fileforum.com Open in urlscan Pro
108.44.238.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fileforum.com/profile/limittoad8/
Submission: On November 08 via manual (November 8th 2023, 7:40:00 pm UTC) from US — Scanned from CH

Summary HTTP 70 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 70 HTTP transactions. The main IP is 108.44.238.29, located in Leesburg, United States and belongs to UUNET, US. The main domain is fileforum.com.
TLS certificate: Issued by R3 on November 4th 2023. Valid for: 3 months.

This is the only time fileforum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	108.44.238.29 108.44.238.29	701 (UUNET) (UUNET)
11	2606:4700:20:... 2606:4700:20::ac43:4a9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
12	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.46 217.79.188.46	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	217.79.188.21 217.79.188.21	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:26f0:e60... 2a02:26f0:e600::687c:b20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
70	19

1 108.44.238.29 (Leesburg, United States)

ASN701 (UUNET, US)
PTR: phoenix.betanews.com

fileforum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::ac43:4a9a (United States)

ASN13335 (CLOUDFLARENET, US)

images.betanews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com

ad4.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com

ad2.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:e600::687c:b20 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	374 KB
16	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 17389 ad4.adfarm1.adition.com — Cisco Umbrella Rank: 51140 ad2.adfarm1.adition.com — Cisco Umbrella Rank: 48092	60 KB
11	betanews.com images.betanews.com	87 KB
10	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	47 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	140 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1549	63 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	60 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	604 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	253 B
1	gravatar.com www.gravatar.com — Cisco Umbrella Rank: 3795	5 KB
1	fileforum.com fileforum.com	3 KB
70	13

	Domain	Requested by
17	pagead2.googlesyndication.com	fileforum.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	imagesrv.adition.com	fileforum.com googleads.g.doubleclick.net imagesrv.adition.com
11	images.betanews.com	fileforum.com images.betanews.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com fileforum.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com fileforum.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
2	ad2.adfarm1.adition.com	ad4.adfarm1.adition.com ad2.adfarm1.adition.com
2	ad4.adfarm1.adition.com	fileforum.com ad4.adfarm1.adition.com
2	www.googletagmanager.com	fileforum.com www.googletagmanager.com
1	code.createjs.com	imagesrv.adition.com
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	fileforum.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gravatar.com	fileforum.com
1	fileforum.com
70	18

This site contains links to these domains. Also see Links.

Domain
betanews.com
fileforum.betanews.com
store.fileforum.com
twitter.com
www.facebook.com
demo.sngine.com

Subject Issuer	Validity	Valid
admin.betanews.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://fileforum.com/profile/limittoad8/
Frame ID: CF1D79BD5B8B5D3CFA6D6DB809E4C42B
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html
Frame ID: 842AD3706920905A8B44E113A64D0200
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&lmt=1699472395&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Flimittoad8%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699472395677&bpp=16&bdt=421&idt=272&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7377467222305&frm=20&pv=2&ga_vid=1235627937.1699472396&ga_sid=1699472396&ga_hid=781028500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44801485%2C44807454%2C44807463%2C31078297%2C44806139%2C44808148&oid=2&pvsid=1270744657566567&tmod=979287157&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=293
Frame ID: 91D578A19A6D6D9D3F61A0055C9064D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3368998127&adf=2550651363&pi=t.aa~a.3269266735~rp.4&w=659&fwrn=4&fwrnh=100&lmt=1699472395&rafmt=1&to=qs&pwprc=8797158495&format=659x280&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Flimittoad8%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699472395693&bpp=1&bdt=438&idt=280&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7377467222305&frm=20&pv=1&ga_vid=1235627937.1699472396&ga_sid=1699472396&ga_hid=781028500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44801485%2C44807454%2C44807463%2C31078297%2C44806139%2C44808148&oid=2&pvsid=1270744657566567&tmod=979287157&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dfbkIO0UyQ&p=https%3A//fileforum.com&dtd=283
Frame ID: 8C3AD3FD0A36D79CD81661B29F912632
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1B5DE0C67BF4F82787398E65BFF20E30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNUgDVs-3aaAmPulwB7DxmUjyL2YDmxfUoa4VKYud2u4O3_-qc_rHSzoXv-ipthly-tmRAGQXWEp7RsXoaqQ95PPxsvYNw
Frame ID: 2477F7163B14AA8C201D1B873A91057A
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: BD287C4EB111D528A415A53E4FE41D32
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FD0CBC785D038856E458D82E934578E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68606DA2DDEDD8373AFBED7285540255
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ED9D006FC9AF0C1B4E263205767528FE
Requests: 3 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: C7D528102B97CDD9046440419CDEAE57
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

limittoad8's Profile | FileForum

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<[^>]+gravatar\.com/avatar/

Page Statistics

70
Requests

97 %
HTTPS

61 %
IPv6

13
Domains

18
Subdomains

19
IPs

4
Countries

841 kB
Transfer

2322 kB
Size

13
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://betanews.com/
Title: BetaNews

Search URL Search Domain Scan URL

URL: https://fileforum.betanews.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://store.fileforum.com/
Title: Software Store

Search URL Search Domain Scan URL

URL: http://twitter.com/FileForum
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FileForum
Title: Facebook

Search URL Search Domain Scan URL

URL: https://demo.sngine.com/blogs/396333/Fueling-Your-Online-Growth-with-Ecommerce-SEO
Title: https://demo.sngine.com/...owth-with-Ecommerce-SEO

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZI2DbRPJCdJ66Xuzxp8fA&google_cver=1

Request Chain 38

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUvkDEBw7gdwwHj3HqBRZwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZI2DbRPJCdJ66Xuzxp8fA&google_cver=1

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
fileforum.com/profile/limittoad8/ 7 KB
3 KB 737ms
205ms Document
text/html 108.44.238.29
UUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://fileforum.com/profile/limittoad8/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.44.238.29 Leesburg, United States, ASN701 (UUNET, US),
Reverse DNS: phoenix.betanews.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 3ddef050c86e4649d6dd4c738fa529f2a5ab14d07e16f50fa5ffecce6510f35b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, must-revalidate, pre-check=0, post-check=0
Connection: close
Content-Encoding: gzip
Content-Length: 2417
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Nov 2023 19:39:55 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 08 Nov 2023 19:39:55 GMT
Pragma: no-cache
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding

GET
H2 200 reset.css
images.betanews.com/stylesheets/fileforum3/ 886 B
907 B 248ms
51ms Stylesheet
text/css 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.betanews.com/stylesheets/fileforum3/reset.css
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160d317860d283845ddde93faa4a3c41f42f0e777acb74dba3a716555c89610f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 835
etag: W/"376-553c565bb7500-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ai8XhF%2FB%2F2jw7kDA0z%2BHdxTIVoSQ1d1itPChKNFESdKpJV5TeBifw3jPkez6WO7jSjAiHAhuabva1NBSLGTTOJwoCZbbacK3IxTFR%2BV4OeLEpmTxyr86tfavT%2BLE3Zzos58ckLVnOfBgSUolCfNC7bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 823048e7ac7c4dbf-FRA

GET
H2 200 main.css
images.betanews.com/stylesheets/fileforum3/ 29 KB
7 KB 249ms
51ms Stylesheet
text/css 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deda914cce5fb739ca5624e64be7af22f3a426623b3bf174429287d2376dfc4b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2017 23:54:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 835
etag: W/"72a2-554136b4eee40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfJuFN%2Bmxj9CylIp42p2FtMHcq6xJTf8KaGMd%2BzwzyBivt%2FNsXZasGvgL1DLC1Ti05nKCpj51wl%2B2IMiUW3Ji%2FitYjOXwhjNNB7Ki0%2BHWkFNwEPrSGRt4fcS7X4cuYj7fZoEQErcAAapSE0q6jFeUJs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 823048e7ac7e4dbf-FRA

GET
H2 200 ffsite.js Show response
images.betanews.com/resources/ 137 KB
49 KB 256ms
59ms Script
application/javascript 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.betanews.com/resources/ffsite.js
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f061bc61c6a752564bba70c0675de98f06d26b6fe0655c2189fba606539accab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:55:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 835
etag: W/"223e8-553c57b3fe140-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZNyOpv06FaE%2BQ1S8Tn4OZVa%2FrmNjV%2Bd4ixyzecXMWpSjQWSjFdbOw0gXdtFFhm%2BimUmXD1gKr%2BOomklY%2Bxn5UTwDowVqYalFuCuD4T7AijVgPtf5evxyhAeV22tPFAlD%2FUiw2brrOxmSU6Ub7d9xkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 823048e7ac824dbf-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 125ms
73ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f69f77c0a1f23a7910ac5a348efac89fa905db86751fe119111ecf49bb30be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Origin: https://fileforum.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52720
x-xss-protection: 0
server: cafe
etag: 9017706471075697107
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:39:55 GMT

