fastshare.live Open in urlscan Pro
2606:4700:20::681a:977 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fastshare.live/
Effective URL:
https://fastshare.live/
Submission: On January 18 via manual (January 18th 2024, 11:26:34 am UTC) from SK — Scanned from DE

Summary HTTP 85 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 10 domains to perform 85 HTTP transactions. The main IP is 2606:4700:20::681a:977, located in United States and belongs to CLOUDFLARENET, US. The main domain is fastshare.live.
TLS certificate: Issued by GTS CA 1P5 on November 25th 2023. Valid for: 3 months.

This is the only time fastshare.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	2606:4700:20:... 2606:4700:20::681a:977	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:c400:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	75.2.86.129 75.2.86.129	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	3.127.87.183 3.127.87.183	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
16	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
85	17

20 2606:4700:20::681a:977 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fastshare.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:c400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.86.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3436eee63857ff41.awsglobalaccelerator.com

gaa.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.87.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-87-183.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 356	355 KB
20	fastshare.live 1 redirects fastshare.live	242 KB
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	5 MB
11	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	56 KB
6	gstatic.com fonts.gstatic.com	48 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
4	adscale.de js.adscale.de — Cisco Umbrella Rank: 6675 gaa.adscale.de — Cisco Umbrella Rank: 173559 ih.adscale.de — Cisco Umbrella Rank: 4137	11 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	66 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
85	10

	Domain	Requested by
20	fastshare.live	1 redirects fastshare.live
18	pagead2.googlesyndication.com	js.adscale.de pagead2.googlesyndication.com tpc.googlesyndication.com fastshare.live googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
16	s0.2mdn.net	fastshare.live s0.2mdn.net
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com fastshare.live googleads.g.doubleclick.net s0.2mdn.net
6	fonts.gstatic.com	fastshare.live
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	fastshare.live
2	js.adscale.de	fastshare.live js.adscale.de
1	ade.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	ih.adscale.de	js.adscale.de
1	gaa.adscale.de	js.adscale.de
85	16

This site contains links to these domains. Also see Links.

Domain
fastshare.cz
www1.fastshare.live
fastshare.cloud

Subject Issuer	Validity	Valid
fastshare.live GTS CA 1P5	`2023-11-25` - `2024-02-23`	3 months	crt.sh
*.adscale.de Amazon RSA 2048 M01	`2023-06-09` - `2024-07-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://fastshare.live/
Frame ID: 4A513B9FF94F7CB10B67AC20AF90DCD3
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2021102314463136
Frame ID: 4E9CB410196A08422BC57B6A61867887
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240117/r20190131/zrt_lookup_fy2021.html
Frame ID: E90E7889BFB28D1ADD9BC0C2510472DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2021102314463136&output=html&adk=1812271804&adf=2373185777&lmt=1705577191&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Ffastshare.live%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705577190717&bpp=3&bdt=276&idt=334&shv=r20240117&mjsv=m202401110101&ptt=9&saldr=aa&nras=1&correlator=3346766877358&frm=23&ife=1&pv=2&ga_vid=1151210892.1705577191&ga_sid=1705577191&ga_hid=290842331&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=468&ish=0&ifk=2775715434&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95322195%2C95320870%2C95321627%2C95322163&oid=2&pvsid=250548084678002&tmod=970320849&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7rbzbhm8enzt&fsb=1&dtd=401
Frame ID: 46473DB7DF2D92035C0B2FE1B5A3227B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2021102314463136&output=html&h=280&slotname=8477927332&adk=496867508&adf=3279755397&pi=t.ma~as.8477927332&w=468&fwrn=3&fwrnh=100&lmt=1705577191&rafmt=1&format=468x280&url=https%3A%2F%2Ffastshare.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705577190720&bpp=2&bdt=279&idt=402&shv=r20240117&mjsv=m202401110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3346766877358&frm=23&ife=1&pv=1&ga_vid=1151210892.1705577191&ga_sid=1705577191&ga_hid=290842331&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=938&biw=1600&bih=1200&isw=468&ish=0&ifk=2775715434&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95322195%2C95320870%2C95321627%2C95322163&oid=2&pvsid=250548084678002&tmod=970320849&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.pqvejpo78xbx&fsb=1&dtd=406
Frame ID: 1483DF25FCB17C2A79F999B2BDA25238
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 19CC4F8ADB52260EF1BF3DB3C0B3D4F9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A37A8B438192C5AB54CB08804DA8ACE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNVjNRmg6chfKuqKLkUfoVApoRX52WLP_mZ0SJpW20BA_wPDlPcqMLXEWoKlgKDI9OmBMKvLTrZczi-t6IBqb9xoGNDkcUIpnf4owv2h8tWfZX8xv-d9Gpd652xzGpKPIoTV2mo0CwTuinc89RrzOHWOxOuVTuZ0-_Qwia9ZyrjztBu0alU
Frame ID: 8A2AE1450CFB3D8C45E4AF7B34C48CAC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7F3E0963C3C45BFF658DBF6F35D62DE9
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3DA6522855A5AE7FB09354B219A69C0C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
Frame ID: 8922500DA45CBD96D57096AC37D56C47
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 6B5503874F67B24E8643FED89BED627D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FastShare.live

Page URL History Show full URLs

http://fastshare.live/ HTTP 301
https://fastshare.live/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

85
Requests

95 %
HTTPS

56 %
IPv6

10
Domains

16
Subdomains

17
IPs

2
Countries

5706 kB
Transfer

7247 kB
Size

17
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://fastshare.cz/cenik_cs
Title: Využijte časově omezené AKCE! Kupte si tříleté předplatné a stahujte neomezeně za 49 Kč měsíčně.

Search URL Search Domain Scan URL

URL: https://fastshare.cz/login
Title: Můj účet

Search URL Search Domain Scan URL

URL: https://www1.fastshare.live/nahrat
Title: Nahrát soubory

Search URL Search Domain Scan URL

URL: https://fastshare.cz/reg
Title: Registrace

Search URL Search Domain Scan URL

URL: https://fastshare.cloud/nahrat
Title: Nahrát soubory

Search URL Search Domain Scan URL

URL: https://www1.fastshare.live/manager
Title: Stáhnout manažer pro PC

Search URL Search Domain Scan URL

URL: https://www1.fastshare.live/kodi
Title: KODI plugin

Search URL Search Domain Scan URL

URL: https://www1.fastshare.live/android-app
Title: Android aplikace

Search URL Search Domain Scan URL

URL: https://www1.fastshare.live/synology-nas
Title: Synology NAS plugin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fastshare.live/ HTTP 301
https://fastshare.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdOE7bNB1t9B9Nefus_lMQ&google_cver=1

Request Chain 47

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZakK5xe6zbhCnslxYjHDEAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdOE7bNB1t9B9Nefus_lMQ&google_cver=1

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKydUBtB83Bicb47puMizBg&google_cver=1

Request Chain 49

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk3Mjg3NjU4NjQ5MzY2MTAzNQ%3D%3D

85 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fastshare.live/
Redirect Chain

http://fastshare.live/
https://fastshare.live/

162 KB
29 KB

187ms
101ms

Document
text/html

2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8990cc263d825c9d1265eb049d21f234a903de722666f0061eea283c9a0eac7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84767bbd4bbc6adf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 11:26:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RwqDF9sij4xEgrtp6r6%2FWZfKrbor62wWcWg71dM%2FiIa2x2Q%2B%2FyvovT9tPntRSFZDQ5Vtj2eyYQoeufBmyH6Q75EffuwpCwldgSFvlnuk2SfpBhIFaPt0B2zOQ%2Fu85YDGidp9l3Kd6SJZZrt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 84767bbc6d2771c1-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 18 Jan 2024 11:26:29 GMT
Expires: Thu, 18 Jan 2024 12:26:29 GMT
Location: https://fastshare.live/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agFqX6wKOe8HtDXMOnmnJpNyz%2BjPEAdpfJwOG0BaEUluaxSdeHWF5m2TTJ8GkU1UH57PvJY3zYNZe8j4TLQFHvAj%2B%2BRjJxCWT3JGb25jO690YH%2BRwsJBkUTfvdJwwXfBdtdKnaGAlnEnrBQP"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 jquery-1.11.3.min.js Show response
fastshare.live/js/ 94 KB
34 KB 107ms
107ms Script
application/javascript 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery-1.11.3.min.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 07 Oct 2015 12:48:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"176d5-521832a05aa40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfsorBpS5P%2BV2aS5q2VK%2BjDkaBHeIM7sA4JpDCSNgsyKCsR09WIp%2BK53JJ7JGND1B%2B0kEFXdOjyjNpI4ZcOy0EFbEqJrGCzt8uvC1hCBlgcsoTraD47QRR%2BCBBu%2BvZHBAEGW%2Feh8jUBWoyal"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84767bbe2cab6adf-FRA

GET
H2 200 jquery-ui.min.js Show response
fastshare.live/js/ 235 KB
64 KB 122ms
121ms Script
application/javascript 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery-ui.min.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 07 Oct 2015 12:48:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3ab2b-521832a51f580-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3ALoANbiX5HvdqwuSao7AmiBoNnaZ0FA87Is0Wj%2FBmIMOqRFYj3cUi9Ol5K3EYn4z9TrW63RSq2xGirKtDhG0V8NTKaVjdSOu52D8iJRWAgUJX1bdNoVHTUMYV6KNsQbK6h5Ta6zvQD0i1a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84767bbe2cb16adf-FRA

GET
H2 200 easyResponsiveTabs.js Show response
fastshare.live/js/ 9 KB
2 KB 84ms
83ms Script
application/javascript 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/easyResponsiveTabs.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e430bd1c5cc3d579824822786e7605d36ac37a8b44f8b99480b00cb045917de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 28 May 2014 08:05:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"222d-4fa71484b8580-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BqcKUrNo6r60gWVxTw3wn6SuhPaaHuSj87phQ4NfpxvVNujt4%2FUtmJiIx8A68xLkkRusuEIgCWubBLPelqRGz5s%2FBOSQK9ATx897ZQHUEuARzA4fmmhGCFzGf5yqz%2F6vhu%2FZvcVh6%2FN1E2U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84767bbe2cb26adf-FRA

