autoclicker.en.uptodown.com Open in urlscan Pro
104.90.137.209  Public Scan

64 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzuwad2u7DVhVvCpKHbTU0&google_cver=1

Request Chain 62

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdDFzPv7t5HnMteEQuD1YAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjYgG1dgl-MRTgcG9d5yls&google_cver=1

Request Chain 63

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEFveKEH1ZT8z-JQO-KZY8yE&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFveKEH1ZT8z-JQO-KZY8yE%26google_cver%3D1

Request Chain 64

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NDUzMTE0NjMzNjE3NDA3Mg%3D%3D

Request Chain 84

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request windows Show response autoclicker.en.uptodown.com/	66 KB 13 KB	244ms 135ms	Document text/html	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx / Resource Hash cad2495fe236b7e65e9920edcba34ee971893df9d271c72b58232f59bd4d451b Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx content-type text/html;charset=UTF-8 strict-transport-security max-age=16000000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-frame-options SAMEORIGIN content-encoding gzip content-length 12618 cache-control private, max-age=60 expires Sat, 01 Jan 2022 21:22:16 GMT date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding
GET H2	200	94ca3514a654be0fd6557d1a38bfc225e7b3e57715af8c9576edb9d351c283c4:200 img.utdstc.com/icon/94c/a35/	994 B 1 KB	55ms 11ms	Image image/webp	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/94c/a35/94ca3514a654be0fd6557d1a38bfc225e7b3e57715af8c9576edb9d351c283c4:200 Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 567991343204392bf4514d04497b2836b7f22745b27d024dc65297eb65e863a7 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Sun, 10 Oct 2021 16:37:03 GMT server nginx etag "616316af-3e2" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=7252 date Sat, 01 Jan 2022 21:21:16 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 994 x-xss-protection 1; mode=block expires Sat, 01 Jan 2022 23:22:08 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	19 KB 7 KB	43ms 26ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 BXRr8anumVFsMvgN5QlueA== age 2539 vary Accept-Encoding content-length 6508 x-ms-lease-status unlocked last-modified Thu, 30 Dec 2021 19:02:47 GMT server cloudflare etag 0x8D9CBC6F83D92FD expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 9be7e4b9-c01e-0144-03bd-fd42df000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6c6ecbdc7d723260-FRA
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	78 KB 27 KB	56ms 20ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash 1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1089 / 425 of 1000 / last-modified: 1639397097" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26912 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 01 Jan 2022 21:21:16 GMT
GET H2	200	vendor.css stc.utdstc.com/1640947956890/	5 KB 2 KB	54ms 10ms	Stylesheet text/css	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1640947956890/vendor.css Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 8d42b52d0ee5987a43c5763d7e433557ca6ac4c43a23445be5f9769762b8566b Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"61cee1af-12e6" x-cache-status MISS content-length 1677 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 31 Dec 2021 10:55:43 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type text/css cache-control max-age=15552000, public content-security-policy default-src 'self' expires Wed, 29 Jun 2022 11:01:09 GMT
GET H2	200	detail.css stc.utdstc.com/1640947956890/	40 KB 7 KB	53ms 10ms	Stylesheet text/css	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1640947956890/detail.css Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 5b3b9bda8870fddbb25e02603d3f16da8ab18337a2ed0adc3a5ca1d667b10923 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"61cee1af-a0a6" x-cache-status MISS content-length 6525 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 31 Dec 2021 10:55:43 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type text/css cache-control max-age=15552000, public content-security-policy default-src 'self' expires Wed, 29 Jun 2022 11:01:12 GMT
GET H2	200	vendor-en.js Show response stc.utdstc.com/1640947956890/	76 KB 25 KB	57ms 17ms	Script application/javascript	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1640947956890/vendor-en.js Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash f804374205f0854ac486f90207fdc4f9f71b1480702ee21f0c70d8eae8a715f2 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"61cee1af-12eb1" x-cache-status MISS content-length 25300 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 31 Dec 2021 10:55:43 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type application/javascript cache-control max-age=15552000, public content-security-policy default-src 'self' accept-ranges bytes expires Wed, 29 Jun 2022 11:01:27 GMT
GET H2	200	detail-en.js Show response stc.utdstc.com/1640947956890/	61 KB 13 KB	60ms 21ms	Script application/javascript	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1640947956890/detail-en.js Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 15d90255d64a8631dbbc3ed83812cc9da66892ddea05b4b0a95dcf777153e739 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"61cee1af-f295" x-cache-status MISS content-length 12515 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 31 Dec 2021 10:55:43 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type application/javascript cache-control max-age=15552000, public content-security-policy default-src 'self' accept-ranges bytes expires Wed, 29 Jun 2022 11:01:28 GMT