GET
H2 200 48a801b509b30b5d1e946e986716bcc2
www.gravatar.com/avatar/ 4 KB
5 KB 210ms
154ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/48a801b509b30b5d1e946e986716bcc2?s=128
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5916e0b240cb97c609bce4253569ab210ddd5f3569b61d2c6ed8efe310844dc8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Wed, 08 Nov 2023 19:39:55 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="48a801b509b30b5d1e946e986716bcc2.jpg"
accept-ranges: bytes
link: <https://gravatar.com/avatar/48a801b509b30b5d1e946e986716bcc2?s=128>; rel="canonical"
content-length: 4268
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Nov 2023 19:44:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
60 KB 100ms
40ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHTWSXS

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

605ff8b94000a08f220e5bf9c4994d3bea1baacd49ad805252a4face2d004287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61163
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 19:39:55 GMT

GET
H2 200 navbar_active_gray.png
images.betanews.com/fileforum3/header/ 1006 B
1 KB 55ms
54ms Image
image/png 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/navbar_active_gray.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54b646173856c05ad595598fcfee96dc54495c2f9a30ea1c55515b64789d2803

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2017 23:30:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 648
etag: "3ee-5541315c69180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FOp0VFRG%2Fn6Bb0GBh4wGQ1e1uqF4SUjvAcQvWp3KONxd0%2BTfQB9PzSUAirY1VVmMF7lpN3uafsrb%2BLNPiuKRCpYaJ8DDwl8j4c1f%2BiuixjEKNbOztC0Dj0ajiKZIy%2Fy9rrkykq5s%2FXDTc9BRZb24jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 823048e82d394dbf-FRA
content-length: 1006

GET
H2 200 ff_logo_gray.png
images.betanews.com/fileforum3/header/ 1 KB
2 KB 47ms
46ms Image
image/png 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/ff_logo_gray.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529ce545d0f689295a76134ae7f6add7b8b78904a15b6bef1a5a6bd0cb47b281

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2017 23:30:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6866
etag: "563-5541315c69180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKSQvwWPa2Ca9qjcXpXXd6tFRbheAIjJFNqnD7hzvixAnfiLTaBLv15TTmvzqepq84KXEJzkZRaTKztAy66MAkg3zUUw5kSQoe3PgcnzDPgn81dT3U8vVIIuyRfqoec8qJ0fs3mIeSt5bqYC9Id4ywk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 823048e82d3c4dbf-FRA
content-length: 1379

GET
H2 200 ff_logo.png
images.betanews.com/fileforum3/header/ 4 KB
4 KB 49ms
48ms Image
image/png 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/ff_logo.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8f59aaec3baa11914a42d01b1513778de352d807ced7c5a7296f21b97e1848

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 647
etag: "f28-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60c%2B2ISztKnBVaoA3pPnIQb%2BMw%2F%2BnPvTF9GU3HGMJUIVVHobo0yWgthx8x0OMCD2BD7DnX6mbhkXFclNu0YOg%2BOsrmmHuulCxlZkEkYXhpNLLfQLt1%2BUGQgz1qQRZIDtH6oKVwqRhyT%2Bh3f%2F24OaAew%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 823048e82d3d4dbf-FRA
content-length: 3880

GET
H2 200 buttons.png
images.betanews.com/fileforum3/buttons/ 12 KB
12 KB 43ms
43ms Image
image/png 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/buttons/buttons.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f1ec52dea17ff1c6bed231b53938e5200586e1b37c6707f453b115454da806

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 646
etag: "2ea3-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPrys0n4fEzgG6%2F8IpYGvXFdlVjDRi7%2FL%2BamtkcqIjtrhdSOklJX7Wi5x1%2BS0cmJXaZJ1P4EKMgroBXpq%2FK%2F6SC3%2FIICe3sMI5NEIIDAt5xdWRxmH4lRiJIBc8%2BrwZKfRdDM6m3UrS4MuNCY95k5w0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 823048e82d3f4dbf-FRA
content-length: 11939

GET
H2 200 socialmedia_icons.png
images.betanews.com/fileforum3/ 5 KB
5 KB 44ms
43ms Image
image/png 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/socialmedia_icons.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a2933a8805045e2305cbd2824ab3bcc1a371f1e6d111645ce14cd7c7c5bf7a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 646
etag: "123b-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NX3dAopl3NqEMr%2Fq3EOPKPOeVUg%2FICsQa4d9Z12WZyOqPTVLay4RRWLt2E9mUszAzUIuUjsw%2FNSPnFq6pzso3xKLndmSJNK6rXwbzvoHSSR%2FndTqd0Y%2BiFini2iiOxXuHTGR5v%2FvFMlxpXdSM73rbJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 823048e82d414dbf-FRA
content-length: 4667

GET
H2 200 navbar_active.png
images.betanews.com/fileforum3/header/ 192 B
644 B 45ms
45ms Image
image/png 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/header/navbar_active.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7087b3afc70c0f1a640c5327239e94a508b7a7751800b3952edf804a3837a2e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 645
etag: "c0-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hRB6ll0advJGxIrant6kChrKOZj1vAjBZQZmdYPOI%2FVuhh61vClIocXeWiK5JWnhB8ojSNM8XUPQu93FVhOgpb9gFYo22mFaNh5TMmEjFyUEKYEyuEtHa8aSjkGPU42FQvd9o2Nd4nryEk7CZjBE9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 823048e82d424dbf-FRA
content-length: 192

GET
H2 200 bgs.png
images.betanews.com/fileforum3/ 4 KB
4 KB 43ms
43ms Image
image/png 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/bgs.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe00f6a25703ead073b6b2ce1a56c07fb5dcb6da14aa2c73a06dce0ffb90b9ab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 647
etag: "ec9-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIcswldWdgd6t6P8%2BXWDCo2cq8Vo04RUljOAR26cFToyrRJ9FaD7qnO9Y9ktcsDrifME7NmrXu0lvuodKWxGLeZM2FKCKdJxGy%2BPSC1AAS4FtzHo1Fspnskv9zDVJgyt9P%2BlHMhH7uPBosIHS3YTE%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 823048e82d434dbf-FRA
content-length: 3785

GET
H2 200 icons2.png
images.betanews.com/fileforum3/icons/ 2 KB
2 KB 51ms
51ms Image
image/png 2606:4700:20::ac43:4a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.betanews.com/fileforum3/icons/icons2.png
Requested by: Host: images.betanews.com
URL: https://images.betanews.com/stylesheets/fileforum3/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34de0b876686b5e0e70169241a272564f2813e26def4572b91e79af258ad3d89

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://images.betanews.com/stylesheets/fileforum3/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
cf-cache-status: HIT
last-modified: Sat, 08 Jul 2017 02:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 646
etag: "892-553c565bb7500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAEXpfUyPsZAVCpGZV1Q6YbDA1d0CCCw7s5qk2nXr2mMG8c%2FYQJHAy%2FEd6mUKRWmIM6IvR6q7R%2B1cknhhxKwVm8N0wSEgsaxsDEAA4%2FOBILuvSpBw66toFqQ3ofm6ZAf2QJvUcMKbLg%2BZe4hhYy3fcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 823048e82d484dbf-FRA
content-length: 2194

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 157ms
114ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62c8cbe4f09297e5258b5e791dcec63a896556b0835f68474b3031ea1062e655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138448
x-xss-protection: 0
server: cafe
etag: 18027268981834546407
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:39:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame 842A 10 KB
5 KB 71ms
21ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6676241418785266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 68479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 00:38:36 GMT
etag: 251720774729838433
expires: Wed, 22 Nov 2023 00:38:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H9SLV28721&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHTWSXS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87391d2ee51716bf33aed0b2b515033866a6ab16ddf3712dfbc82c6e6572b30c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81734
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 19:39:55 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 107ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H9SLV28721&gtm=45je3b60v9110113147z89119310666&_p=1699472395532&gcd=11l1l1l1l1&dma=0&cid=1235627937.1699472396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699472395&sct=1&seg=0&dl=https%3A%2F%2Ffileforum.com%2Fprofile%2Flimittoad8%2F&dt=limittoad8%27s%20Profile%20%7C%20FileForum&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1303
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H9SLV28721&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fileforum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
604 B 82ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fileforum.com&callback=_gfp_s_&client=ca-pub-6676241418785266

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed80ffdd5f0f687b2c5deb49162d1c19e2ba9fcba5f130bffd0f0853a759d04c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91D5 48 KB
17 KB 583ms
582ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&lmt=1699472395&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Flimittoad8%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699472395677&bpp=16&bdt=421&idt=272&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7377467222305&frm=20&pv=2&ga_vid=1235627937.1699472396&ga_sid=1699472396&ga_hid=781028500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44801485%2C44807454%2C44807463%2C31078297%2C44806139%2C44808148&oid=2&pvsid=1270744657566567&tmod=979287157&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=293