GET
H2 200 jquery.countdown.min.js Show response
fastshare.live/js/ 5 KB
3 KB 83ms
82ms Script
application/javascript 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery.countdown.min.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 25 Nov 2016 16:06:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"14db-542224f669f00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Vzlg3t9RM5y8Zwm93gti4irKq3UIumqvXEqV72%2B6%2FZkuiQUsiJV4Gru5H5BXFjRvLULSDQBiaDbTB3Ehbt5kji4xUzayigx1ENgSHedYCXp2qVCbLsdF09RPj5NXvPfZsEXzYd7QzQaJcWT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84767bbe2cb36adf-FRA

GET
H2 200 fs-logo-live-2023.jpg
fastshare.live/images/ 5 KB
6 KB 86ms
85ms Image
image/jpeg 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/fs-logo-live-2023.jpg
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae82507852468a5d918f7be47840b1b507f09e3f7664c8af9f338b804b44f99d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Mon, 03 Apr 2023 11:10:56 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "15b0-5f86c9ce59000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoyZsUMhnha131ISOOTotvmFqv0GFpP1nFuayEaW%2BtAoVpr20inf%2FhFBeytHfU2%2Fg0SPIX6BABebTRMJMCo13mCGQqfMR6SkYqE2EqW%2B%2FsyBNS0QfUxjnR6bqhasEa%2B6bdXgquE2RSeieoAV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84767bbf3dcb6adf-FRA
content-length: 5552

GET
H2 200 getads.js Show response
js.adscale.de/ 15 KB
5 KB 181ms
39ms Script
application/javascript 2600:9000:223f:c400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/getads.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2655d8437f05395e15a73021d97052e72c60130fd2f3792152e018a77bdff31c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: iEKEhuuBbDLtKaiTu5FuDpyhJcw6LTOz
content-encoding: br
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 10:03:49 GMT
last-modified: Thu, 18 Jan 2024 08:03:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 4962
x-amz-server-side-encryption: AES256
etag: W/"25d92417a3951bf4377f4882c346679d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, stale-while-revalidate=86400
x-amz-cf-id: bYQNXEybRAKHhqp4UNgTgq6pzN-YNKxuADM0rO5IVyTeiEV0EjLgLw==

GET
H2 200 flag1.jpg
fastshare.live/images/ 2 KB
2 KB 88ms
88ms Image
image/jpeg 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/flag1.jpg
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35df8a00a21530ec3f17faeb3feb03b4e11c4630396c452bb98dbc9bee18c49d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Fri, 09 Jan 2015 15:02:24 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "70d-50c3971b66000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BnCXlSh3QdsEUZCizmFYBNVvBD9OyEgfrA3ADCGwIZbA9vIbaPfumBqneL9k2sCXy6r6vmIeCsWWZ%2BCZhfj8adDzDPBiRNX5PDAopVfTyARa5aDHg%2FBb6RBVl9sBvgOKsp83C0J9p%2FLMBFo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84767bbe2cb46adf-FRA
content-length: 1805

GET
H2 200 flag2.jpg
fastshare.live/images/ 2 KB
2 KB 116ms
115ms Image
image/jpeg 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/flag2.jpg
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b78592a8e7100d6bb7b7f20dc817ba91ebd2f49eff1c74ae006234e96e08d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Fri, 09 Jan 2015 15:02:25 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "6e4-50c3971c5a240"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G70iQ6H9cyZhjl6R77N%2BaXNeHEcTGTl%2FcuE1L8I26FrpnKobdbuAeVmHBPYuAMgdwaYeWJ1uWdDkI5qLVOuPyDAJNv8cNaSmNlsI7f9nmWd51p2PgNHp4%2FFUavx3OEP%2FNi3MyQ%2Fiv59tkWQJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84767bbebd446adf-FRA
content-length: 1764

GET
H2 200 flag3.jpg
fastshare.live/images/ 1 KB
2 KB 86ms
84ms Image
image/jpeg 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/flag3.jpg
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d0219fdb4463f49218ca9a44689a21059f46a878eaed0e7a3fdb32c3bec0979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Fri, 09 Jan 2015 15:02:26 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "5e2-50c3971d4e480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQsouRT61jPbkWNq2gPcDVy%2B88gLDqlCWCvfltDu%2BA6jVQvdVBjyRTpm5cLOItCTO1BFVq8hMZZvxezJxc%2F977koLdqKScey3lvbmyoH%2B7PJ5hfzXvb7EEHOAKV1A22OrQW86bJi9KLdippj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84767bbf2dbf6adf-FRA
content-length: 1506

GET
H2 200 flag4.jpg
fastshare.live/images/ 2 KB
2 KB 85ms
83ms Image
image/jpeg 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/flag4.jpg
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db35b4615427cc2501bc635c9eb975793d822edb447a9307726c9a1bd816ffdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Fri, 09 Jan 2015 15:02:26 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "7fb-50c3971d4e480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQFZg%2B%2BK525c63Lux90fA1zOoCcgeLuN3Pc2F9P3UMAKREbX1q6w1PUJLnJNv6CLsGBNKvmG1%2B5F83ss%2FGTHiK84WDKMia0%2FCoNHv%2FQzt%2B1HYqOzzWeonMei8JgxANjuZ4mJ3GbNpc0NaXpt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84767bbf2dc16adf-FRA
content-length: 2043

GET
H2 200 jquery.smartbanner.js Show response
fastshare.live/js/ 16 KB
5 KB 88ms
86ms Script
application/javascript 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery.smartbanner.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2be2da464f8c287bcde8d46a24c1c6bb2139ecbf17dbe339c26ba76a5c9c0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 21 Apr 2017 09:49:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3e2a-54daa2e1d3b40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0M0Lh9j2SQbHbcgZ6%2FxjhV%2BcaqQS4k1QNcyKzwuSSJ5Kno0IOwSp898lziwW1VDYokJrtBD3rJIHRfirxvkoEU2JOSjeMtlcrUSpagA54flyAO8YtHhxmCGGdMZQRNWvTlPEwPfc7JXkWrw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84767bbf2dc36adf-FRA

GET
H2 200 scriptsellMenu.js Show response
fastshare.live/js/ 7 KB
2 KB 86ms
85ms Script
application/javascript 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/scriptsellMenu.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39a0175c3d0e75062d1c7e9bda482515e7f25a9a63363de116f416afe821526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 20 Dec 2014 13:24:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d48-50aa5bd380500-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zni4mQejvo8UYWsjeiEQEsHR5a4fRXZtBb40HDvsifhwBDHaqtkF3Znan2PJUQaakqb5rSpbxRF7pqu2Suvc3SeOCGG3F5xSNH7Cyjjl9lxHmzX6hSCrxQUzod5KmUFALeqZ0TOAimOtFFBv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84767bbf3dc46adf-FRA

GET
H2 200 jquery.cycle.all.js Show response
fastshare.live/js/ 51 KB
14 KB 94ms
93ms Script
application/javascript 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery.cycle.all.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b44d975e1e1f0664d0fb8ab5b2918d08e9497324a021aa93de5894cdb586d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 14 Jul 2013 13:55:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"cb3b-4e1791a37ce80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GC4IMsLxf19vak%2FaXqCekNo%2BzI%2FMrtIq%2BKTIV%2BXuw5Hi%2BirEl3a2ItS82MrgdXy45npxysiOPMh85pn4tBzslG3UpzFDdzzqUZjwPrZiybbAk50Sf4gBH7u%2FFVkWY7QJu9yzqkuI1eKlxCeQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84767bbf3dc56adf-FRA

GET
H2 200 jquery.validate.min.js Show response
fastshare.live/js/ 41 KB
12 KB 90ms
89ms Script
application/javascript 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/jquery.validate.min.js
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3412094a8e56da93c6910b03d47b63d0c4b793cd364e7f23a43020198568701a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 21 Jan 2015 14:32:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a383-50d2a6bec7780-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbKMwIRLeq4qUOYF4Zj3xYy41IBSWesudsTyy82Tn0ttFmg2ZYuR%2BBbUeuyP8P%2B6jdE%2F7tHI8GhPx2Uf1bSpXEguk3cG522DdiQhM5qqmt8dL%2B%2FWqWJSYoKLGFgM3n5L19Y2lvTRamZLfOpi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84767bbf3dc76adf-FRA

GET
H2 200 func.js Show response
fastshare.live/js/ 2 KB
928 B 105ms
104ms Script
application/javascript 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/js/func.js?
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e899c9499a4aca16b1687b5f40517cdc2f5b5ab8b066b28f7b7e4aacd21371e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 12 Mar 2019 12:34:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8a2-583e4e9a155c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhppUG%2FgGOUmhckLc5ixzznpxGLpszJd2vAtBl4Mr1epF5w2IV06KdA5gaQO9YGzX33gFpTiKfaq8siFx%2BGcWjwjONlar6ykvPCbzHFSqK0pjTWE8DKRvAIsD%2Bwv8GLrF8RJLk%2FkK0lKyeTC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84767bbf3dc96adf-FRA

GET
H2 200 rocket.png
fastshare.live/images/ 2 KB
3 KB 83ms
82ms Image
image/png 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/rocket.png
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ea6a16fc73acfa3331a7accf7441177cca1e4f7ad9691d6dc3cc9a1625d8b85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 21 Oct 2021 19:13:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8f2-5cee1b16987c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0ihOGm%2FWg241RS6G2hEZZ3wwDo%2FQWqVPcxsZbuYUb4Uz8vGggAWJAaNntxvy%2FdFZiBwDqghTS2X4VqmssGg50IezkzmXkw2O7pH%2FFM9n60KsISQDHPy3%2F1iNCzqxag4MJw463rtEscVBKZ%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84767bbf3dcc6adf-FRA
content-length: 2290

GET
H2 200 search_icon.png
fastshare.live/images/ 2 KB
2 KB 82ms
81ms Image
image/png 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/search_icon.png
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ed36414b9a251e892299c1bcd854431aaf2d5e4eb6543f4325d60abd30ba85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 09 Jan 2015 15:02:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6f2-50c3972307200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNVOHgQLp%2F3zkc0DwPBUMEbe%2BZLa9Zl5fHoduGFHcTqaeuA05PYpQm%2BFZdlcw9TO%2B7gGQYD445T2bBYKXArf6Cnk49aXCwQ0lx30Ibw0KCjUSFZZaDgKQOYkYQ3ZJ%2FlB4GG9xpmznO0Iqbqx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84767bbf3dcd6adf-FRA
content-length: 1778

