, 08 Oct 2021 21:45:55 GMT Server PingMatch/8a430fa#rel-ec2-master i-0066ec59cc187b8a7@eu-central-1a@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=2592000; includeSubDomains P3P policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI" Location https://eu-u.openx.net/w/1.0/sd?id=537072979&val=CBMbU0qe1MyXGI5 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 7E70 Redirect Chain https://x.bidswitch.net/sync?ssp=openx https://x.bidswitch.net/ul_cb/sync?ssp=openx https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=8aeeece7-2636-44de-9bdd-6a82b9161cd6 https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=8aeeece7-2636-44de-9bdd-6a82b9161cd6 https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=1f0e2ad5-74c2-412b-9d42-838ef23a864a&ssp=openx https://us-u.openx.net/w/1.0/sd?id=537072968&val=8aeeece7-2636-44de-9bdd-6a82b9161cd6	43 B 106 B	24ms 24ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072968&val=8aeeece7-2636-44de-9bdd-6a82b9161cd6 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.216.4 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT via 1.1 google server OXGW/16.216.4 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Location //us-u.openx.net/w/1.0/sd?id=537072968&val=8aeeece7-2636-44de-9bdd-6a82b9161cd6 Date Fri, 08 Oct 2021 21:45:56 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 7E70 Redirect Chain https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6230533385873967778	43 B 122 B	23ms 22ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6230533385873967778 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.216.4 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:55 GMT via 1.1 google server OXGW/16.216.4 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Pragma no-cache Date Fri, 08 Oct 2021 21:45:55 GMT X-Proxy-Origin 216.131.111.132; 216.131.111.132; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid f57e77c2-c8e1-488d-a233-4060b5a94fdc Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6230533385873967778 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 7E70 Redirect Chain https://match.prod.bidr.io/cookie-sync/ox https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJWENrN0N3WGdBQUJ0ZWN2b3JhZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b... https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIXCk7CwXgAABtecvorag&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3... https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAIXCk7CwXgAABtecvorag&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2... https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAIXCk7CwXgAABtecvorag&pid=558502&do=add https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAIXCk7CwXgAABtecvorag&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part... https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5805941979291769334 https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAIXCk7CwXgAABtecvorag	43 B 106 B	28ms 28ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAIXCk7CwXgAABtecvorag Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.216.4 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT via 1.1 google server OXGW/16.216.4 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAIXCk7CwXgAABtecvorag Date Fri, 08 Oct 2021 21:45:56 GMT Server nginx Connection keep-alive Content-Length 0 strict-transport-security max-age=2592000; includeSubDomains
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 7E70 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2ef16160-bc13-4000-ba5f-7c52d2c97ca9	43 B 106 B	25ms 25ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2ef16160-bc13-4000-ba5f-7c52d2c97ca9 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.216.4 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT via 1.1 google server OXGW/16.216.4 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Date Fri, 08 Oct 2021 21:45:56 GMT Server MT3 3984 0e3af3b master zrh-pixel-x5 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2ef16160-bc13-4000-ba5f-7c52d2c97ca9 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 08 Oct 2021 21:45:55 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 7E70 Redirect Chain https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=fravKyrkqC9lt6kicb-0I3C2ri5lv_14LLB5c7ER	43 B 106 B	31ms 22ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=fravKyrkqC9lt6kicb-0I3C2ri5lv_14LLB5c7ER Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.216.4 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT via 1.1 google server OXGW/16.216.4 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=fravKyrkqC9lt6kicb-0I3C2ri5lv_14LLB5c7ER cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 7E70 Redirect Chain https://c1.adform.net/serving/cookie/match?party=22 https://c1.adform.net/serving/cookie/match?CC=1&party=22 https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6126520652699585216	43 B 106 B	24ms 23ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6126520652699585216 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.216.4 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT via 1.1 google server OXGW/16.216.4 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT server nginx location https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6126520652699585216 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	openx match.adsrvr.org/track/cmf/ Frame 7E70	70 B 264 B	106ms 33ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/openx?oxid=50fb997d-c18f-322d-503a-81e83d668364&gdpr=0 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7E70 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2M5NDRhYjctMDhmOC02Yzg5LTQ1ZGEtZGI1MWY3ODQ0ZDA0 https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2M5NDRhYjctMDhmOC02Yzg5LTQ1ZGEtZGI1MWY3ODQ0ZDA0&google_tc=	170 B 188 B	67ms 36ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2M5NDRhYjctMDhmOC02Yzg5LTQ1ZGEtZGI1MWY3ODQ0ZDA0&google_tc= Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2M5NDRhYjctMDhmOC02Yzg5LTQ1ZGEtZGI1MWY3ODQ0ZDA0&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 7E70 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMtNRc_3mGeajPP10BQCmnc&google_cver=1	43 B 106 B	26ms 25ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMtNRc_3mGeajPP10BQCmnc&google_cver=1 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.216.4 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT via 1.1 google server OXGW/16.216.4 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMtNRc_3mGeajPP10BQCmnc&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	match Show response c1.adform.net/serving/cookie/ Frame 6308 Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&cid=2F470B7A-3FB2-460F-9F75-7DCB722CDD9F https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2F470B7A-3FB2-460F-9F75-7DCB722CDD9F	35 B 468 B	21ms 20ms	Document image/gif	37.157.4.25 ADFORM
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2F470B7A-3FB2-460F-9F75-7DCB722CDD9F Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority c1.adform.net :scheme https :path /serving/cookie/match?CC=1&party=14&cid=2F470B7A-3FB2-460F-9F75-7DCB722CDD9F pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br cookie C=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx date Fri, 08 Oct 2021 21:45:56 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie uid=2682932419944806514; expires=Tue, 07 Dec 2021 21:45:56 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains Redirect headers server nginx date Fri, 08 Oct 2021 21:45:56 GMT content-length 0 location https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2F470B7A-3FB2-460F-9F75-7DCB722CDD9F cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie C=1; expires=Mon, 08 Nov 2021 21:45:56 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame 92A2 Redirect Chain https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6939795783178692722	42 B 290 B	13ms 12ms	Document image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6939795783178692722 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers :method GET :authority image2.pubmatic.com :scheme https :path /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6939795783178692722 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br cookie KADUSERCOOKIE=2F470B7A-3FB2-460F-9F75-7DCB722CDD9F; chkChromeAb67Sec=1; DPSync3=1634860800%3A197_219_201%7C1633737600%3A174; SyncRTB3=1634860800%3A56_7_8_220_13_161_3_21_54%7C1634947200%3A35; KRTBCOOKIE_153=19420-Hz34Lktv_yoEPP4nEDTjJhE9-SsENKp9TTvX_GQV&KRTB&22979-Hz34Lktv_yoEPP4nEDTjJhE9-SsENKp9TTvX_GQV; PUBMDCID=3; KRTBCOOKIE_57=22776-6230533385873967778; KRTBCOOKIE_27=16735-uid:3b946160-bc13-4c00-b776-b099d667c4de&KRTB&16736-uid:3b946160-bc13-4c00-b776-b099d667c4de&KRTB&23019-uid:3b946160-bc13-4c00-b776-b099d667c4de&KRTB&23114-uid:3b946160-bc13-4c00-b776-b099d667c4de; KRTBCOOKIE_391=22924-2115744692855740021&KRTB&23263-2115744692855740021; PugT=1633729554; SPugT=1633729555 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx date Fri, 08 Oct 2021 21:45:54 GMT content-type image/gif; charset=utf-8 content-length 42 set-cookie KRTBCOOKIE_336=5844-6939795783178692722; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Nov-2021 21:45:54 GMT; path=/ PugT=1633729554; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Nov-2021 21:45:54 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 06-Jan-2022 21:45:54 GMT; path=/ x-lat amspug020:0:290 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control no-store, no-cache, private Redirect headers location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6939795783178692722 content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H2	200	usersync.aspx Show response dis.criteo.com/dis/ Frame 1AD7	43 B 334 B	43ms 13ms	Document image/gif	178.250.2.151 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers :method GET :authority dis.criteo.com :scheme https :path /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers date Fri, 08 Oct 2021 21:45:55 GMT content-type image/gif server Kestrel cache-control no-cache pragma no-cache expires Fri, 08 Oct 2021 00:00:00 GMT x-errorlevel 0 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 485731
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame A511 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L0cLej-yRg-fdX3Lcizdnw%3D%3D https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L0cLej-yRg-fdX3Lcizdnw%3D%3D&google_tc= https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=	14 KB 14 KB	30ms 29ms	Image text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:56 GMT content-encoding gzip last-modified Tue, 15 Jun 2021 06:08:03 GMT server Apache/2.2.15 (CentOS) etag "1300708-3945-5c4c7cc02bd56" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=149393 accept-ranges bytes content-type text/html; charset=UTF-8 content-length 5054 expires Sun, 10 Oct 2021 15:15:49 GMT Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 272 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame A511 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=60306160-bc13-4f00-b1b9-bb44945df1cf	0 261 B	88ms 22ms	Image text/plain	185.64.190.81 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=60306160-bc13-4f00-b1b9-bb44945df1cf Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:55 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Fri, 08 Oct 2021 21:45:56 GMT Server MT3 3984 0e3af3b master zrh-pixel-x14 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=60306160-bc13-4f00-b1b9-bb44945df1cf Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 08 Oct 2021 21:45:55 GMT