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7c94053a53a49905f28e73feb467bb8404863df6209d1ed3481bcbad273f87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16827
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 19:39:56 GMT
expires: Wed, 08 Nov 2023 19:39:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C3A 721 B
574 B 551ms
551ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3368998127&adf=2550651363&pi=t.aa~a.3269266735~rp.4&w=659&fwrn=4&fwrnh=100&lmt=1699472395&rafmt=1&to=qs&pwprc=8797158495&format=659x280&url=https%3A%2F%2Ffileforum.com%2Fprofile%2Flimittoad8%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699472395693&bpp=1&bdt=438&idt=280&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7377467222305&frm=20&pv=1&ga_vid=1235627937.1699472396&ga_sid=1699472396&ga_hid=781028500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44801485%2C44807454%2C44807463%2C31078297%2C44806139%2C44808148&oid=2&pvsid=1270744657566567&tmod=979287157&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=dfbkIO0UyQ&p=https%3A//fileforum.com&dtd=283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b4cdcf6af9ce83815c1833e7e92d9931d0ff301d8ee18e674174bb287c160dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 351
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 19:39:56 GMT
expires: Wed, 08 Nov 2023 19:39:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231106&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b09c6bbbc315b2605f546f3738f4100237418285d218ca3f07dbd35182d8d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12181
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 160 KB
55 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cce5bec418d49e66720b68cb29ade9f49a4c36001f59161ffbc313c4a934d1ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55825
x-xss-protection: 0
server: cafe
etag: 611460040061661584
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:39:56 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 122ms
71ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 19:39:56 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 1B5D 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 30414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 11:13:02 GMT
etag: 251720774729838433
expires: Wed, 22 Nov 2023 11:13:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2477 478 B
199 B 66ms
65ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNUgDVs-3aaAmPulwB7DxmUjyL2YDmxfUoa4VKYud2u4O3_-qc_rHSzoXv-ipthly-tmRAGQXWEp7RsXoaqQ95PPxsvYNw

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 19:39:56 GMT
expires: Wed, 08 Nov 2023 19:39:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BD28 89 KB
31 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:39:56 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame BD28 32 KB
8 KB 99ms
28ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:56 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame BD28 3 KB
2 KB 101ms
30ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=4787112&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C3oAUDORLZZe_CM-U7OsPk6i-6AHJgf_6c_H_nLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk_QfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd-g8b4nxXYulQFkEnMvKciQMHh07qum1KYG56-CFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG-t-xrViw1HBUCQHO6iBYkN_HFl9pUWOlxym1Be0jMwWUf_4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha_1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r_Wnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv-5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4_DBOAEA4gFno2Ag02QBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE&num=1&cid=CAQSTgDICaaNBKGP_wG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax-1TFfwC399LD24qs_HkjeuQbbp1_phHH7T8VBgB&sig=AOD64_20ulvxJADJfFcytA5Dz6gfxLRTew&client=ca-pub-6676241418785266&dbm_c=AKAmf-D6OUZ-EyPXF9_wq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1_ewvxYsx38B_BguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8&cry=1&dbm_d=AKAmf-Aml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz-y1_zM-aOgeuHkLb3LPZ6WCazcwtf_astgjPWMJ4JNHHgwDArI5AfgN_rtFSAeSO_0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa_rk4mQdpTqBaEN-lCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx_7bo_zxX7QLtWfTpd_dyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy-a0oj-KmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu-vvPBqKyp3RfCsPs98kHj-cjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp-MGDYBjAeLSj8XFzUAeaXUP&adurl=
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 166a209acbde6e54cdb515c7ca4fb7dc67a1c54e725e3b45a17df3c03b73d8df

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Wed, 08 Nov 2023 20:39:56 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame BD28 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:55:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame BD28 20 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:02:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD28 190 KB
60 KB 83ms
31ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:39:56 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD28 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DM8nTv1o_b5k_jbUlYmRt3OUMnaFBEdYCNjn2jfYPjbtUWeW9pSjvSEf4hSyXNxIeIFg0QJT7HdXlSH4yeLId8-rwTIzxYKfL3dMiVnB1VEn6VRdU

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD28 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10160303466892428939&x=1&ct=77

Requested by

Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FD0C 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 4443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 18:25:53 GMT
expires: Thu, 07 Nov 2024 18:25:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6860 829 B
1 KB 85ms
33ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c87e6cfa96f6c410884a070a7522dc93004151c48636dd9e385b755892898729

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SO9ZA5BcGBapvey60tKXUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fileforum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SO9ZA5BcGBapvey60tKXUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 19:39:56 GMT
expires: Wed, 08 Nov 2023 19:39:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 2477 170 B
244 B 96ms
35ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNUgDVs-3aaAmPulwB7DxmUjyL2YDmxfUoa4VKYud2u4O3_-qc_rHSzoXv-ipthly-tmRAGQXWEp7RsXoaqQ95PPxsvYNw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 2477
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZI2DbRPJCdJ66Xuzxp8fA&google_cver=1

43 B
335 B

43ms
42ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZI2DbRPJCdJ66Xuzxp8fA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNUgDVs-3aaAmPulwB7DxmUjyL2YDmxfUoa4VKYud2u4O3_-qc_rHSzoXv-ipthly-tmRAGQXWEp7RsXoaqQ95PPxsvYNw
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3COfYvfqLSyacIite7MbEyD8aGIvjya7cm3CQ17qfrD9r74C666oHiDfLB0QZn7aetgh8dC0f6YCDb8f0czUVfMK6KiWa6RtzK%2BGjOVLG1CqhU5LZ6pnR5sOLInkdly2%2FELDtX15gyeMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823048f09cba9bc5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZI2DbRPJCdJ66Xuzxp8fA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2477
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUvkDEBw7gdwwHj3HqBRZwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZI2DbRPJCdJ66Xuzxp8fA&google_cver=1