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 139ms
53ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 08:00:09 GMT
x-content-type-options: nosniff
age: 98781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8916
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 08:00:09 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 126ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:32:50 GMT
x-content-type-options: nosniff
age: 50020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8892
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 21:32:50 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 171ms
86ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:22:08 GMT
x-content-type-options: nosniff
age: 119062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8800
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:22:08 GMT

GET
H2 200 fontawesome-webfont.woff2
fastshare.live/fonts/ 55 KB
56 KB 112ms
111ms Font
font/woff2 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastshare.live/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 22 Jan 2015 12:52:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ddcc-50d3d2535c400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BgAKO9aAnX8NXqMgLCM0Ob84deeUfk2FFDfnRCP74lt0qTHmD%2BzpTZJdd2ZCDGLGBtU24eF7jEdjgCU2b6sYTi05d1NGMdJqm97wF8ebt9FE61kMXNg7%2FHz6qyq11oDYpBAyIgKFiVM2KwM"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84767bbf6e096adf-FRA
content-length: 56780

GET
H2 200 mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v15/ 7 KB
7 KB 176ms
93ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

676fb70994eb3dc2e6aad2e42e8a027c57c069238a606f7e6bf08099f7d3e0f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 22:55:02 GMT
x-content-type-options: nosniff
age: 217888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7176
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 22:55:02 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v15/ 7 KB
7 KB 161ms
80ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOXOhpKKSTj5PW.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fb940b87ed9001f6562d79e7121997ea213f0fb27073348dcf30c51285d7c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 10:54:55 GMT
x-content-type-options: nosniff
age: 88295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7240
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 10:54:55 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v15/ 7 KB
7 KB 110ms
47ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59ad4aa0ce622dfa0ec74844ee996f7a1ef879dca71d4c8513a5ed51b7063fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 05:27:30 GMT
x-content-type-options: nosniff
age: 194340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7084
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 05:27:30 GMT

GET
H2 200 impr Show response
gaa.adscale.de/ 639 B
978 B 152ms
61ms Script
text/javascript 75.2.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=f57c7d06-f56a-40de-980d-1f34a677947e&nu=0&t=1705577190285&ssl=1&pos=above&ws=https%3A%2F%2Ffastshare.live%2F&uuid=50681ae0-566d-464d-83f3-0622cb15cfd3
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: 386e649df09dc83846fc2b641bed099467991ddc265cde3891519c3855817d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Thu, 18 Jan 2024 11:26:30 GMT
cache-control: no-cache
x-robots-tag: none
content-length: 639
content-type: text/javascript

GET
H2 200 ui-bg_flat_75_ffffff_40x100.png
fastshare.live/images/ui/ 178 B
530 B 83ms
83ms Image
image/png 2606:4700:20::681a:977
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastshare.live/images/ui/ui-bg_flat_75_ffffff_40x100.png
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:977 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 05 Oct 2012 18:49:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b2-4cb54559ebb40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tO2yOjGcEarn7UAK5r%2B4zMI37CVnAR2K5kznem5fDkMw2UTQc5eKkDViwSmGm2VYo2GoJaBq7Wlvwd6TDJxFvj4X3XeBdPJov8aKkEdLgXTCsi9WslGwpQo6JL7vK7%2Br0RzG38T9NcfTFLGQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84767bbfee8c6adf-FRA
content-length: 178

GET
H2 200 userconnect.js Show response
js.adscale.de/ 11 KB
4 KB 40ms
40ms Script
application/javascript 2600:9000:223f:c400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b14b694672a147aa8f4831209101b3b16ecd4be00388cff5df414ebe7a3ea4f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: t8pNE.dBf9JzmYoJiiE5V1cMfOlImzFe
content-encoding: br
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 10:03:49 GMT
last-modified: Thu, 18 Jan 2024 08:03:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 4962
x-amz-server-side-encryption: AES256
etag: W/"78b4b0cafb95265ca700a4b4609d0664"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, stale-while-revalidate=86400
x-amz-cf-id: aGgbq5C2FuPUfZ0B5p0AF3WZIIaGbeaWSvtQ_LZ546V15Tds6dP7IA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4E9C 147 KB
51 KB 190ms
88ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2021102314463136

Requested by

Host: js.adscale.de
URL: https://js.adscale.de/getads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64e1561d010de035f2c60bb41815bcd5c3bd6d44bf9ee6218577d01a947b1540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Origin: https://fastshare.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51326
x-xss-protection: 0
server: cafe
etag: 3609526973247284224
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 11:26:30 GMT

GET
H2 200 userconnect Show response
ih.adscale.de/ 0
56 B 133ms
39ms Script
application/javascript 3.127.87.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=ZTQ1NWE0MA%3D%3D&cbfn=stroeerCoreConnect&ts=1705577190482&umd=false&gdpr_err=CMP_CALL_FAILED&src=userconnect_js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.87.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-87-183.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-length: 0
content-type: application/javascript

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ Frame 4E9C 402 KB
136 KB 192ms
112ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2021102314463136&plah=fastshare.live

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2021102314463136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a69a710b9296b49407b8da9ec13bfc36150b8fe1784e90e5886a1aa80ab73aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139517
x-xss-protection: 0
server: cafe
etag: 5174887627579670580
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 11:26:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240117/r20190131/ Frame E90E 9 KB
4 KB 125ms
38ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240117/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2021102314463136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 17:48:46 GMT
etag: 9219409622527106327
expires: Wed, 31 Jan 2024 17:48:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4647 0
188 B 83ms
82ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2021102314463136&output=html&adk=1812271804&adf=2373185777&lmt=1705577191&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Ffastshare.live%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705577190717&bpp=3&bdt=276&idt=334&shv=r20240117&mjsv=m202401110101&ptt=9&saldr=aa&nras=1&correlator=3346766877358&frm=23&ife=1&pv=2&ga_vid=1151210892.1705577191&ga_sid=1705577191&ga_hid=290842331&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=468&ish=0&ifk=2775715434&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95322195%2C95320870%2C95321627%2C95322163&oid=2&pvsid=250548084678002&tmod=970320849&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7rbzbhm8enzt&fsb=1&dtd=401

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2021102314463136&plah=fastshare.live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 11:26:31 GMT
expires: Thu, 18 Jan 2024 11:26:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4E9C 16 KB
12 KB 86ms
86ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240117&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

774dd73b1b56943b1097bc8d21be2323f72f1ff5bec592700b951084cc392169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12465
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1483 25 KB
11 KB 589ms
589ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2021102314463136&output=html&h=280&slotname=8477927332&adk=496867508&adf=3279755397&pi=t.ma~as.8477927332&w=468&fwrn=3&fwrnh=100&lmt=1705577191&rafmt=1&format=468x280&url=https%3A%2F%2Ffastshare.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705577190720&bpp=2&bdt=279&idt=402&shv=r20240117&mjsv=m202401110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3346766877358&frm=23&ife=1&pv=1&ga_vid=1151210892.1705577191&ga_sid=1705577191&ga_hid=290842331&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=938&biw=1600&bih=1200&isw=468&ish=0&ifk=2775715434&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95322195%2C95320870%2C95321627%2C95322163&oid=2&pvsid=250548084678002&tmod=970320849&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.pqvejpo78xbx&fsb=1&dtd=406

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4dbdc0d37b503bbb1e78eeecf01ba7b9561fedf37e44d8cdfc2f3ef18df20b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10570
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 11:26:31 GMT
expires: Thu, 18 Jan 2024 11:26:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E9C 17 KB
7 KB 324ms
61ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 11:26:31 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 19CC 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fastshare.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 11:05:03 GMT
expires: Fri, 17 Jan 2025 11:05:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A37 829 B
1 KB 137ms
50ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ee4bb57845f33ca4538d3f8a5f76d4b3690b41fd5e6a6004f309cda8552a207

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eAID3WiBc2fz_ZffQKkaDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fastshare.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-eAID3WiBc2fz_ZffQKkaDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 11:26:31 GMT
expires: Thu, 18 Jan 2024 11:26:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 19CC 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 11:05:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A37 0
0 142ms
141ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240117&jk=250548084678002&rc=
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 19CC 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZL0zog
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8A2A 624 B
246 B 81ms
79ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNVjNRmg6chfKuqKLkUfoVApoRX52WLP_mZ0SJpW20BA_wPDlPcqMLXEWoKlgKDI9OmBMKvLTrZczi-t6IBqb9xoGNDkcUIpnf4owv2h8tWfZX8xv-d9Gpd652xzGpKPIoTV2mo0CwTuinc89RrzOHWOxOuVTuZ0-_Qwia9ZyrjztBu0alU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2021102314463136&output=html&h=280&slotname=8477927332&adk=496867508&adf=3279755397&pi=t.ma~as.8477927332&w=468&fwrn=3&fwrnh=100&lmt=1705577191&rafmt=1&format=468x280&url=https%3A%2F%2Ffastshare.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705577190720&bpp=2&bdt=279&idt=402&shv=r20240117&mjsv=m202401110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3346766877358&frm=23&ife=1&pv=1&ga_vid=1151210892.1705577191&ga_sid=1705577191&ga_hid=290842331&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=938&biw=1600&bih=1200&isw=468&ish=0&ifk=2775715434&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95322195%2C95320870%2C95321627%2C95322163&oid=2&pvsid=250548084678002&tmod=970320849&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.pqvejpo78xbx&fsb=1&dtd=406

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2021102314463136&output=html&h=280&slotname=8477927332&adk=496867508&adf=3279755397&pi=t.ma~as.8477927332&w=468&fwrn=3&fwrnh=100&lmt=1705577191&rafmt=1&format=468x280&url=https%3A%2F%2Ffastshare.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705577190720&bpp=2&bdt=279&idt=402&shv=r20240117&mjsv=m202401110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3346766877358&frm=23&ife=1&pv=1&ga_vid=1151210892.1705577191&ga_sid=1705577191&ga_hid=290842331&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=938&biw=1600&bih=1200&isw=468&ish=0&ifk=2775715434&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95322195%2C95320870%2C95321627%2C95322163&oid=2&pvsid=250548084678002&tmod=970320849&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.pqvejpo78xbx&fsb=1&dtd=406
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 11:26:31 GMT
expires: Thu, 18 Jan 2024 11:26:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7F3E 89 KB
31 KB 177ms
176ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 11:26:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 7F3E 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:00:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:00:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 7F3E 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F3E 206 KB
66 KB 249ms
142ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 11:26:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F3E 42 B
63 B 140ms
140ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BWPfJNMkS6LGqfiguHNPSgciNYC3wadCxu1wPf-0nI1TvGYq8fzEdQNr-46CnkqGeG9HklnvsXjBYLeYGr-xsbix0MvsbOUqkkcTza1IH5QQTglQc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8A2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdOE7bNB1t9B9Nefus_lMQ&google_cver=1