GET H2	200	header-btn-menu.svg stc.utdstc.com/img/	329 B 566 B	55ms 16ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/header-btn-menu.svg Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash edf9aaeb4b02399681f93612ffecac6f2347009bffd52fb5eab056939c2399aa Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6183e0e7-149" x-cache-status MISS content-length 190 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Thu, 04 Nov 2021 13:32:23 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Fri, 13 May 2022 09:05:25 GMT
GET H2	200	logo.svg stc.utdstc.com/img/	4 KB 1 KB	54ms 16ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/logo.svg Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 9d72f0312a1466baa268cc0ded170291c5037335cf124f840e4397dbfa850cc4 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"5f6867d7-fce" x-cache-status MISS content-length 918 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Mon, 21 Sep 2020 08:44:07 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Sun, 22 May 2022 09:36:49 GMT
GET H2	200	header-btn-search.svg stc.utdstc.com/img/	582 B 696 B	31ms 14ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/header-btn-search.svg Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 3905e01fb4ee5610d7a1076f1c7794f9e41aa81a8d77d915cabeeaaf4fea3cc7 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6183e0ff-246" x-cache-status MISS content-length 319 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Thu, 04 Nov 2021 13:32:47 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Fri, 13 May 2022 09:05:25 GMT
GET H2	200	icon-star.svg stc.utdstc.com/img/	506 B 682 B	32ms 15ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-star.svg Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 086082e9c25f074ab48a40655ad9c881dd4f90f10b94b69a3167ad0494932639 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fac6-1fa" x-cache-status MISS content-length 305 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:35:02 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Sun, 22 May 2022 09:36:49 GMT
GET H2	200	icon-comment.svg stc.utdstc.com/img/	209 B 545 B	31ms 13ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-comment.svg Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 1392ed173851ca4cc26834f1b2556167e66620fb81c9dcd222af1bd02f390fe8 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fad8-d1" x-cache-status MISS content-length 169 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:35:20 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Sun, 22 May 2022 09:36:49 GMT
GET H2	200	icon-download.svg stc.utdstc.com/img/	541 B 703 B	29ms 12ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-download.svg Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash c01524a3a9835d934fc9546e82fb2f72eb70ca3528328b537280f8d4d287a12d Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fae5-21d" x-cache-status MISS content-length 326 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:35:33 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Sun, 22 May 2022 09:36:49 GMT
GET H2	200	icon-shield.svg stc.utdstc.com/img/	638 B 742 B	30ms 12ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-shield.svg Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 2c587010af5ec749079fd5a4d6c00d525c66f92da8e877f8ce89a05b4a0d7eeb Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184faf3-27e" x-cache-status MISS content-length 365 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:35:47 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Fri, 13 May 2022 09:05:25 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	93 KB 37 KB	39ms 15ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-313498-1 Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 24572f4f3f57022f58205899911c4f72820d418292911f92b295b57dde7b538c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:16 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37109 x-xss-protection 0 expires Sat, 01 Jan 2022 21:21:16 GMT
GET H2	200	BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2 fonts.gstatic.com/s/robotoslab/v16/	32 KB 33 KB	29ms 7ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2 Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 282da86e1071d060a343341b75391a036a23e28adfc93e879fae9775e45bfd7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://autoclicker.en.uptodown.com/ Origin https://autoclicker.en.uptodown.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 29 Dec 2021 09:44:38 GMT x-content-type-options nosniff age 300998 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32784 x-xss-protection 0 last-modified Thu, 16 Sep 2021 18:11:38 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 29 Dec 2022 09:44:38 GMT
GET H2	200	fe8404ab-f4df-40dd-b535-5d69e11408c8.json Show response cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/	4 KB 2 KB	140ms 119ms	XHR application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/fe8404ab-f4df-40dd-b535-5d69e11408c8.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b643d5ebc5e58fba3d24cbf62e8bfd4ab3f47a9f344e5c7059d9691c9395cc70 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED content-md5 rww2rs18Aetsty0ET9+h2A== vary Accept-Encoding content-length 1884 x-ms-lease-status unlocked last-modified Fri, 17 Dec 2021 07:28:18 GMT server cloudflare etag 0x8D9C12ECC075364 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 4f26796d-f01e-00c0-1d51-f352a2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6c6ecbdccf508be8-FRA expires Sun, 02 Jan 2022 01:21:16 GMT