43 B
779 B

43ms
43ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZI2DbRPJCdJ66Xuzxp8fA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDGku0CGPOm49wBMAE&v=APEucNUgDVs-3aaAmPulwB7DxmUjyL2YDmxfUoa4VKYud2u4O3_-qc_rHSzoXv-ipthly-tmRAGQXWEp7RsXoaqQ95PPxsvYNw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5QSHU%2F99IQgloXFI81Dx%2FWZ2ZIN8h9wS9UyghhBtvP1WjmpJiD6%2Fh8Qh3Pzmq9q%2FGNIC459vSdE7FPX%2FbP6AcEjuM3QlyZEEvofhRBZvG0MZCmnqm1F4sOET2N6O%2Bqi8XCJWCLVMPIqLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823048f11fb91e1c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIZI2DbRPJCdJ66Xuzxp8fA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD28 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5435903913288&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD28 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5435903913288&version=m202309260101&ct=77&x=1&cor=10160303466892430000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BD28 34 KB
19 KB 316ms
315ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7XBP4e9hoO0MmuRYFbAuXTRa3DihVf8bRDVT3MmcyIA-uYevCjCZyjhr-DYgfm8JDUmWA5lkz6ylSReEp12ePTQV4hlmiUkANkjePRak9I4zB8TzshQe9cE5qSKi5b_CCDE2J7uZPfSzqAbSNDH2Qyym_oIppnbool0YLgl_vy3qgn6o&cry=1&dbm_d=AKAmf-Aq7EDJRy2H9ukqJ-HpcWCk7V_tANbnQqoE-2mL8VpG3aWzBq782ULpDjRfpSgtiymlgv2LdTUjr_LHdIUBJJP3523A8AfB9jGKrrN7AiYaUS_x2uK2EjegjPqVKhMoczqBaYHneazwiLdPyPmrfCWzl1c_cIbAr4ExFbEuoZw2AHBcJ0JB88sf4YdvSkFfCG1RwNt36sbjLdsE9rxmmn6h3fPNjpDZYWAPcyIo_drMDi5idZK5os9z-ezcy6DLzIcukoewGIQQqgkPdDaextI1eyFQguoYWlFQeoucSZhocmoO9KswDZdThmwtihNKuAoq74_1WY_t48S4AOvyHUl3ZrUiUhfI2iTZKb2OEB7rZAf-mogbErIwZxspXhEYk8BkIZU4zwcgwaFgUI6KwwX3BFzM3AugwpD1EQpBKt1bx6lKqOhSR8SJ_kPxcMPDJ_k_6PGmN-8lNmWn1O9mE5soWmdwT_upQynBLQ_S7y985XZkg8A1fQBvcnZmaD6cv32-UTkwj7YIm2Pkk8B1dOP0yA0aeV_Ghk7ta9ZDBfhRYeK2hBj2jmEMqpEJoo0XcajIzUI1SKw8VUOUVfqPp4fTP2PdsfOLrEio9Q-2nAFp_QZo5iCERwN_bC2cTbZ6Ww1nPrpMEKn4MGe_bpST1BwHTwl0_m3vHnUS5QD2SwbJI5RIs1kSC86aNOPu8ArWEwT25RB_QFX7QaCzM2Lx2BnHosvHldjWgU0ZCdTMQTFJrB_qP2R-keM2GgjAKVbFf8UB-AeAMjBkMUg-fLYCF4mOxpvx6X4qd48Ooe_Yijz0hntLlUe1Vz0SEF8a6NJdNBhmCNMWFKH3WmyqSFa_7SQcusKMGiOtfeHOyR-eU3RW-65QfPLxMITw2eZ7LY7rXus_53ZPFdL9B2rpyTmw2vl4fb5Vl5epKjaFOy_rcF1EFHHfyLeB4nKzjhjI8IRVcMZJm18u660Bb-yyIWAQMS8ZoY3n0uDXit7eT84JzDPkbSk6y0-Uzu_SFAoPV2X7qkb1DWjHZN72W_JiNUH9T78NdUAr40VDjpdR2EpSum62DdyRFw_sxyg_C1nGWiRNcg1_U1f4DL9CqP0pmqmWcqcSbtKDaDSxvhzHKWZrUE4kqRTWRWoghNkCAjMjFLimHa-t6U7drVjf14LdhigHo_aLdWFt2FpZ21PSEOts-D91BRotQZRCJqEVuqsj8XwKLUDtfwzvCABpw1SEQiAwFZa8H5qg1pDSOeptJj-nsw7lMc7SrxVpM9mB837IT45ZLIs9BYS0yeHmJQLmixyAKtFuvgtdBsPZee8VOPCpk4J88HpclEgeFg6CtMY8OGMeMdtBXxX-wc6i_isJd7plfE5yzuztTvQzDtg-Luh58pNEqB1ZUEBVFhrZ7vplKsoU1Jd0cG2LaVcoZRqnInkfOR3YsNMoB8y3zevKYdLKHxiOyY2PTc2THtxGauB-gMngaBWT_8Z6EHvWj3BYKu2YgnrsNzB35aKU2F3vpODvy7Av63VL6ckgv_xuCWnnoRDF-W9JpXOIyCeQP2ZK0seRG8cgqQiCZ0DjBRNFDS2AQz-wv24sgJdJa37U_wuqdMbna6-M7ZzoiV2ZwfNKApId7kIWm0vWDEagdkf00wbTUmvpAeZ-r_UTrMrJqRGr_Hf3TVdEuW0K0QwOo_SoFuk82uha8lzwocgQVXTnGTp4jzioUYJP2I128JbVP6wskkUd4NHVSfIZKhpH5g8db20keJLko8rzHJJLo7lfxWj8RIf89Jl1JBVFTvygXhH190lNH7xSvRlQmM_CKK7RrncxydPxvD7T-lRrjytVgzJUXLYc4Ouzj4jltCV72Kg8ikpNlhEbqEO8vrH05sa-XOMIrrdc--0Y-wjkvFY4lFZhy9eAWsJScMikBHLO2FmgsPlT-wAwNGuJI8WmIVkpF6UQvHCoD_BdIQXDwmO9ydilbWfmCLSD1V2o5x4eNZ-31KkWdLPD5AEOOcsUmRrP0ZyshnMYL4irNlr5EfwkqWQwmzxWH_rwWZwWgQSyw0KH6GeGAQBuPBx6rUaIStYhgz4I-lZ401ddncrds7KMcL9l2PnTuylS7LD4dGc8WXYxNHgK32N8LF5yLgxx2BH4gOCLoU-AJtm_FbdVd0OSGaH9QbXLZ3Vn43PJsuHvr4n_73dq036s4bDTug8UAyFf5tkUbxQhsnLCF2x2vegoCCbaaHlXlJyty5nZ3EmNGFTFrTo_WNDA5jI6q3dK81B1oICuS3xn29hFj6Krh7O_6dVfOizoiMad26RiieamZYWS4A0HQKWDjB9xCyxNLeguLjiP8npKi8YizC4gyvikH3Vw-neCIT4BsOsakYemV4c87oO_GKBqNB57iB14wz2FuRLC7E9dsIRizuNQ2YzVidOew1AxlrpYTzJedEgbL8UdHG5wmUa1NMB71u_MC7ZFpFPpKqFh_Q9YO8UhqrWt8gyEi4oVXaVQpcQ9DFteYo4VH_KRN7_xQMG8NwnA7Xw1K6IsaoNpzTYcx0WVGReFeAJUj3Hug0OwvLDkSDsG9bMBCQpe8WwOc7FV3kr6JbF704UxOxFrJoa0BAFLotiot5KOM9W_p5ZAuFxLa9Iox_B9gWhVTh0o2yJUB1eMQYOoXR4_wmBz2vkwmZkWBMQINhp5rd58InE75WarwCY9rT4jHVKKu9UPdwjmsoYPNorrtBpQfm4Gz6K1CqY8jvAFbsN7xt4kYPdYt5DzaQLYogEx8BM0qq9LT9zwbcAbTg-5IdftFtgSG9Y577TJoypHXEj6_2EJqvyuUbKPwRr8h2oJzPtN_8qjdWIAlDcTWENh8qiQdn3ttpmLLLyyMgLBXdI2-qXpIiWzzm1aZ6GgokLcyZzwC6ukZoLbgC4qcc3oSdlaztrzniaft9lRrZtOoB5XHe68fmu9JK6tp1lr-h0-12NpBXydmElIbSJqQYMcpAJnLqu8KbBCbUpgMV8j_t6cZXN49hHDDHFdhyG4_8Jp-66yrVkUt7nfkx5eVVhCQAHiON8n-K_GZX0BzKWZyrwyGV-rupbayMaGPaitGwomrZJ0U0ymuqqgSsOB7sTG8g2fnjVsiU6cJvt32whvUOAB0Kw0F4QWaEvD7_9dK8u6DCBl3Emk56f2GRkKFDxHaBJFW9FlhHlbvcWB9Hmas8Lq7p0MMdoDr8vqMqTaYyOjiFoFOuQAXfXIroXVX6QKQG30smsN6yQbo4xR1fFBGm76-sV7dPYqUMu9dQIKF5KgwgQKv60jQfajOfw_o-Vn7yj3HCKgavDD3AURmORoi0VRRzqENxekCU8l-KbpBNLoNIWvIDrzFcFPHNSYGrbcyCJVmSPBRyQYwPbHNqPEXn-GFl-D9x8oOnUaBOF6NzDTvzKQXYGzbghFTLdamybEvnpDA-BQF2JsG0MWBafP3wqVtW9WrMyI3qIwdQ2a1WEhvEegygCcdI2eAVG_Z4jabIn9tAc70jownMgbG2Oew2CVVDNARYCYMQH7wEV3DHb09uewzDD4_qAJ7gKEO_0VEGSBvlaJggovrC1f0rZIyjHCTXSADnX1WOMzj2d5qi2TwaW1ZFKhj5fczHy7qRg-S6CTC9JiTkc7-15-KvE4zTQ30JEuPuG6gtZAnunU0qBVEaRZ7myTuZ3RVKUy4D447CbC-jB3WOuutbLgVhuJZcVwooEflK9LOKA&cid=CAQSTgDICaaNBKGP_wG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax-1TFfwC399LD24qs_HkjeuQbbp1_phHH7T8VBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffileforum.com%2F&ds=l&xdt=1&iif=1&cor=10160303466892430000&adk=497053795&idt=76&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf53f2156589ab61d24698ecf925bbdbf2fccb615b69cacdc290938305349a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19697
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame FD0C 38 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 17:46:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6860 0
0 55ms
55ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231106&jk=1270744657566567&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FD0C 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rfX2Fw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame BD28 31 KB
12 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7XBP4e9hoO0MmuRYFbAuXTRa3DihVf8bRDVT3MmcyIA-uYevCjCZyjhr-DYgfm8JDUmWA5lkz6ylSReEp12ePTQV4hlmiUkANkjePRak9I4zB8TzshQe9cE5qSKi5b_CCDE2J7uZPfSzqAbSNDH2Qyym_oIppnbool0YLgl_vy3qgn6o&cry=1&dbm_d=AKAmf-Aq7EDJRy2H9ukqJ-HpcWCk7V_tANbnQqoE-2mL8VpG3aWzBq782ULpDjRfpSgtiymlgv2LdTUjr_LHdIUBJJP3523A8AfB9jGKrrN7AiYaUS_x2uK2EjegjPqVKhMoczqBaYHneazwiLdPyPmrfCWzl1c_cIbAr4ExFbEuoZw2AHBcJ0JB88sf4YdvSkFfCG1RwNt36sbjLdsE9rxmmn6h3fPNjpDZYWAPcyIo_drMDi5idZK5os9z-ezcy6DLzIcukoewGIQQqgkPdDaextI1eyFQguoYWlFQeoucSZhocmoO9KswDZdThmwtihNKuAoq74_1WY_t48S4AOvyHUl3ZrUiUhfI2iTZKb2OEB7rZAf-mogbErIwZxspXhEYk8BkIZU4zwcgwaFgUI6KwwX3BFzM3AugwpD1EQpBKt1bx6lKqOhSR8SJ_kPxcMPDJ_k_6PGmN-8lNmWn1O9mE5soWmdwT_upQynBLQ_S7y985XZkg8A1fQBvcnZmaD6cv32-UTkwj7YIm2Pkk8B1dOP0yA0aeV_Ghk7ta9ZDBfhRYeK2hBj2jmEMqpEJoo0XcajIzUI1SKw8VUOUVfqPp4fTP2PdsfOLrEio9Q-2nAFp_QZo5iCERwN_bC2cTbZ6Ww1nPrpMEKn4MGe_bpST1BwHTwl0_m3vHnUS5QD2SwbJI5RIs1kSC86aNOPu8ArWEwT25RB_QFX7QaCzM2Lx2BnHosvHldjWgU0ZCdTMQTFJrB_qP2R-keM2GgjAKVbFf8UB-AeAMjBkMUg-fLYCF4mOxpvx6X4qd48Ooe_Yijz0hntLlUe1Vz0SEF8a6NJdNBhmCNMWFKH3WmyqSFa_7SQcusKMGiOtfeHOyR-eU3RW-65QfPLxMITw2eZ7LY7rXus_53ZPFdL9B2rpyTmw2vl4fb5Vl5epKjaFOy_rcF1EFHHfyLeB4nKzjhjI8IRVcMZJm18u660Bb-yyIWAQMS8ZoY3n0uDXit7eT84JzDPkbSk6y0-Uzu_SFAoPV2X7qkb1DWjHZN72W_JiNUH9T78NdUAr40VDjpdR2EpSum62DdyRFw_sxyg_C1nGWiRNcg1_U1f4DL9CqP0pmqmWcqcSbtKDaDSxvhzHKWZrUE4kqRTWRWoghNkCAjMjFLimHa-t6U7drVjf14LdhigHo_aLdWFt2FpZ21PSEOts-D91BRotQZRCJqEVuqsj8XwKLUDtfwzvCABpw1SEQiAwFZa8H5qg1pDSOeptJj-nsw7lMc7SrxVpM9mB837IT45ZLIs9BYS0yeHmJQLmixyAKtFuvgtdBsPZee8VOPCpk4J88HpclEgeFg6CtMY8OGMeMdtBXxX-wc6i_isJd7plfE5yzuztTvQzDtg-Luh58pNEqB1ZUEBVFhrZ7vplKsoU1Jd0cG2LaVcoZRqnInkfOR3YsNMoB8y3zevKYdLKHxiOyY2PTc2THtxGauB-gMngaBWT_8Z6EHvWj3BYKu2YgnrsNzB35aKU2F3vpODvy7Av63VL6ckgv_xuCWnnoRDF-W9JpXOIyCeQP2ZK0seRG8cgqQiCZ0DjBRNFDS2AQz-wv24sgJdJa37U_wuqdMbna6-M7ZzoiV2ZwfNKApId7kIWm0vWDEagdkf00wbTUmvpAeZ-r_UTrMrJqRGr_Hf3TVdEuW0K0QwOo_SoFuk82uha8lzwocgQVXTnGTp4jzioUYJP2I128JbVP6wskkUd4NHVSfIZKhpH5g8db20keJLko8rzHJJLo7lfxWj8RIf89Jl1JBVFTvygXhH190lNH7xSvRlQmM_CKK7RrncxydPxvD7T-lRrjytVgzJUXLYc4Ouzj4jltCV72Kg8ikpNlhEbqEO8vrH05sa-XOMIrrdc--0Y-wjkvFY4lFZhy9eAWsJScMikBHLO2FmgsPlT-wAwNGuJI8WmIVkpF6UQvHCoD_BdIQXDwmO9ydilbWfmCLSD1V2o5x4eNZ-31KkWdLPD5AEOOcsUmRrP0ZyshnMYL4irNlr5EfwkqWQwmzxWH_rwWZwWgQSyw0KH6GeGAQBuPBx6rUaIStYhgz4I-lZ401ddncrds7KMcL9l2PnTuylS7LD4dGc8WXYxNHgK32N8LF5yLgxx2BH4gOCLoU-AJtm_FbdVd0OSGaH9QbXLZ3Vn43PJsuHvr4n_73dq036s4bDTug8UAyFf5tkUbxQhsnLCF2x2vegoCCbaaHlXlJyty5nZ3EmNGFTFrTo_WNDA5jI6q3dK81B1oICuS3xn29hFj6Krh7O_6dVfOizoiMad26RiieamZYWS4A0HQKWDjB9xCyxNLeguLjiP8npKi8YizC4gyvikH3Vw-neCIT4BsOsakYemV4c87oO_GKBqNB57iB14wz2FuRLC7E9dsIRizuNQ2YzVidOew1AxlrpYTzJedEgbL8UdHG5wmUa1NMB71u_MC7ZFpFPpKqFh_Q9YO8UhqrWt8gyEi4oVXaVQpcQ9DFteYo4VH_KRN7_xQMG8NwnA7Xw1K6IsaoNpzTYcx0WVGReFeAJUj3Hug0OwvLDkSDsG9bMBCQpe8WwOc7FV3kr6JbF704UxOxFrJoa0BAFLotiot5KOM9W_p5ZAuFxLa9Iox_B9gWhVTh0o2yJUB1eMQYOoXR4_wmBz2vkwmZkWBMQINhp5rd58InE75WarwCY9rT4jHVKKu9UPdwjmsoYPNorrtBpQfm4Gz6K1CqY8jvAFbsN7xt4kYPdYt5DzaQLYogEx8BM0qq9LT9zwbcAbTg-5IdftFtgSG9Y577TJoypHXEj6_2EJqvyuUbKPwRr8h2oJzPtN_8qjdWIAlDcTWENh8qiQdn3ttpmLLLyyMgLBXdI2-qXpIiWzzm1aZ6GgokLcyZzwC6ukZoLbgC4qcc3oSdlaztrzniaft9lRrZtOoB5XHe68fmu9JK6tp1lr-h0-12NpBXydmElIbSJqQYMcpAJnLqu8KbBCbUpgMV8j_t6cZXN49hHDDHFdhyG4_8Jp-66yrVkUt7nfkx5eVVhCQAHiON8n-K_GZX0BzKWZyrwyGV-rupbayMaGPaitGwomrZJ0U0ymuqqgSsOB7sTG8g2fnjVsiU6cJvt32whvUOAB0Kw0F4QWaEvD7_9dK8u6DCBl3Emk56f2GRkKFDxHaBJFW9FlhHlbvcWB9Hmas8Lq7p0MMdoDr8vqMqTaYyOjiFoFOuQAXfXIroXVX6QKQG30smsN6yQbo4xR1fFBGm76-sV7dPYqUMu9dQIKF5KgwgQKv60jQfajOfw_o-Vn7yj3HCKgavDD3AURmORoi0VRRzqENxekCU8l-KbpBNLoNIWvIDrzFcFPHNSYGrbcyCJVmSPBRyQYwPbHNqPEXn-GFl-D9x8oOnUaBOF6NzDTvzKQXYGzbghFTLdamybEvnpDA-BQF2JsG0MWBafP3wqVtW9WrMyI3qIwdQ2a1WEhvEegygCcdI2eAVG_Z4jabIn9tAc70jownMgbG2Oew2CVVDNARYCYMQH7wEV3DHb09uewzDD4_qAJ7gKEO_0VEGSBvlaJggovrC1f0rZIyjHCTXSADnX1WOMzj2d5qi2TwaW1ZFKhj5fczHy7qRg-S6CTC9JiTkc7-15-KvE4zTQ30JEuPuG6gtZAnunU0qBVEaRZ7myTuZ3RVKUy4D447CbC-jB3WOuutbLgVhuJZcVwooEflK9LOKA&cid=CAQSTgDICaaNBKGP_wG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax-1TFfwC399LD24qs_HkjeuQbbp1_phHH7T8VBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffileforum.com%2F&ds=l&xdt=1&iif=1&cor=10160303466892430000&adk=497053795&idt=76&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 20:06:11 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BD28 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 06:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 06:26:22 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTQ3MjM5NjgzMjczMAogIHNlcnZlcl9pcDogMTM0MDU1ODQyCiAgcHJvY2Vzc19pZDogMzU5MDc0NjAzNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5OTE5NjYy...
ad.doubleclick.net/ddm/activity/ Frame BD28 0
853 B 126ms
61ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTQ3MjM5NjgzMjczMAogIHNlcnZlcl9pcDogMTM0MDU1ODQyCiAgcHJvY2Vzc19pZDogMzU5MDc0NjAzNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5OTE5NjYyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9tdWVsbGVyLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDE0NjYwODgwNDg0MTY0NTg2NTg1CmRlYnVnX2tleTogMjkwMTczNDc4MjM0MDMzNzcyOQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMDgiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5OTE5NjYyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzU1MjAwODUxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1OTgyNTM0CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNjc1ODIzMjYyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDYzMDAwNDM1CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL211ZWxsZXIuZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9tdWVsbGVyLmF0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vbXVlbGxlci5jaCIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x5feb0897e29097c10000000000000000","13":"0x75d1585bc19441c90000000000000000","14":"0x5d8f167bec79b6930000000000000000","15":"0xeb62dc2990a71e940000000000000000"},"debug_key":"2901734782340337729","debug_reporting":true,"destination":"https://mueller.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["9919662"]},"priority":"0","source_event_id":"14660880484164586585"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame BD28 6 KB
3 KB 33ms
33ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=4787112&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-6676241418785266%26fa%3D1%26ifi%3D3%26uci%3Da%213%26xpc%3DGS8TsXTkFX%26p%3Dhttps%253A//fileforum.com&ro=https%3A//googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html%3Ffsb%3D1&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1515576950&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787112&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C3oAUDORLZZe_CM-U7OsPk6i-6AHJgf_6c_H_nLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk_QfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd-g8b4nxXYulQFkEnMvKciQMHh07qum1KYG56-CFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG-t-xrViw1HBUCQHO6iBYkN_HFl9pUWOlxym1Be0jMwWUf_4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha_1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r_Wnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv-5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4_DBOAEA4gFno2Ag02QBgGgBk2AB_DrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE&num=1&cid=CAQSTgDICaaNBKGP_wG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax-1TFfwC399LD24qs_HkjeuQbbp1_phHH7T8VBgB&sig=AOD64_20ulvxJADJfFcytA5Dz6gfxLRTew&client=ca-pub-6676241418785266&dbm_c=AKAmf-D6OUZ-EyPXF9_wq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1_ewvxYsx38B_BguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8&cry=1&dbm_d=AKAmf-Aml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz-y1_zM-aOgeuHkLb3LPZ6WCazcwtf_astgjPWMJ4JNHHgwDArI5AfgN_rtFSAeSO_0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa_rk4mQdpTqBaEN-lCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx_7bo_zxX7QLtWfTpd_dyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy-a0oj-KmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu-vvPBqKyp3RfCsPs98kHj-cjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp-MGDYBjAeLSj8XFzUAeaXUP&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 2b903bf843c553f3bca4f1fe7fa9fbaa3198f4276fd07f509239543963223997