43 B
556 B

67ms
66ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdOE7bNB1t9B9Nefus_lMQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNVjNRmg6chfKuqKLkUfoVApoRX52WLP_mZ0SJpW20BA_wPDlPcqMLXEWoKlgKDI9OmBMKvLTrZczi-t6IBqb9xoGNDkcUIpnf4owv2h8tWfZX8xv-d9Gpd652xzGpKPIoTV2mo0CwTuinc89RrzOHWOxOuVTuZ0-_Qwia9ZyrjztBu0alU
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBf2sFhIEY6kGW9nftGdgSClQBVggYb5hlI5O3r4UWFs8T%2FGr%2Bkag96tAiSFZWHYpcADo3v3FMFDfrOxLKT3WmHLNmS8G8rK8ePU4zitHbxPxg6BTkAjW8rs3a8wKlJ2pmJTcS3cj2P8zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84767bc9ec892685-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdOE7bNB1t9B9Nefus_lMQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8A2A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZakK5xe6zbhCnslxYjHDEAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdOE7bNB1t9B9Nefus_lMQ&google_cver=1

43 B
770 B

79ms
79ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdOE7bNB1t9B9Nefus_lMQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNVjNRmg6chfKuqKLkUfoVApoRX52WLP_mZ0SJpW20BA_wPDlPcqMLXEWoKlgKDI9OmBMKvLTrZczi-t6IBqb9xoGNDkcUIpnf4owv2h8tWfZX8xv-d9Gpd652xzGpKPIoTV2mo0CwTuinc89RrzOHWOxOuVTuZ0-_Qwia9ZyrjztBu0alU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CS2vazKobMVS%2BxFlEk0DbcgVnrz7ypejH9DTGMhwUf1flsU8AcKy3MB7mb%2BlXuQnsXQ9rC05C7Bzcih6hdea6dQ2xDCXOzdPVcMyDPzKpv%2BCbOnBxgjRVVNcSM1P4SXFAIrNlRvZSIjBVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84767bca8bc944f8-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHdOE7bNB1t9B9Nefus_lMQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8A2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKydUBtB83Bicb47puMizBg&google_cver=1

43 B
1011 B

44ms
44ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKydUBtB83Bicb47puMizBg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNVjNRmg6chfKuqKLkUfoVApoRX52WLP_mZ0SJpW20BA_wPDlPcqMLXEWoKlgKDI9OmBMKvLTrZczi-t6IBqb9xoGNDkcUIpnf4owv2h8tWfZX8xv-d9Gpd652xzGpKPIoTV2mo0CwTuinc89RrzOHWOxOuVTuZ0-_Qwia9ZyrjztBu0alU

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:31 GMT
an-x-request-uuid: a695aa48-b10e-4cde-a8db-26139a81c486
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKydUBtB83Bicb47puMizBg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8A2A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk3Mjg3NjU4NjQ5MzY2MTAzNQ%3D%3D

170 B
243 B

51ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk3Mjg3NjU4NjQ5MzY2MTAzNQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:31 GMT
an-x-request-uuid: 1b68beaa-6af1-4db2-94f8-97573aebf3ea
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk3Mjg3NjU4NjQ5MzY2MTAzNQ%3D%3D
x-proxy-origin: 80.255.7.108; 80.255.7.108; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F3E 0
20 B 140ms
139ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9837693424023&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F3E 0
20 B 140ms
139ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9837693424023&version=m202309260101&ct=76&x=1&cor=4874482893112901000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7F3E 105 KB
39 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjpfKZkJuJxcbsZjymuZ4tHPeye_MdQrdWQudeTRgVS5u5A14rjI_Qdku1vyJz9kyHbOk9YDnEK81hA7FlO1_7_-AVLjbdQJOUHaQ5D9EKkTqkTjyqU1rtCvL55m8sbTayMusaJtEvI-Tkaldtd-2AapRyWtI9HBkog1RXRJd1MhIIVHY&dbm_d=AKAmf-DCeK2WVv5N1c5uOxLofG5rE3KEgO-oBS0gRj-NL8E6k-O8qbyGnNps-e83g7cUJqBDyckV6ww5t4KVuhk-442FlaRpgzYp6f-n69jHSOTYF7DTdvL1GW5fQqvwBphVUjTfTwRQ9NOh6nVOXwMnVG0alY2HzKpGRHHJ5waofmExpq0tQ-75kIaGr8kO2OkBKAUlQvYcGI9QIFzWWsCH_YYjzo0VVycbjXxLyEhNg8R-qmO8psa6sJ_37tDpBxBXGS7KGMNTjd5ie5WI20yWJpmK-w4MDKQuzeEue-CzWMEdMUWDMZ2VUrW3cvUxSu3-YWygCeX5vaYiiz2Zfr101SatCj5FTOV86hvJ-cKVO6Wk2Xli-W8N9rfVHdMwn39bf8yFR3vom2ef0O9sUSt5-0Uzrpsj2fR9Ejyy6GXUd9JvCM_mcHD_q6Q81iT0yDt1eebPZsfVczr2ZtEyY1GKqJAI0Ku7S-OBFgO84eS18HWed4DVQZuqoNfeWj4UJS98D2o6UG7y7fLhc7df7x-pcGmm6UhjvPjSyy4ll5_Jm_iH3W4MU3A3xOm4K-89ntvJAcxR9jX5PKYtrshV4CNmO9aT31GyCWgrv2VShPGPEdq8C9KKnQ2fuQeXciUOIn_FXeiruiLf8L2SASBILMH8gfprhotItVZSRGaeIPgf2ORs4M3VHhs_KG-08Uq71Hou1HUkCJ48qQ3sjhZE16XdW5cLXyfnfe3F6PBPVaLDKAfyrMF3_rnzrFaoxI0WgatSyX7AfJDwH5S0fZeuK87VNUd2QomX139PzqLJf3kyYHUTrvh0xs8qH-1Hpgn5GhRjlwxGFRxbUGHBUaKRUrNgjXPEVyrlyV-owhIdUHCcrIThe_X58rmMdWUgnc-LNVq3fWFPY5a2vLvqJv769HfFO4U2dN5o6S1sL3q7-ov7vRFhGktEK8kf6o9VmdBaWNiUkHlTF-9wKkdOQtf92woD52IuIAcC_YLJmsXPN1YgEDt5z5PLMs75N0B1EdfEQ9qsqAjKSRWtmVUZFwBBqhFMC30zsq3jXcKTYGgBKRo2mp31dHIyewgGgXGEpL0hEUd4dP73dwzw7PYV8qYWJwXJLR1eL1Bq57dgVpc_0ePqvnN_rUBv4D2__WT-0zIRX3njb2JDVin5wTO_mUpV20Mbi-boBzolkMUPGiK5uKyPUqpQmLfpN8Q4tNaGLHaximNf2WeRs2KOAFfr93AkfX25lmpdNK2gBDVp5LY6jJSMZ0vsTV4BmrScezp5BSezgEcnRUdn_P7Nn1cQv1t6KCsojjcI2EhfmI3qV1rYCCdwo66TY_XEH4oaK-GotZ9gbgR9cn8jxfYce0hdOhOjdWX9rgLcRufz66kNMW1YmRSuVqhz-dXWOrLQk-_jmMws4c675g8Nb3pcCNRfQkutHOc3XKheqvqBvVfogL6z6S_PtVzHHAFnZcl2IoDEnqFB2ZPISGtlR-fRu_97c0evg730OPZnBLCUoNDUF7uFg1qPVHymX2b6ULpYWH-iJy0W_wlwf1Gr2jkHgYy95PEhmdMNL3RJLogbZPgTZSLED8kbW6LSf3hXclo68oEVPBS5S_siFhKy-SuEt4FUz1Xe_M3E7dFEVTnVJ1Pf8AAwJzwnHkePOQqX9SWAtyyluWenW0DR9t1668e3KLfZ3lew8WgPdBOqEY8PV0rqfLb0iD46_WXVNntDY7w_9WM4pLhCU0s0vsso_y62bpczG1pvyidxEeDCnZEOTLlO5g9PmZOSkpIG_UJHKU-eiPUCtX2YJH3cLLtsMCXg7iz32LYIZrXdMDCA7fTyPyr8e6hzoJ5DL0NrfEZiBAWBGNUxf8YvMCpRZI2d11kCO6yRQTv3ddzX1Pn_t6ZdHKUOVZt6dnXgms2tj29CEgAXNkXsGGP1m-leCoMyDQ0ed_tCSRVOv4cpOhPnJZyuOuG9pplHbdg99C73oeV5LyrqbyODqG7a2dXy3ekpaPpkTCzbjWD6F3pBRpXjTqTpRY7gG05k0gQaqeF6baCaIn7Eu3iUvqO0pyI7z76x9su6PkjOeCiyjBgDZjY6-CA_36mc948uUgcdCnITJrKyUOEB6FeYTEyIPGUCvCitCj9XED9BlN5I7CNcKeaT-i0EDJUt8kf9OmS2CvAqvDSYgDJMbeTq-JD54GEacBD1cRquhh3cfrZvvwicbcgM3gVp3qM1F5SbBv1f_p5RGX9auHl22gMAs0V3I_8nxLKGi61GCZiKyYcf89EcBvLOSak8828utU4StnzRGvvOEKpHyvZVkDxNMeLHGd_O8STEXcoGYt6R2ToqRciRzeMzDdMed_sCD3o-5rv8ILtkn-YKF-Q48CIVEjq1ry3HiKwUHeBCtuT0l-vFtOooQeC0g_CtZpR65Qa-v0kUcKZoKuI58EKLAfhuHhb7TpL7rUTp0RD9lt0qL3ZBiElO-WmCKnDwpBbY_AvM-1wSpu572ISw-p4AXlbuMNCZW6_IwHugiG9Wza6iG_klsg1jsehPSpQKkiScIKDWRCK_RJptVQgmG7syuQ6RhWO5uDykRfTbWhRhsUbV9-0Cn9eKrEYXHFyGOkLjN4cjDc2TvMHk6QL6LIPmkuECe4JDvVZerzH4PwLxWKYnUTAB8t5CRlz0tWL9ZvsdL0X-bPTcD4TuwXI-m5305bqWXrQTxDk1DVD8FMT2eonrgpGmafc4b8lESQfV_hWzcnGvJHwN2ulNg5-vn6y3Av0c9v4WlRwIG7OgZETY9zN7HCW2j7dFR1q92PNHktSsrGm4p9BvsV5Mj5rrNW_nPV-pRT2prxsb-A_0k1sbUwOztqRjDy_Owy4DdAZb8fNzOqtFVjSj-DOwFYvTN2K_Rmx6jlmWXYhUYQWv9TtDLi8LnSwoweoSXI7ukmYqrRKh7h9-aBC_3BLgFMWWvqRZ6hlfQHaaTA-BOt5AdnatPL5e5wFK1NyNO7wlXKJCZGsR8nSzNs6w15-NL25qVSMlnELBjEoMienCXvDFBuzwaxM5pVZHd2ZYbGGQHbj3fU8kkLw6cnKF4OXCVg_pwHhucW7GpQT_a0d3x43nBpai8dMNA9N2utf47Rotq0BfJZreFP2ob8fy3NVKDXB5ZH3vdSYpoNghcZ7sy-tq3N669CpzSFMC5s7NLrxNR6YRob8mi38XvH0HV8Kp_8rIfx7X5HKJbPSVmruBlFMex3UqhbpYXBOL6yOLbdnFzW0dIi_4daEiWjQRtXETItQHbeAkPm-X2hpjB1Y2WfMDLBdL_rUBs-eLswZ27KtHv3GV_JBoxAtlnSwsropvVAz8IewvBCF0My1afoOLTKGJYVyEwWe6xn3qT1wHFnpilmAdPX2IKA60Ep0wFADKR0D2wIhaAWYPZ_fCY4PiKFAR3rDaCJ15fHSRPcaS0TcLyVuOoTiRI_wQ-mIoZy6uFC3PbfAJ_6kVa1cMYgNAvanv446Jxyp0n-LTWgHiiVg-3yVEvmldbvDhUlmIkivdXSe3_DmE8LrqZNJQ-QTNYdQewzKY3Tc6peQ5BI4Njb2ApyziVSdjRK8WbpqajgtdDmGZ3CE&cid=CAQSTgAvHhf_otyXK2x0kVehq6VhcSysDNA-l9KzxtHZK4uyZYr1-5VKsGv8WgtLA9-JL4GKSjkyRnAcJq6ZxgrA9bmJjH-fW_7Bf-yWrZsp4BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffastshare.live&ds=l&xdt=1&iif=1&cor=4874482893112901000&adk=4069717677&idt=183&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