GET H2	200	mw mwzeom.zeotap.com/ Frame A511 Redirect Chain https://pixel.onaudience.com/?partner=214&mapped=2F470B7A-3FB2-460F-9F75-7DCB722CDD9F https://spl.zeotap.com/?zdid=1332&zcluid=96354ace82708d74 https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f469573-1c03-465a-6f1a-7fb7ca3b63a5&reqId=b519b4a0-4c2c-465c-51c2-783b766ab508&zclui... https://mwzeom.zeotap.com/mw?google_gid=CAESEFpVzFB1HcYtpfw7-QjP4CY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f469573-1c03-465a-6f1a-7fb7ca3b63a5&reqId=b519b4a0-4c2c-465c-51c2-783...	95 B 164 B	47ms 38ms	Image image/png	172.67.13.182 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?google_gid=CAESEFpVzFB1HcYtpfw7-QjP4CY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f469573-1c03-465a-6f1a-7fb7ca3b63a5&reqId=b519b4a0-4c2c-465c-51c2-783b766ab508&zcluid=96354ace82708d74&zdid=1332 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:56 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://ads.pubmatic.com access-control-allow-credentials true cf-ray 69b28f1e6ceec4d6-DUS access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://mwzeom.zeotap.com/mw?google_gid=CAESEFpVzFB1HcYtpfw7-QjP4CY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6f469573-1c03-465a-6f1a-7fb7ca3b63a5&reqId=b519b4a0-4c2c-465c-51c2-783b766ab508&zcluid=96354ace82708d74&zdid=1332 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 469 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame A511 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkY0NzBCN0EtM0ZCMi00NjBGLTlGNzUtN0RDQjcyMkNERDlG&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkY0NzBCN0EtM0ZCMi00NjBGLTlGNzUtN0RDQjcyMkNERDlG&gdpr=0&gdpr_consent=&google_tc= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 128 B	13ms 13ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:54 GMT cache-control no-store, no-cache, private x-lat amspug012:0:389 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame A511 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJsPPWyvSxePULTnhyjzuDg&google_cver=1	42 B 364 B	13ms 12ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJsPPWyvSxePULTnhyjzuDg&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:54 GMT cache-control no-store, no-cache, private x-lat amspug011:0:404 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJsPPWyvSxePULTnhyjzuDg&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame A511	43 B 613 B	58ms 12ms	Image image/gif	159.253.128.188 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US), Reverse DNS bc.80.fd9f.ip4.static.sl-reverse.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:56 GMT x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Thu, 07 Oct 2021 21:45:56 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame A511 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cc436776-1e44-4992-a2cb-8b95ee513f44	42 B 311 B	14ms 12ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cc436776-1e44-4992-a2cb-8b95ee513f44 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:55 GMT cache-control no-store, no-cache, private x-lat amspug013:0:371 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cc436776-1e44-4992-a2cb-8b95ee513f44 cache-control private,no-cache, must-revalidate content-type text/html content-length 313
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame A511 Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO... https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2115744692855740021	42 B 313 B	36ms 13ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2115744692855740021 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:54 GMT cache-control no-store, no-cache, private x-lat amspug003:0:615 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT server nginx location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2115744692855740021 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame A511 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3b946160-bc13-4c00-b776-b099d667c4de&gdpr=0&gdpr_consent=	42 B 359 B	13ms 12ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3b946160-bc13-4c00-b776-b099d667c4de&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:55 GMT cache-control no-store, no-cache, private x-lat amspug006:0:520 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Fri, 08 Oct 2021 21:45:56 GMT Server MT3 3984 0e3af3b master zrh-pixel-x13 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3b946160-bc13-4c00-b776-b099d667c4de&gdpr=0&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 08 Oct 2021 21:45:55 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame A511 Redirect Chain https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6230533385873967778&gdpr=0&gdpr_consent=	42 B 367 B	61ms 13ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6230533385873967778&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:54 GMT cache-control no-store, no-cache, private x-lat amspug002:0:406 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Pragma no-cache Date Fri, 08 Oct 2021 21:45:56 GMT X-Proxy-Origin 216.131.111.132; 216.131.111.132; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 1e870a29-2130-45d0-a0e2-9236f5632c3b Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6230533385873967778&gdpr=0&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame A511 Redirect Chain https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Hz34Lktv_yoEPP4nEDTjJhE9-SsENKp9TTvX_GQV	42 B 585 B	68ms 12ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Hz34Lktv_yoEPP4nEDTjJhE9-SsENKp9TTvX_GQV Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 08 Oct 2021 21:45:55 GMT cache-control no-store, no-cache, private x-lat amspug004:0:402 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 08 Oct 2021 21:45:56 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Hz34Lktv_yoEPP4nEDTjJhE9-SsENKp9TTvX_GQV cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

6.adsco.re

URL

https://6.adsco.re/

Domain

4.adsco.re

URL

https://4.adsco.re/