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 20:39:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ED9D 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 220415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 06:26:22 GMT
expires: Tue, 05 Nov 2024 06:26:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
ad2.adfarm1.adition.com/ Frame BD28 3 KB
3 KB 91ms
28ms Script
application/x-javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/js?wp_id=4389191&gdpr=0&gdpr_consent=&ts=7299178365571632138&kid=5609187&keyword=PACS_4787112_17068014&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787112&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-6676241418785266%26fa%3D1%26ifi%3D3%26uci%3Da%213%26xpc%3DGS8TsXTkFX%26p%3Dhttps%253A//fileforum.com&ro=https%3A//googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html%3Ffsb%3D1&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1515576950&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: d044bf06dd6cd2d0bc44db373bef31d5cf036bb33dafd35d7c75ca820d2d425c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Wed, 08 Nov 2023 20:39:57 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame ED9D 38 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 17:46:15 GMT

GET
H2 200 banner Show response
ad2.adfarm1.adition.com/ Frame BD28 10 KB
4 KB 30ms
30ms Script
text/javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/banner?sid=4389191&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-6676241418785266%26fa%3D1%26ifi%3D3%26uci%3Da%213%26xpc%3DGS8TsXTkFX%26p%3Dhttps%253A//fileforum.com&ro=https%3A//googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html%3Ffsb%3D1&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7299178361292325222&kid=5609187&kw=PACS%5F4787112%5F17068014&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by: Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4389191&gdpr=0&gdpr_consent=&ts=7299178365571632138&kid=5609187&keyword=PACS_4787112_17068014&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 647dfc5e3595ce089fb8f85e52b9d461d82b4c3329e58e65f5b464aee252f0c6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 20:39:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html Show response
imagesrv.adition.com/banners/268/01/03/c1/27/ Frame C7D5 3 KB
1 KB 29ms
28ms Document
text/html 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by: Host: fileforum.com
URL: https://fileforum.com/profile/limittoad8/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 1cf56f2b1e386417e5b424806ea2c2c51e4625f7b59cd84555b4467164b3228c

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
content-length: 1106
content-type: text/html
date: Wed, 08 Nov 2023 19:39:57 GMT
etag: "3565472575-br"
last-modified: Thu, 01 Jun 2023 08:55:15 GMT
vary: Accept-Encoding

GET
H2 200 oba_priv.sjs Show response
imagesrv.adition.com/banners/270/ Frame BD28 2 KB
667 B 34ms
34ms Script
text/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7299178365571632138&btr=true&pos=top-right&cid=558342&aid=558342
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 4628ca1abf06698cf554b814ebc10c99f3211ee67e4d4f6337b75168b4fd530e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Nov 2023 19:39:57 GMT
content-encoding: br
content-length: 607
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame BD28 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf48fc9ce7e98d18205909b7a03ee18697200532239cf9eb37503f72b1ceca02

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AditionH5_ClickTags.js Show response
imagesrv.adition.com/js/ Frame C7D5 753 B
407 B 29ms
28ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:57 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:03:40 GMT
etag: "1134380014-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 330

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame C7D5 236 KB
63 KB 201ms
77ms Script
text/javascript 2a02:26f0:e600::687c:b20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:e600::687c:b20 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:57 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 08 Nov 2023 19:54:57 GMT

GET
H2 200 Mueller_Parfuemerie_emotion_728x90_x_210928_sm.js Show response
imagesrv.adition.com/banners/268/01/03/c1/27/ Frame C7D5 30 KB
8 KB 29ms
29ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.js?1656407911088
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: dd0b46d5b79ef40b86c04d942558894f745a78c14c68a69cf35f92f4eef67ae5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:57 GMT
content-encoding: br
last-modified: Fri, 22 Jul 2022 09:08:23 GMT
etag: "2171462209-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8564

GET
H2 200 adplayer_privacy.sjs Show response
imagesrv.adition.com/js/adplayer/ Frame BD28 20 KB
6 KB 77ms
76ms Script
text/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7299178365571632138&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7299178365571632138&btr=true&pos=top-right&cid=558342&aid=558342
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 48b3106c8ae345b5296203c10a13f543a83d8aeff1afef883be2976a31684bde

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Nov 2023 19:39:57 GMT
content-encoding: br
content-length: 6040
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED9D 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BzM3iDORLZdrpMqKP9u8Ptd-ZsA0AAAAAOAHgBAI&bg=!KCulK2TNAAb4oU7C2KE7ADQBe5WfOGr7mW_BmSbZPhrlX2jbusrYJGN-UFp_1JcgzEU51gDqiSLkkG5eF6l08RMQqcU6AgAAAJNSAAAAB2gBBwoAXkdzqStatKb7OLeyH4HrXqi9KPvtPK86SpE72MLxrcY5SeBBe2iWk7SLAM-MpHD6FztDuZqcerAa37paTUCmot3L8thQpGtveQZaOTJJy2Quk2xDA_69R1TkBQUmc9eZAxCtnkkdkFnAwbXwFsF7trfAFqiU5ct8QOkBY2XcFCDBbJGoyFrtaS89QxNrQ_gT8ioEdFoDy5pBlpZLSlgiDU-AHn_rR_jiNA2jQJmDeL9qIoHfK8t4b7miUfF5G8HTudFPaSVyMcP_CCt1cn749D0mQ0Bp5mu5SZmA6LKNCZKBMpP4YeMSc3EquLqKdI9iOQ-JpMwl-_lIIY9rKO1caGep_DfU8k5LgXr-BYb7ylE1cRY-KXHofvgYWTxFfALU9-SWyWT16pn3Jbi_6PH10WaTH5mFL9Fb7LX_Bg531ivVZJKhtzo1EXHt5mfmN8VpnUf874TnIjrFOS_fbbp9TOJ6Trv1XFwaPicvzvSJR5lusC9Oy6gicckYFgX_pHmsPg9Mjh5mTvKyROYwKWu3C3M7PlPLYaswnTHwZt9FtVumehxCimpKtNpIJGycglW0WPlPvIIMXx0J7p5veUgmDt247SZ6rE8bSTrJGnbemnZRCiFPE-R0fqErBywukzc4pz4skgfUoguPYWkF_1HBop8WMhWKpcNV70ga8_dWJOGNKrBwVT1X55Vt3eECpuynaxfgQz1Q2SEx77cdxCF1eHgeLdCM4P9Tx9kcsUwelP-Lky3dpqlG67Bf24zu0VmY1s16r8N0amrsa0596VuZbB0Lz2CYcP2q_t_a498mq6bsMJbSLFJUmUn-5Ar79AXyYhY9AW7y6y5pYzC36jvmkx_L7Rgt7SeBRuQrhq0pRp4FwKplG4wmND9p1lrK9WQaRdS6N6z0V8oI19ncsV-MYIzL_eGfp3mbfS0Slqe4cM1jCptq8f7CXd7BBpkIOkjHZsAlrMBJdl88XEQ0xnPtQbh9xtTAfThNqxaqfGdCF05LGjgflr7NyqRPnkglxCl7OJkYZwtl3BWN9Rn7I3YWzfyBPDmeqkt7et5SHl-bE28o8QKjSERXCjdWXD-WpXbzUCxK3OPaSlHc0SkJ-lC3Z606EdWJsiNGUanclbKgbQ66LB_g9vkuGZuIQRfXwlEINlFRFCtipU0mkKnqYxvHDgSv