552b4fbb7113c8903c32588ccea7acaf72b20aeba2ae227736af8ed84096a960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2021102314463136&output=html&h=280&slotname=8477927332&adk=496867508&adf=3279755397&pi=t.ma~as.8477927332&w=468&fwrn=3&fwrnh=100&lmt=1705577191&rafmt=1&format=468x280&url=https%3A%2F%2Ffastshare.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705577190720&bpp=2&bdt=279&idt=402&shv=r20240117&mjsv=m202401110101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3346766877358&frm=23&ife=1&pv=1&ga_vid=1151210892.1705577191&ga_sid=1705577191&ga_hid=290842331&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=938&biw=1600&bih=1200&isw=468&ish=0&ifk=2775715434&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95322195%2C95320870%2C95321627%2C95322163&oid=2&pvsid=250548084678002&tmod=970320849&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.pqvejpo78xbx&fsb=1&dtd=406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7F3E 172 KB
61 KB 159ms
39ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame 7F3E 12 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjpfKZkJuJxcbsZjymuZ4tHPeye_MdQrdWQudeTRgVS5u5A14rjI_Qdku1vyJz9kyHbOk9YDnEK81hA7FlO1_7_-AVLjbdQJOUHaQ5D9EKkTqkTjyqU1rtCvL55m8sbTayMusaJtEvI-Tkaldtd-2AapRyWtI9HBkog1RXRJd1MhIIVHY&dbm_d=AKAmf-DCeK2WVv5N1c5uOxLofG5rE3KEgO-oBS0gRj-NL8E6k-O8qbyGnNps-e83g7cUJqBDyckV6ww5t4KVuhk-442FlaRpgzYp6f-n69jHSOTYF7DTdvL1GW5fQqvwBphVUjTfTwRQ9NOh6nVOXwMnVG0alY2HzKpGRHHJ5waofmExpq0tQ-75kIaGr8kO2OkBKAUlQvYcGI9QIFzWWsCH_YYjzo0VVycbjXxLyEhNg8R-qmO8psa6sJ_37tDpBxBXGS7KGMNTjd5ie5WI20yWJpmK-w4MDKQuzeEue-CzWMEdMUWDMZ2VUrW3cvUxSu3-YWygCeX5vaYiiz2Zfr101SatCj5FTOV86hvJ-cKVO6Wk2Xli-W8N9rfVHdMwn39bf8yFR3vom2ef0O9sUSt5-0Uzrpsj2fR9Ejyy6GXUd9JvCM_mcHD_q6Q81iT0yDt1eebPZsfVczr2ZtEyY1GKqJAI0Ku7S-OBFgO84eS18HWed4DVQZuqoNfeWj4UJS98D2o6UG7y7fLhc7df7x-pcGmm6UhjvPjSyy4ll5_Jm_iH3W4MU3A3xOm4K-89ntvJAcxR9jX5PKYtrshV4CNmO9aT31GyCWgrv2VShPGPEdq8C9KKnQ2fuQeXciUOIn_FXeiruiLf8L2SASBILMH8gfprhotItVZSRGaeIPgf2ORs4M3VHhs_KG-08Uq71Hou1HUkCJ48qQ3sjhZE16XdW5cLXyfnfe3F6PBPVaLDKAfyrMF3_rnzrFaoxI0WgatSyX7AfJDwH5S0fZeuK87VNUd2QomX139PzqLJf3kyYHUTrvh0xs8qH-1Hpgn5GhRjlwxGFRxbUGHBUaKRUrNgjXPEVyrlyV-owhIdUHCcrIThe_X58rmMdWUgnc-LNVq3fWFPY5a2vLvqJv769HfFO4U2dN5o6S1sL3q7-ov7vRFhGktEK8kf6o9VmdBaWNiUkHlTF-9wKkdOQtf92woD52IuIAcC_YLJmsXPN1YgEDt5z5PLMs75N0B1EdfEQ9qsqAjKSRWtmVUZFwBBqhFMC30zsq3jXcKTYGgBKRo2mp31dHIyewgGgXGEpL0hEUd4dP73dwzw7PYV8qYWJwXJLR1eL1Bq57dgVpc_0ePqvnN_rUBv4D2__WT-0zIRX3njb2JDVin5wTO_mUpV20Mbi-boBzolkMUPGiK5uKyPUqpQmLfpN8Q4tNaGLHaximNf2WeRs2KOAFfr93AkfX25lmpdNK2gBDVp5LY6jJSMZ0vsTV4BmrScezp5BSezgEcnRUdn_P7Nn1cQv1t6KCsojjcI2EhfmI3qV1rYCCdwo66TY_XEH4oaK-GotZ9gbgR9cn8jxfYce0hdOhOjdWX9rgLcRufz66kNMW1YmRSuVqhz-dXWOrLQk-_jmMws4c675g8Nb3pcCNRfQkutHOc3XKheqvqBvVfogL6z6S_PtVzHHAFnZcl2IoDEnqFB2ZPISGtlR-fRu_97c0evg730OPZnBLCUoNDUF7uFg1qPVHymX2b6ULpYWH-iJy0W_wlwf1Gr2jkHgYy95PEhmdMNL3RJLogbZPgTZSLED8kbW6LSf3hXclo68oEVPBS5S_siFhKy-SuEt4FUz1Xe_M3E7dFEVTnVJ1Pf8AAwJzwnHkePOQqX9SWAtyyluWenW0DR9t1668e3KLfZ3lew8WgPdBOqEY8PV0rqfLb0iD46_WXVNntDY7w_9WM4pLhCU0s0vsso_y62bpczG1pvyidxEeDCnZEOTLlO5g9PmZOSkpIG_UJHKU-eiPUCtX2YJH3cLLtsMCXg7iz32LYIZrXdMDCA7fTyPyr8e6hzoJ5DL0NrfEZiBAWBGNUxf8YvMCpRZI2d11kCO6yRQTv3ddzX1Pn_t6ZdHKUOVZt6dnXgms2tj29CEgAXNkXsGGP1m-leCoMyDQ0ed_tCSRVOv4cpOhPnJZyuOuG9pplHbdg99C73oeV5LyrqbyODqG7a2dXy3ekpaPpkTCzbjWD6F3pBRpXjTqTpRY7gG05k0gQaqeF6baCaIn7Eu3iUvqO0pyI7z76x9su6PkjOeCiyjBgDZjY6-CA_36mc948uUgcdCnITJrKyUOEB6FeYTEyIPGUCvCitCj9XED9BlN5I7CNcKeaT-i0EDJUt8kf9OmS2CvAqvDSYgDJMbeTq-JD54GEacBD1cRquhh3cfrZvvwicbcgM3gVp3qM1F5SbBv1f_p5RGX9auHl22gMAs0V3I_8nxLKGi61GCZiKyYcf89EcBvLOSak8828utU4StnzRGvvOEKpHyvZVkDxNMeLHGd_O8STEXcoGYt6R2ToqRciRzeMzDdMed_sCD3o-5rv8ILtkn-YKF-Q48CIVEjq1ry3HiKwUHeBCtuT0l-vFtOooQeC0g_CtZpR65Qa-v0kUcKZoKuI58EKLAfhuHhb7TpL7rUTp0RD9lt0qL3ZBiElO-WmCKnDwpBbY_AvM-1wSpu572ISw-p4AXlbuMNCZW6_IwHugiG9Wza6iG_klsg1jsehPSpQKkiScIKDWRCK_RJptVQgmG7syuQ6RhWO5uDykRfTbWhRhsUbV9-0Cn9eKrEYXHFyGOkLjN4cjDc2TvMHk6QL6LIPmkuECe4JDvVZerzH4PwLxWKYnUTAB8t5CRlz0tWL9ZvsdL0X-bPTcD4TuwXI-m5305bqWXrQTxDk1DVD8FMT2eonrgpGmafc4b8lESQfV_hWzcnGvJHwN2ulNg5-vn6y3Av0c9v4WlRwIG7OgZETY9zN7HCW2j7dFR1q92PNHktSsrGm4p9BvsV5Mj5rrNW_nPV-pRT2prxsb-A_0k1sbUwOztqRjDy_Owy4DdAZb8fNzOqtFVjSj-DOwFYvTN2K_Rmx6jlmWXYhUYQWv9TtDLi8LnSwoweoSXI7ukmYqrRKh7h9-aBC_3BLgFMWWvqRZ6hlfQHaaTA-BOt5AdnatPL5e5wFK1NyNO7wlXKJCZGsR8nSzNs6w15-NL25qVSMlnELBjEoMienCXvDFBuzwaxM5pVZHd2ZYbGGQHbj3fU8kkLw6cnKF4OXCVg_pwHhucW7GpQT_a0d3x43nBpai8dMNA9N2utf47Rotq0BfJZreFP2ob8fy3NVKDXB5ZH3vdSYpoNghcZ7sy-tq3N669CpzSFMC5s7NLrxNR6YRob8mi38XvH0HV8Kp_8rIfx7X5HKJbPSVmruBlFMex3UqhbpYXBOL6yOLbdnFzW0dIi_4daEiWjQRtXETItQHbeAkPm-X2hpjB1Y2WfMDLBdL_rUBs-eLswZ27KtHv3GV_JBoxAtlnSwsropvVAz8IewvBCF0My1afoOLTKGJYVyEwWe6xn3qT1wHFnpilmAdPX2IKA60Ep0wFADKR0D2wIhaAWYPZ_fCY4PiKFAR3rDaCJ15fHSRPcaS0TcLyVuOoTiRI_wQ-mIoZy6uFC3PbfAJ_6kVa1cMYgNAvanv446Jxyp0n-LTWgHiiVg-3yVEvmldbvDhUlmIkivdXSe3_DmE8LrqZNJQ-QTNYdQewzKY3Tc6peQ5BI4Njb2ApyziVSdjRK8WbpqajgtdDmGZ3CE&cid=CAQSTgAvHhf_otyXK2x0kVehq6VhcSysDNA-l9KzxtHZK4uyZYr1-5VKsGv8WgtLA9-JL4GKSjkyRnAcJq6ZxgrA9bmJjH-fW_7Bf-yWrZsp4BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffastshare.live&ds=l&xdt=1&iif=1&cor=4874482893112901000&adk=4069717677&idt=183&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:30:46 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame 7F3E 31 KB
12 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:30:46 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7F3E 41 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
DATA 200
OK truncated
/ Frame 7F3E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a8b37b7179f3b694c6062ebb4e9622e3bc5cdcf6c3c3b81300161cfe9e0ad06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3DA6 38 KB
13 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 138744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DA6 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:33:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 16:33:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4E9C 0
0 146ms
145ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240117&jk=250548084678002&bg=!NjWlNXrNAAa8BdJLnAU7ADQBe5WfOGijASqK8487N6Y96B3AjE1nHUUGRB6Fvq2ycIk2XLyPYORUCck_1vfLdMlsgUA7AgAAAE1SAAAAA2gBB5kC3vwt6cyUYptpzqN4VcTvW4r14VU2kbrntZY_n-cZih2Ihy0YUjPY2pXiLJMjWOVvilQelqdLcNLyN9iKpwDPBkxda1YZXJF2we0coHQaxU9re_rDj4owu6nNnkJ3Bdfl3qGDMmE_37nQ2oG3S-i_zgw7wpHpzjuaYlaone3kdXlgqhiA0e9MeetZbdCY-1aK5QOrx263PNQO7igjZvUnxacHWqtLCEuwyBtMB01hJkC7xpWPzdmN9l8Xk9Y0YO6KbOLaGEafbHPZuxNQkP46TrDEIEavs-K7-CbFqyjN-Jec5Kf-xJ5F-WrqjtCbsBBDukCxNNx83dL3j_8luO96tDp9TjgNcVXLIZ4kNlRBr91QZT8_UA6J3SL2GAK9fxapmPn-glC_JeX7MwJaEJHwILCPagJD26EbSZG20cSezh3IbfnEY50wqTeexa7vcsNI-0oARTC0bgUt1zlLy6A3f6NWDVYIE4ItGsIEFI0EGLpvt5kTymewNG0ot-5s2SUS8sdKLGpydw1EKfOSD3PPPDWG3AgdTI76A8qUuJn6xoH3TxZHgEcoJc-JYWYNyoFfGFX67ipW-JjqN2kn2Vc7-ZJIIKtcyYxUxZT46ngV4arKpO8z3MvYSzPRLWJFv82tpsvewzTo5Jnm5JxOL72pT-CuHP8SVsg8xe500mv4JOWl15GDvuI5cTTTu05Oe5P1Bh9itncLEQ3fmlxQKPAQClfb7FuPGz027KKRQhLh3ThCaiYXordKpma3h2FB4HPxeNmck4PRAmPMrrZXXNgVpHUn3gZO1F2d-X5Ins3zLmOCu2DtmwrrIzZ1T2GgkDqHKkrLAEX1hbB3JrCa40SQ4a7yYAg-ge8xCZzroIQwe2Ubfj5mTuv-i4yeqhztu4u6naJuIdp-uCiGPAH3HCZhF6ta5NRaVjQS_pdI6gi0k68AWNPmTSMbdfDW_cJ7TZF-PMvDqImsJs8hhOBDItSJ
Requested by: Host: fastshare.live
URL: https://fastshare.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fastshare.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14732190837570253625/ Frame 8922 673 B
438 B 129ms
47ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd277886d593f0655ca8efffc010682800ed865646f663af81f9bf1e2c4f11f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 409
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 11:26:32 GMT
expires: Fri, 17 Jan 2025 11:26:32 GMT
last-modified: Tue, 16 Jan 2024 15:23:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7F3E 0
0 196ms
81ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtEyU8MvSJFMVFTNrjo0i1DETKt2JlId_k_15clM9UUdIMi_EhImU8jAZhRNqp7_N78ESm03EZ40pgDbyolAHsuaic4rkXQxdFeSJefU9n1mxgg09N0SIp0WH03u6SW1TOdrjs3ydUi6-raq-8T0i5uCTh0qFd5JxI_9HPm65N7U5BN9_a1kSq6XDzWFffSmJUsJWleGLYXmXza1wwEL7j2-DTYk7m1DMgjVO1ylZnPLYnCs-ogZNYp6zw4-ivV1NjSC2kxuVVTHi6-gwdIY7-oxexiS3zF7BfCnI99idJXgtCelUDBC5mG-xa3Sem4gyIIG7N2JLV42Nz7UXfDKtwp_PcVMw4QckZ8Pzyupsjd-OF4qIyYV_v2_0Ec-EHgrgzmQSCEa5B6XJj6WARD3OpbF1ueyc9gQ58-pJpD2_e1JiT8yQvgpQSd46f5fApFfdRuCRt-N0toa7m2Q7PXFg1wlV_WeQY_8vZ7DIQxghPKWxbnIzhcpR1LYUlMBwHhI13MQoNt9LTrNIp5o8gYSRfTAoKY3cnDa0rH-tkVke0bdoIQh5ANZ0DDb_Ji0526rn36M4B_X26xlnmDTPfoW2d_ipGuBFwFDkbQlsBXYA3rzDMrKTx18mVZs0C9Wx28t0lUT1BZ7eo-j44NHt0dAzKHlLGPLleNStKT-8bL6HDhoVA0T8PRmy_3ux_Ch7eQtaUScjVyxOCHvxjqe1ecnPPrMs2UyNv2KUZufjjjes4KVrKXX2ZLJups4lr_Y77w86RBxpgJABEr-6G0QtZGaipEpAaICbKv0m0F4DPM6mbG3penMA4_FD4tmCLIz5DInmxhC3URLS_QC1cmeDOPFwsazo5AvvzZXNAIKOrveR-I37OL_YH2Pw8S993-PwJXRhyhHXzBNBTi8jAlp2jXniPgL9zl-O_VhxZEDXlyLddhcROnjDbrFoaIO5WoRsLFsFmQuaZ_iDA-Tvsk4fg_LJmR7lxD_wv2ukK7Yy96SuA90OJnc_Qcr29hRQbt7SnI8K-02MJobI8aCOn9og27GqAAnQmHEf0s8DbyufJLDBVabmHxK3rUjuwOR9s7JPEo3JXoKqtWvuOFP6IpEN9wwiIuOm3hA18JELjwC3uJbD1jnjt4fMHcbAs_XBoiO7WbXk04qsCd7jLTv0TC_w6nBCXDA0yTi3sj-kTSW-4IJbvbFU5S6Hl1nWD6HtSE3zff-L2zUPkR2sOgUpK5Z8qdAGef_sTRzIPOkLSfVeOWq9vBSqKn3F45v1JBoq_UE_sG4jyvv9bU7oi6QP04VgwXydwNrG2pTyAPyhM&sai=AMfl-YS1-3k3cAekeJLRbdwTUkrAi_-pR695OHpOMaSfCXd_4tkd297LFxzit6MWqWcFSCLZow4L0J3amxOlxKowQaVUAL9DbQArmoFwiU-4zZ0oAS4ooNSk2B5ID2bh2sINSWfu02Gg62yUdAM2V34dijT5H4rl6JTpn3iBnQPJKbcLYn-YOdQSbreUouUy4Ezb_B9ytEOXV_Ll62M7xxb2yK9qdnt8Kcotw_OCira99O1IuuSeSO9IxpkGCb1RgZ7g53hHewTEj8AgXdOiDLDWKqt95LJ01-WwDgOooA&sig=Cg0ArKJSzKtPfVyEr8PaEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=247&cbvp=1&cstd=238&cisv=r20240117.53706&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 Jan 2024 11:26:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA6 0
20 B 144ms
143ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BC_Ue5wqpZcTiO5m49u8PueO32AQAAAAAOAHgBAI&bg=!UlGlUR7NAAZVxkGXdcY7ADQBe5WfOPo47HZXcw9zEH52BqMQXtkVop8xEdIgKTui_o10zR9hX25y_uDWh6h8yYsmEeeYAgAAAHNSAAAABGgBB5kDFKFmNuscWVj8bC8fhC_aINo--bfNFZeUp4U3TexYxNXYj8tbTcCC6NrP2k6Vw3II6CGS_8g07Tn-oPzkYfG4iBCpLcOCe_jKtgaHmr1SuPd5DFNEZ5wJIIVwu2DmiSG__pRJkvw_iipMxzq3vsQWzmNBma-5GA3BXrI_GYnOz4wf7SEGfWawvpmjmlMjm6X-pGXzrhMu0ZLV2O9AwVXc4uiI5y3VJf0dlVLDsaVXNjO5KcGZz3lgz4ks6zgAFl3Z0quSQQ-9YSgk91Dc7vE3vTy_PPRxAsD_FZ1eX6PiKeWVNt608UDN0yr66-bf6mnpStWxNJy0sZHfNKxnBkwVHZjjmPjIlw9OLzHlOYDz0pWq-_6EJHFKteQ0nbVMdcBFf2mK-HPTmeilBcWPuAimDXZ4Z0Dl71sfTLgE69f85VAsAajvnj9TEk0Un5wf3F2UB5Fe8xNDbibDi7rbWq0yxh_1Cexeq6EPO-yHobJB-_ZAPBOdTYSz61_ZnMl79MypySxsIdnZ1tLyhUrt00bSHbDpfv7kmu_HVQyds3_6tEnpmyjkiQxf9iQVpw4_teYvGj6hHjvxVM9fHdMTVslF94VbH0EeU_c5w_qBRl2blF5KtwxSGcv7kj2gYc7wX3j3jWr-zNmWEh063V3w5Cs-MR29QG_zeyIZ7pf8UdXhyHMHg0sioLoXId57_vsbBde1OxCPT11gkPq0d5oMdBmH3BKGiU4CSB3uM-pqaeMmZVee7-9X1jQ-9i9pjy4_L60-dFfPhDbneuczZTTQcNAPqJTYUecvpfAG2wRvIRGOoylma77j-MEpU03MOKiD0yH45lbAdrTOQzJLdJRNr65xOspmLxahpgsedYogcipiJoYYnbIVf4X2fnDvRnYv5UDzVhJkKAEtuZhMPTXHJA6VpQgQnBlmFZux9X5HnGGCVolejOMww8WduNVNaJxnP71vdj6gYNFNJAGoe07CiabiRu9f1gVcniUXm2YIbfKA7l2A5JkNy8MXWvrh5Ukf1-ksXiNZRYpUXfCYfFGaM0iP3wllKqYc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 8922 120 KB
41 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 11:17:24 GMT

GET
H3 200 template-2d058155.js Show response
s0.2mdn.net/sadbundle/14732190837570253625/ Frame 8922 37 KB
13 KB 58ms
57ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14732190837570253625/template-2d058155.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 15:23:51 GMT
date: Tue, 16 Jan 2024 15:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13540
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 15:23:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index-70c4f56f.css
s0.2mdn.net/sadbundle/14732190837570253625/ Frame 8922 4 KB
1 KB 42ms
42ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14732190837570253625/index-70c4f56f.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70c4f56f8e13e9387d9c65b17636a678eb6ccf82a8255cb1d2eb9192f7e478bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 16 Jan 2025 12:37:09 GMT
date: Wed, 17 Jan 2024 12:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1455
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 15:23:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7F3E 0
0 75ms
74ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtEyU8MvSJFMVFTNrjo0i1DETKt2JlId_k_15clM9UUdIMi_EhImU8jAZhRNqp7_N78ESm03EZ40pgDbyolAHsuaic4rkXQxdFeSJefU9n1mxgg09N0SIp0WH03u6SW1TOdrjs3ydUi6-raq-8T0i5uCTh0qFd5JxI_9HPm65N7U5BN9_a1kSq6XDzWFffSmJUsJWleGLYXmXza1wwEL7j2-DTYk7m1DMgjVO1ylZnPLYnCs-ogZNYp6zw4-ivV1NjSC2kxuVVTHi6-gwdIY7-oxexiS3zF7BfCnI99idJXgtCelUDBC5mG-xa3Sem4gyIIG7N2JLV42Nz7UXfDKtwp_PcVMw4QckZ8Pzyupsjd-OF4qIyYV_v2_0Ec-EHgrgzmQSCEa5B6XJj6WARD3OpbF1ueyc9gQ58-pJpD2_e1JiT8yQvgpQSd46f5fApFfdRuCRt-N0toa7m2Q7PXFg1wlV_WeQY_8vZ7DIQxghPKWxbnIzhcpR1LYUlMBwHhI13MQoNt9LTrNIp5o8gYSRfTAoKY3cnDa0rH-tkVke0bdoIQh5ANZ0DDb_Ji0526rn36M4B_X26xlnmDTPfoW2d_ipGuBFwFDkbQlsBXYA3rzDMrKTx18mVZs0C9Wx28t0lUT1BZ7eo-j44NHt0dAzKHlLGPLleNStKT-8bL6HDhoVA0T8PRmy_3ux_Ch7eQtaUScjVyxOCHvxjqe1ecnPPrMs2UyNv2KUZufjjjes4KVrKXX2ZLJups4lr_Y77w86RBxpgJABEr-6G0QtZGaipEpAaICbKv0m0F4DPM6mbG3penMA4_FD4tmCLIz5DInmxhC3URLS_QC1cmeDOPFwsazo5AvvzZXNAIKOrveR-I37OL_YH2Pw8S993-PwJXRhyhHXzBNBTi8jAlp2jXniPgL9zl-O_VhxZEDXlyLddhcROnjDbrFoaIO5WoRsLFsFmQuaZ_iDA-Tvsk4fg_LJmR7lxD_wv2ukK7Yy96SuA90OJnc_Qcr29hRQbt7SnI8K-02MJobI8aCOn9og27GqAAnQmHEf0s8DbyufJLDBVabmHxK3rUjuwOR9s7JPEo3JXoKqtWvuOFP6IpEN9wwiIuOm3hA18JELjwC3uJbD1jnjt4fMHcbAs_XBoiO7WbXk04qsCd7jLTv0TC_w6nBCXDA0yTi3sj-kTSW-4IJbvbFU5S6Hl1nWD6HtSE3zff-L2zUPkR2sOgUpK5Z8qdAGef_sTRzIPOkLSfVeOWq9vBSqKn3F45v1JBoq_UE_sG4jyvv9bU7oi6QP04VgwXydwNrG2pTyAPyhM&sai=AMfl-YS1-3k3cAekeJLRbdwTUkrAi_-pR695OHpOMaSfCXd_4tkd297LFxzit6MWqWcFSCLZow4L0J3amxOlxKowQaVUAL9DbQArmoFwiU-4zZ0oAS4ooNSk2B5ID2bh2sINSWfu02Gg62yUdAM2V34dijT5H4rl6JTpn3iBnQPJKbcLYn-YOdQSbreUouUy4Ezb_B9ytEOXV_Ll62M7xxb2yK9qdnt8Kcotw_OCira99O1IuuSeSO9IxpkGCb1RgZ7g53hHewTEj8AgXdOiDLDWKqt95LJ01-WwDgOooA&sig=Cg0ArKJSzKtPfVyEr8PaEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=471&vt=11&dtpt=224&dett=3&cstd=238&cisv=r20240117.53706&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: fastshare.live
URL: https://fastshare.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8922 7 KB
6 KB 88ms
88ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14c2a13c2f24d6e7723ae6f64e657af06f4ee5fcae05047e29b9be809d414f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5725
x-xss-protection: 0