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231106&jk=1270744657566567&bg=!AwClAE_NAAb4oU7C2KE7ADQBe5WfOOCtrneWZ1s3EiJZNJDMd0JpraQ5itC6YAMMMGfQT93kQ6xPt5EnW-X7jkTJSfqsAgAAAE5SAAAABGgBBwoAd1Meg_wq4a_BITlJVzKNAXWkktdLmndS8X-vYRpSvznKNRtxKUzsCinm3RHfOhlmGHFxAMFVPr8d3AMwO_vodXSuvNbOfCOlQbX9we9sMEoDHyLKLF_UHOXMoRnKCbVp_sJOmUwG8gIgPKN3QVGcBwjuFGYhMErdmQLDfQ4mMOU1X5EHcsDYsGhZS_V7-upwAZEeVaBJxPnHOUjOf1hRyDs7-JLcqlgwWxY__Kari3MZCCfwBc1OfqAagV2AnB29IKKwrjn8itv1LtAsPoTq0mJOoebNEKtGgvpj4tR13n5ZsF_bok1kZ7IJyAS7zcj58dTgBAFvhbNlOqvYUdTRtRGavaorxJP2JKcSPEHmPzRHLuXmb0f2t5P5X29BnckN5Mc51Ol6W2qoAKkJmLLygOjS-yDOIA8VY465MUtJ_bVTsofCyfUZkQU8CsMsG8Q93nRdmFRcTrMUHdu5IeiGiPyoXbJHeSqehpNs1l_hpmoR9ErpC_iX0Ym_XV9nOgVJhP1usHGHiPA8xLfvzwhRnCtKw5M0mMKCvtb1sy7bHLmzvWTrbSuGguvr_PBS9wjVg4Jm2EtrBg3YzekFi_fmPw4gAsUH_oIlknWZ_1fH3ofOh2j8uiQ6EAwBwmIl08Scq95EKkVWVJj9j0aE8_weyc-Gk-5GjM5hS7DC0VVrWemtUrWDo9unoe6L_7Qh7DO63y6MhEb7qB-XNhaGD5Vz886hcsn-FJiXRy4oJ2uAfkxwXpMLEJsZ9BQWEwZ466Rmg8FW1b4-euVTMkWyO-ztuf--yyxQI7czYPPMUkKBjNqrKaZxSoH9n-GwexuM3QfMiziLatL6WYppb5KhrZpWRKomRqhw9GSV0uiCwA0bqtOvnXpxSrU2K_FUQ6b2gUuI-IIhOVDVJr-LrniLbOOmyP-7qZCsph1RMbIuS5-2ynQLYaJ6DFeGud1sWQevYv14ahhJnWt4gt_vc3ok4cSO5zR_4C-rKHaToK_4ug5HS9pCkqZV1TS2hM_syfAgTTlVtUc2SND2lzyWmcXrieCKNKcvdr4mxNEpTTRuRVTqxb5U3eix94wCTH4OKXV7NM_SQoSK20jdtmwcHRNZwSU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fileforum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame BD28 3 KB
1006 B 28ms
28ms Stylesheet
text/css 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7299178365571632138&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:39:57 GMT
content-encoding: br
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
etag: "524465627-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 918

GET
H2 200 oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame BD28 3 KB
3 KB 28ms
28ms Image
image/png 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Nov 2023 19:39:57 GMT
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges: bytes
etag: "502461915"
content-length: 3262
content-type: image/png

GET
H2 200 bg_728_1.jpg
imagesrv.adition.com/banners/268/01/03/c1/27/images/ Frame C7D5 3 KB
4 KB 28ms
28ms Image
image/jpeg 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/27/images/bg_728_1.jpg?1656407911061
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: d3aa9f9a05e24ce6cbcbb5942e65533ddd7eebeee930d0066e57ab3d03d9fb4e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Nov 2023 19:39:57 GMT
last-modified: Thu, 07 Oct 2021 16:36:15 GMT
accept-ranges: bytes
etag: "1057797892"
content-length: 3505
content-type: image/jpeg

GET
H2 200 bg_728_2.jpg
imagesrv.adition.com/banners/268/01/03/c1/27/images/ Frame C7D5 5 KB
5 KB 29ms
28ms Image
image/jpeg 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/27/images/bg_728_2.jpg?1656407911061
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 722e3ea66c971551f17e8a246a066e6246832107da139f9b82cc9c2b63946af5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Nov 2023 19:39:57 GMT
last-modified: Thu, 07 Oct 2021 16:36:15 GMT
accept-ranges: bytes
etag: "3615159036"
content-length: 5245
content-type: image/jpeg

GET
H2 200 bg_728_3.jpg
imagesrv.adition.com/banners/268/01/03/c1/27/images/ Frame C7D5 6 KB
6 KB 29ms
29ms Image
image/jpeg 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/27/images/bg_728_3.jpg?1656407911061
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 7b5738605cd2cd3b8f1b8722625473f7376cdf907fe9b79f32c00ea096bf3320

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Nov 2023 19:39:57 GMT
last-modified: Thu, 07 Oct 2021 16:36:15 GMT
accept-ranges: bytes
etag: "2582755041"
content-length: 6444
content-type: image/jpeg