GET
H3 200 kacheln.svg
s0.2mdn.net/4528404/1693566003742/ Frame 8922 1 KB
508 B 41ms
40ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1693566003742/kacheln.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f53e834474e33540f149e24fb765f3ccbb808b07c2e650ae1aafdb165611c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 09:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 482
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 11:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 09:00:39 GMT

GET
H3 200 agata.png
s0.2mdn.net/4528404/ Frame 8922 2 MB
2 MB 45ms
44ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/agata.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96ba8dcd11d2e05a343a7dfe34dbae7c1fb48cda32eec0532d006b0ef2e20e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 09:05:54 GMT
x-content-type-options: nosniff
age: 8438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2436365
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 10:30:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 09:05:54 GMT

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 8922 5 KB
2 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 17:08:31 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 8922 2 KB
1 KB 44ms
43ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 15:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 15:56:16 GMT

GET
H3 200 stoerer-links-oben-pink.svg
s0.2mdn.net/4528404/1698156002479/ Frame 8922 566 B
403 B 44ms
43ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1698156002479/stoerer-links-oben-pink.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d8e57ac9942eeefb1d01232cc721f5a059607dfb5272c0bd259397beb1550c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 08:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 377
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 14:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 08:14:10 GMT

GET
H3 200 beste-d-netzt-vertikal.svg
s0.2mdn.net/4528404/1693818003522/ Frame 8922 4 KB
2 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1693818003522/beste-d-netzt-vertikal.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8932f2b80fe5bfb96d164927d1071e51fd267bee9efdafdeed14ada1bbd663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 02:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1708
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 09:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 02:31:16 GMT

GET
H3 200 logo-d0d80991.svg
s0.2mdn.net/sadbundle/14732190837570253625/ Frame 8922 5 KB
2 KB 43ms
42ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14732190837570253625/logo-d0d80991.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 15:23:55 GMT
date: Tue, 16 Jan 2024 15:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 15:23:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8922 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 11:26:32 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B55 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 11:05:03 GMT

GET
H3 200 InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 8922 14 KB
14 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14732190837570253625/index-70c4f56f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index-70c4f56f.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:26:12 GMT
x-content-type-options: nosniff
age: 20
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14644
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 11:41:12 GMT

GET
H3 200 InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 8922 28 KB
28 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14732190837570253625/index-70c4f56f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index-70c4f56f.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:21:54 GMT
x-content-type-options: nosniff
age: 278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28596
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 11:36:54 GMT

GET
H3 200 kacheln.svg
s0.2mdn.net/4528404/1693566003742/ Frame 8922 1 KB
508 B 40ms
39ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1693566003742/kacheln.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f53e834474e33540f149e24fb765f3ccbb808b07c2e650ae1aafdb165611c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 09:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 482
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 11:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 09:00:39 GMT

GET
H3 200 agata.png
s0.2mdn.net/4528404/ Frame 8922 2 MB
2 MB 41ms
40ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/agata.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96ba8dcd11d2e05a343a7dfe34dbae7c1fb48cda32eec0532d006b0ef2e20e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14732190837570253625/index.html?e=69&leftOffset=0&topOffset=0&c=GrRFT3uBSz&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 09:05:54 GMT
x-content-type-options: nosniff
age: 8438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2436365
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 10:30:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 09:05:54 GMT

GET
H2 200 dc_oe=ChMIhPKolermgwMVGZz9Bx258Q1LEAAYACC3mOVcQhMIpYj3lOrmgwMVCKZ3Ch16PAbq;dc_eps=AHas8cCfzN_z9Yi_nq_XYfOi9jX4jMmLcUnybmSI1Yk_Li_3bpUjTtKtLEixViMu-sIrQMVXAoEosFk;stragg=1;&timestamp=1705577192908;s...
ade.googlesyndication.com/ddm/activity/ Frame 7F3E 42 B
401 B 303ms
73ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhPKolermgwMVGZz9Bx258Q1LEAAYACC3mOVcQhMIpYj3lOrmgwMVCKZ3Ch16PAbq;dc_eps=AHas8cCfzN_z9Yi_nq_XYfOi9jX4jMmLcUnybmSI1Yk_Li_3bpUjTtKtLEixViMu-sIrQMVXAoEosFk;stragg=1;&timestamp=1705577192908;str=nextSlide;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7F3E 42 B
64 B 146ms
146ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst79ZRl1AdRRuJaQ4pAwIS7wHvjA2X0Zijt-2HnMbgc4WB3hP9WJlu8pYva7lgjK1X0qtdq1QBs6VBG9jJd8hgr4ZfWOxg3CfYuv7qGWr59Tr0azFGeZsYSIsf-9pXL5ijgP6uv2LakM3SllEtl8slpNAVQ&sai=AMfl-YS1sfggmfOyrr9izvq0S7NV0ypIANKfzg2hMSeeNclRU8bKNwCs0iA2-TpykdgTUa09wpxufCAr1MPEB0R0u5V9gNyPBn4eOTrmZdfpTjh7SPOTiPAJi1T28EMPcnUPf04c6Ln0dHLheXbOw0lq&sig=Cg0ArKJSzL6uBLiQf5d9EAE&cid=CAQSTgAvHhf_otyXK2x0kVehq6VhcSysDNA-l9KzxtHZK4uyZYr1-5VKsGv8WgtLA9-JL4GKSjkyRnAcJq6ZxgrA9bmJjH-fW_7Bf-yWrZsp4BgB&id=lidar2&mcvt=1000&p=0,295,30,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=496867508&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705577191735&rpt=422&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F3E 0
20 B 140ms
140ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9837693424023&version=m202309260101&ct=76&x=1&cor=4874482893112901000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 11:26:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fastshare.live/	1970-01-21 03:22:17	Name: FS_msg Value: 4b147d38683d886aeb59ca6530569bd07c85b72b
.fastshare.live/	1969-12-31 23:59:59	Name: PHPSESSID Value: jrr4cc1eam0hhbcga5uhucbcf2
fastshare.live/	1970-01-21 02:31:53	Name: popupseen29 Value: true
.fastshare.live/	1970-01-21 03:22:17	Name: lang Value: cs
fastshare.live/	1970-01-21 03:22:17	Name: FS_bd Value: 8742bd3d1e3e0b7acaea2fa5cccdf7848ecac7e2
.adscale.de/	1970-01-21 02:28:33	Name: cct Value: 1705577190415
.adscale.de/	1970-01-21 02:28:33	Name: uu Value: 591dd6e49e884cc595b9b181a66eb32c
.doubleclick.net/	1970-01-21 03:07:53	Name: IDE Value: AHWqTUly1lD9F_AYhO5_CrENgfVTv48toYDikxML-sAefR_F8cYhbxb1mUPa_JjO
.casalemedia.com/	1970-01-21 02:31:53	Name: CMID Value: ZakK5xe6zbhCnslxYjHDEAAA
.casalemedia.com/	1970-01-20 19:55:53	Name: CMPS Value: 5167
.casalemedia.com/	1970-01-20 19:55:53	Name: CMPRO Value: 5167
.adnxs.com/	1970-01-20 19:55:53	Name: uuid2 Value: 3972876586493661035
.adnxs.com/	1970-01-21 03:22:17	Name: XANDR_PANID Value: SIAP4Hfn2SOVxnhswEcZuxQ14-5CZMwjviBeXTHFCmWvndAz7kAFLlTD4IpJiqchvIWyVdLP3ww0uwf7hKZvltS5Jn1zJoEQKFkPAICLVHk.
.adnxs.com/	1970-01-20 19:55:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>?tshr<!]tbPl1M>e)ZlrFUfJ+tGXxoeET2s#Q6I]z?jG)8Q3ZGiHjB<8b#ru>=DlGC3If)y3KL9D3I?+S-z>>J
.doubleclick.net/	1970-01-20 22:05:29	Name: APC Value: AfxxVi5B8pjtD7yF-i0ma68Q94UGST-3vRO8Wj_EuSQdAAudaq8-8w
.fastshare.live/	1970-01-21 03:07:53	Name: __gads Value: ID=40694b516f8c88bf:T=1705577191:RT=1705577191:S=ALNI_Ma5DMRi197Q5Fpm5lZKqdDrswQMBQ
.fastshare.live/	1970-01-21 03:07:53	Name: __gpi Value: UID=00000d43b55dee8a:T=1705577191:RT=1705577191:S=ALNI_MbuffKhR2Dgk2jFw36Wn97XPNAsfA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fastshare.live
fonts.gstatic.com
gaa.adscale.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ih.adscale.de
js.adscale.de
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
142.250.184.226
142.250.185.98
172.64.151.101
185.89.211.84
216.58.206.34
2600:9000:223f:c400:f:4f64:8940:93a1
2606:4700:20::681a:977
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2006
2a00:1450:4001:830::2003
3.127.87.183
75.2.86.129
0a69a710b9296b49407b8da9ec13bfc36150b8fe1784e90e5886a1aa80ab73aa
0a8b37b7179f3b694c6062ebb4e9622e3bc5cdcf6c3c3b81300161cfe9e0ad06
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0219fdb4463f49218ca9a44689a21059f46a878eaed0e7a3fdb32c3bec0979
14c2a13c2f24d6e7723ae6f64e657af06f4ee5fcae05047e29b9be809d414f09
1a8932f2b80fe5bfb96d164927d1071e51fd267bee9efdafdeed14ada1bbd663
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1b78592a8e7100d6bb7b7f20dc817ba91ebd2f49eff1c74ae006234e96e08d7e
1e430bd1c5cc3d579824822786e7605d36ac37a8b44f8b99480b00cb045917de
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
2655d8437f05395e15a73021d97052e72c60130fd2f3792152e018a77bdff31c
2fb940b87ed9001f6562d79e7121997ea213f0fb27073348dcf30c51285d7c3a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3412094a8e56da93c6910b03d47b63d0c4b793cd364e7f23a43020198568701a
35df8a00a21530ec3f17faeb3feb03b4e11c4630396c452bb98dbc9bee18c49d
386e649df09dc83846fc2b641bed099467991ddc265cde3891519c3855817d5e
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44ed36414b9a251e892299c1bcd854431aaf2d5e4eb6543f4325d60abd30ba85
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
552b4fbb7113c8903c32588ccea7acaf72b20aeba2ae227736af8ed84096a960
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
58b44d975e1e1f0664d0fb8ab5b2918d08e9497324a021aa93de5894cdb586d4
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d8e57ac9942eeefb1d01232cc721f5a059607dfb5272c0bd259397beb1550c
64e1561d010de035f2c60bb41815bcd5c3bd6d44bf9ee6218577d01a947b1540
676fb70994eb3dc2e6aad2e42e8a027c57c069238a606f7e6bf08099f7d3e0f8
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6f53e834474e33540f149e24fb765f3ccbb808b07c2e650ae1aafdb165611c15
70c4f56f8e13e9387d9c65b17636a678eb6ccf82a8255cb1d2eb9192f7e478bb
774dd73b1b56943b1097bc8d21be2323f72f1ff5bec592700b951084cc392169
7ee4bb57845f33ca4538d3f8a5f76d4b3690b41fd5e6a6004f309cda8552a207
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
96ba8dcd11d2e05a343a7dfe34dbae7c1fb48cda32eec0532d006b0ef2e20e37
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ea6a16fc73acfa3331a7accf7441177cca1e4f7ad9691d6dc3cc9a1625d8b85
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a59ad4aa0ce622dfa0ec74844ee996f7a1ef879dca71d4c8513a5ed51b7063fc
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ae82507852468a5d918f7be47840b1b507f09e3f7664c8af9f338b804b44f99d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14b694672a147aa8f4831209101b3b16ecd4be00388cff5df414ebe7a3ea4f2
b2be2da464f8c287bcde8d46a24c1c6bb2139ecbf17dbe339c26ba76a5c9c0d9
b4dbdc0d37b503bbb1e78eeecf01ba7b9561fedf37e44d8cdfc2f3ef18df20b0
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
cd277886d593f0655ca8efffc010682800ed865646f663af81f9bf1e2c4f11f6
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
db35b4615427cc2501bc635c9eb975793d822edb447a9307726c9a1bd816ffdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8990cc263d825c9d1265eb049d21f234a903de722666f0061eea283c9a0eac7
e899c9499a4aca16b1687b5f40517cdc2f5b5ab8b066b28f7b7e4aacd21371e7
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39a0175c3d0e75062d1c7e9bda482515e7f25a9a63363de116f416afe821526
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

fastshare.live Open in urlscan Pro 2606:4700:20::681a:977 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

95 %HTTPS

56 %IPv6

10 Domains

16 Subdomains

17 IPs

2 Countries

5706 kBTransfer

7247 kBSize

17 Cookies

9 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fastshare.live Open in urlscan Pro
2606:4700:20::681a:977 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

95 %
HTTPS

56 %
IPv6

10
Domains

16
Subdomains

17
IPs

2
Countries

5706 kB
Transfer

7247 kB
Size

17
Cookies

85 HTTP transactions
1 data transactions