GET
H2 200 logo_img.png
imagesrv.adition.com/banners/268/01/03/c1/27/images/ Frame C7D5 4 KB
4 KB 32ms
31ms Image
image/png 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/03/c1/27/images/logo_img.png?1656407911061
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 1102de7853348ed8ff7c6bafa7b5aa738e3e4d79957769e0b2e9f76086280e5d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/03/c1/27/Mueller_Parfuemerie_emotion_728x90_x_210928_sm.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3oAUDORLZZe%5FCM%2DU7OsPk6i%2D6AHJgf%5F6c%5FH%5FnLKYEpfPor3AARABINnfigNg9ZXOgeAEoAH4k9q5AsgBCakCxoNSVbb2sT6oAwHIA5sEqgSSAk%5FQfZsvQYywWOo3OA3pYhEGSkjUnvsUhRkLduUXbzV6pd%2Dg8b4nxXYulQFkEnMvKciQMHh07qum1KYG56%2DCFNFIx0QzLrUbCFFgFfvipEnHmcPDnKfG%2Dt%2DxrViw1HBUCQHO6iBYkN%5FHFl9pUWOlxym1Be0jMwWUf%5F4I1iNu9SsYpmz7fSd4JxRbjVgRvkfyS5xnqeYCEDgHha%5F1OZHyM7reQvtLfyzd7WPOOLt34fwiecxChsgZsO4r%5FWnc9E5ybFF0HJOkCRRwlQ5wlsBC9WSmUv%2D5z8utJAkPraCThsn8Lk5D1CTEVdFXyc7GaXN927UcumDyp4o2IPGluI0FAQS486QbNtx0xRiPrNYZgu1wbEDABMvGp4%5FDBOAEA4gFno2Ag02QBgGgBk2AB%5FDrpcYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIFAiAYRABGB8yAooCOgKAQEi9%5FcE6gAoBmAsByAsBgAwBqg0CQ0iwE53orhXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNBKGP%5FwG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax%2D1TFfwC399LD24qs%5FHkjeuQbbp1%5FphHH7T8VBgB%26sig%3DAOD64%5F20ulvxJADJfFcytA5Dz6gfxLRTew%26client%3Dca%2Dpub%2D6676241418785266%26dbm%5Fc%3DAKAmf%2DD6OUZ%2DEyPXF9%5Fwq5AGgwZYw0vHyQjfFGATdgXQldUZrJYlnqb95cLbyzcnTQ4m4oSsnvjUqJktQvsRh6pPeJGzq6c9POeeSwJCnm5FmVDUlwxRS1c6DxjZdBGXW2NMI1%5FewvxYsx38B%5FBguuZwUHQrRHvFVDRnZ0aTKbFM5DUDlXnvdd8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAml8PKNbgXV4nlbIsp3s54MK348SzTwNZcEse6nhfjmobuDH52T2JVXiwmdDCVxvAz%2Dy1%5FzM%2DaOgeuHkLb3LPZ6WCazcwtf%5FastgjPWMJ4JNHHgwDArI5AfgN%5FrtFSAeSO%5F0bU6TinhDLvZhsuDano0gt9LHxTpx5ES1LzAMP9DUwHsXyJWwiI1rAc7Y78LBa%5Frk4mQdpTqBaEN%2DlCMO4wx9Gc79FkXeKXpgH6WLyV9FXSdwx%5F7bo%5FzxX7QLtWfTpd%5Fdyvjl4PsJjEbuJwHs8TxdXoltpWXOsApgbMzEgDSy%2Da0oj%2DKmJLCf2yvhuyREwfsaM5haKfK2dx1DQX572fngq0GIzPlPQqHAvh9nSGuAvi6zhraBxbHX5r8J5DjSOd9p5hIViP9gSI0CC89EiFk63AntoOsym3i8IMI6Var2cnNz7n4VQnBQTC0PjYsj0aLrDERvGpRxVprcEu%2DvvPBqKyp3RfCsPs98kHj%2DcjQ6A5IOzX0kHDQCcVhbA1r5HfQl3o4qyPkY5LIpEMQUU8m4lm0IAicfb3Zxx8c3qjEnPjp%2DMGDYBjAeLSj8XFzUAeaXUP%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7299178365571632138%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4787112%2526kid%253D5626024%2526bid%253D17068014%2526c%253D53900%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7299178365578840845%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7299178361292325222%2526sid%253D4389191%2526kid%253D5609187%2526bid%253D17023271%2526c%253D38706%2526keyword%253DPACS%25255F4787112%25255F17068014%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Nov 2023 19:39:57 GMT
last-modified: Wed, 22 Sep 2021 09:26:17 GMT
accept-ranges: bytes
etag: "1122105155"
content-length: 4110
content-type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BD28 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOq2H5cZJwyKHlirjq569nKgiBQdoMQ2AtxA-VJgl_hwdi2NjaLYIjghfQ92K9rJlXNTv1_xHRtiThsXVeCAdjfWH2cnGrYtSV164ioDQstzj9dgrkBLGx1Y9MgeBURXX6o1ZsObhmHw&sai=AMfl-YRwFiSt1nAo6aBEdWQb9P1_qzS9XwjGOfjq5zXkM_RFDxV53USlVcD3HSwsv7f_CfSsMqvoJwHZK3HyNK5mRmbHEkfWpmu8hYJS6nBsYoDMJG92Eqlsar7X0x6WQZAMGG8TSAmA5Es5tLZlq0Ou&sig=Cg0ArKJSzE9oZGEbOrtKEAE&cid=CAQSTgDICaaNBKGP_wG6j9mAv48CPbazAzOoRUl8xHkNmQs6O4qF6k4THHcY6PShSaVbNLmax-1TFfwC399LD24qs_HkjeuQbbp1_phHH7T8VBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=681,1000,1000,1000,1000&tos=681,319,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699472396701&rpt=637&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD28 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5435903913288&version=m202309260101&ct=77&x=1&cor=10160303466892430000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 19:39:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fileforum.com/	1969-12-31 23:59:59	Name: sixsession Value: knocmgvedl3jq6ffd0qc0v9goo3q6fmd
.fileforum.com/	1970-01-21 01:40:32	Name: _ga Value: GA1.1.1235627937.1699472396
.fileforum.com/	1970-01-21 01:26:08	Name: __gads Value: ID=3260258c659d8ef1:T=1699472396:RT=1699472396:S=ALNI_MY5TV_QeaXWMr9JHRJYktC6jKCiBw
.fileforum.com/	1970-01-21 01:26:08	Name: __gpi Value: UID=00000ccc4264f923:T=1699472396:RT=1699472396:S=ALNI_Mbaj5vEgfL77sBJ50Dop3wmZ79JpQ
.doubleclick.net/	1970-01-21 01:40:32	Name: IDE Value: AHWqTUkOpbZ2lYFw7e5X2ViRWVO3KKZehDKIlewnguNQn3qmfhMNwbZf62B0P4sp
.adfarm1.adition.com/	1970-01-20 18:14:08	Name: UserID1 Value: 7299178361292325222
.casalemedia.com/	1970-01-21 00:50:08	Name: CMID Value: ZUvkDEBw7gdwwHj3HqBRZwAA
.casalemedia.com/	1970-01-20 18:14:08	Name: CMPS Value: 5267
.casalemedia.com/	1970-01-20 18:14:08	Name: CMPRO Value: 5267
.adfarm1.adition.com/	1970-01-20 16:04:34	Name: lv_5626024 Value: w=4787112\|t=1699472397
.doubleclick.net/	1970-01-20 16:47:44	Name: ar_debug Value: 1
.adfarm1.adition.com/	1970-01-20 16:04:34	Name: lv_5609187 Value: w=4389191\|t=1699472396
.fileforum.com/	1970-01-21 01:40:32	Name: _ga_H9SLV28721 Value: GS1.1.1699472395.1.0.1699472397.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
fileforum.com
googleads.g.doubleclick.net
images.betanews.com
imagesrv.adition.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gravatar.com
104.18.36.155
108.44.238.29
142.250.185.194
142.250.185.70
2001:4860:4802:34::36
217.79.188.10
217.79.188.21
217.79.188.46
2606:4700:20::ac43:4a9a
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:26f0:e600::687c:b20
2a04:fa87:fffe::c000:4902
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
06f1ec52dea17ff1c6bed231b53938e5200586e1b37c6707f453b115454da806
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1102de7853348ed8ff7c6bafa7b5aa738e3e4d79957769e0b2e9f76086280e5d
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
160d317860d283845ddde93faa4a3c41f42f0e777acb74dba3a716555c89610f
166a209acbde6e54cdb515c7ca4fb7dc67a1c54e725e3b45a17df3c03b73d8df
1cf56f2b1e386417e5b424806ea2c2c51e4625f7b59cd84555b4467164b3228c
2b903bf843c553f3bca4f1fe7fa9fbaa3198f4276fd07f509239543963223997
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f69f77c0a1f23a7910ac5a348efac89fa905db86751fe119111ecf49bb30be9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34de0b876686b5e0e70169241a272564f2813e26def4572b91e79af258ad3d89
3a8f59aaec3baa11914a42d01b1513778de352d807ced7c5a7296f21b97e1848
3b4cdcf6af9ce83815c1833e7e92d9931d0ff301d8ee18e674174bb287c160dc
3ddef050c86e4649d6dd4c738fa529f2a5ab14d07e16f50fa5ffecce6510f35b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4628ca1abf06698cf554b814ebc10c99f3211ee67e4d4f6337b75168b4fd530e
48b3106c8ae345b5296203c10a13f543a83d8aeff1afef883be2976a31684bde
529ce545d0f689295a76134ae7f6add7b8b78904a15b6bef1a5a6bd0cb47b281
54b646173856c05ad595598fcfee96dc54495c2f9a30ea1c55515b64789d2803
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5916e0b240cb97c609bce4253569ab210ddd5f3569b61d2c6ed8efe310844dc8
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
605ff8b94000a08f220e5bf9c4994d3bea1baacd49ad805252a4face2d004287
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
62c8cbe4f09297e5258b5e791dcec63a896556b0835f68474b3031ea1062e655
647dfc5e3595ce089fb8f85e52b9d461d82b4c3329e58e65f5b464aee252f0c6
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
7087b3afc70c0f1a640c5327239e94a508b7a7751800b3952edf804a3837a2e8
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
71a2933a8805045e2305cbd2824ab3bcc1a371f1e6d111645ce14cd7c7c5bf7a
722e3ea66c971551f17e8a246a066e6246832107da139f9b82cc9c2b63946af5
7b5738605cd2cd3b8f1b8722625473f7376cdf907fe9b79f32c00ea096bf3320
87391d2ee51716bf33aed0b2b515033866a6ab16ddf3712dfbc82c6e6572b30c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf53f2156589ab61d24698ecf925bbdbf2fccb615b69cacdc290938305349a43
c87e6cfa96f6c410884a070a7522dc93004151c48636dd9e385b755892898729
c8b09c6bbbc315b2605f546f3738f4100237418285d218ca3f07dbd35182d8d0
cce5bec418d49e66720b68cb29ade9f49a4c36001f59161ffbc313c4a934d1ac
cf48fc9ce7e98d18205909b7a03ee18697200532239cf9eb37503f72b1ceca02
d044bf06dd6cd2d0bc44db373bef31d5cf036bb33dafd35d7c75ca820d2d425c
d3aa9f9a05e24ce6cbcbb5942e65533ddd7eebeee930d0066e57ab3d03d9fb4e
d7c94053a53a49905f28e73feb467bb8404863df6209d1ed3481bcbad273f87f
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87
dd0b46d5b79ef40b86c04d942558894f745a78c14c68a69cf35f92f4eef67ae5
deda914cce5fb739ca5624e64be7af22f3a426623b3bf174429287d2376dfc4b
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed80ffdd5f0f687b2c5deb49162d1c19e2ba9fcba5f130bffd0f0853a759d04c
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f061bc61c6a752564bba70c0675de98f06d26b6fe0655c2189fba606539accab
fe00f6a25703ead073b6b2ce1a56c07fb5dcb6da14aa2c73a06dce0ffb90b9ab

fileforum.com Open in urlscan Pro 108.44.238.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

97 %HTTPS

61 %IPv6

13 Domains

18 Subdomains

19 IPs

4 Countries

841 kBTransfer

2322 kBSize

13 Cookies

6 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fileforum.com Open in urlscan Pro
108.44.238.29 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

97 %
HTTPS

61 %
IPv6

13
Domains

18
Subdomains

19
IPs

4
Countries

841 kB
Transfer

2322 kB
Size

13
Cookies

70 HTTP transactions
1 data transactions