GET H2	200	uptodown-sticky.js Show response img.utdstc.com/apps/cache/	175 KB 52 KB	8ms 8ms	Script application/javascript	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.utdstc.com/apps/cache/uptodown-sticky.js?v=4 Requested by Host: stc.utdstc.com URL: https://stc.utdstc.com/1640947956890/vendor-en.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 7d9b0c517f4788914440931fe8c4d3d103cc1d3efa45ab479db63f6690987d3a Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"61a8f4e6-2bc09" content-length 52475 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 02 Dec 2021 16:31:34 GMT server nginx x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type application/javascript cache-control max-age=15552000 content-security-policy default-src 'self' accept-ranges bytes expires Wed, 01 Jun 2022 10:31:31 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	163 KB 61 KB	15ms 14ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-313498-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d26a8c2231c34eba91194b77153976179d678cfae9014403e57a12faf1aa2daf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:16 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61862 x-xss-protection 0 expires Sat, 01 Jan 2022 21:21:16 GMT
GET H2	200	menu-windows.svg stc.utdstc.com/img/	274 B 596 B	8ms 7ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/menu-windows.svg Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 58378bf5f6a6c3493374a7e30e2d59b5287f9f3ed854f4e4866da31f36440738 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6183e134-112" x-cache-status MISS content-length 220 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Thu, 04 Nov 2021 13:33:40 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:16 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Sun, 22 May 2022 09:36:49 GMT
GET H2	200	d5928f0fd0b6fc6c46d2bdf26fd71c1c5bee5b21fb39d9912497f0c5a0ccac45:200 img.utdstc.com/screen/d59/28f/	4 KB 4 KB	9ms 8ms	Image image/webp	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/d59/28f/d5928f0fd0b6fc6c46d2bdf26fd71c1c5bee5b21fb39d9912497f0c5a0ccac45:200 Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash ec201610c9cfdcd431cb93ce59df41323cbfab2e0b67926fa7ee422e181e55bb Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 18:07:43 GMT server nginx/1.14.2 etag "607dc6ef-fe0" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=1668 date Sat, 01 Jan 2022 21:21:16 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 4064 x-xss-protection 1; mode=block expires Sat, 01 Jan 2022 21:49:04 GMT
GET H2	200	1bbdcf3e59a85980d137e1f296762c67a0d5be71c5338662ebe74cdc02b87d42:200 img.utdstc.com/screen/1bb/dcf/	4 KB 5 KB	9ms 8ms	Image image/webp	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/1bb/dcf/1bbdcf3e59a85980d137e1f296762c67a0d5be71c5338662ebe74cdc02b87d42:200 Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 733a4c81dafa3225d28de3749bbfc287e00f26fe5567ba00085b0f20a817714a Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 11:25:28 GMT server nginx etag "607d68a8-11ac" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=16854 date Sat, 01 Jan 2022 21:21:16 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 4524 x-xss-protection 1; mode=block expires Sun, 02 Jan 2022 02:02:10 GMT
GET H2	200	8ca635b0af16589723e4bdb37f729c0274c4ef3987e5d7cad8bbee9d7f28f524:200 img.utdstc.com/screen/8ca/635/	4 KB 4 KB	10ms 9ms	Image image/webp	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/8ca/635/8ca635b0af16589723e4bdb37f729c0274c4ef3987e5d7cad8bbee9d7f28f524:200 Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx / Resource Hash eea68515537106e4f83c75a30ba353dbab3be8b0089b6a617a5aa2ba54d1cf6c Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 16:27:06 GMT server nginx etag "607daf5a-1070" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=9550 date Sat, 01 Jan 2022 21:21:16 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 4208 x-xss-protection 1; mode=block expires Sun, 02 Jan 2022 00:00:26 GMT
GET H2	200	2580987f030b4d8be4572c9d9d0ebb72ab298f145616a37df2f6ed2cbe3f1827:200 img.utdstc.com/screen/258/098/	4 KB 5 KB	10ms 10ms	Image image/webp	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/258/098/2580987f030b4d8be4572c9d9d0ebb72ab298f145616a37df2f6ed2cbe3f1827:200 Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx / Resource Hash ed2c0695aea481f7423c2cc9157fa8dc11495b7709b1955145e419aeabd2dce9 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 11:25:28 GMT server nginx etag "607d68a8-1122" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=16917 date Sat, 01 Jan 2022 21:21:16 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 4386 x-xss-protection 1; mode=block expires Sun, 02 Jan 2022 02:03:13 GMT
GET H2	200	b8db5b988f847bb4d3463a84d54f87021e669b41396620aefef0639880032634:200 img.utdstc.com/screen/b8d/b5b/	4 KB 5 KB	11ms 10ms	Image image/webp	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/b8d/b5b/b8db5b988f847bb4d3463a84d54f87021e669b41396620aefef0639880032634:200 Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash f6146176daa2b7737333af228a50c6fb7f5f37bf69953d72df926fe83670e97c Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 17:38:59 GMT server nginx/1.14.2 etag "607dc033-10be" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=7556 date Sat, 01 Jan 2022 21:21:16 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 4286 x-xss-protection 1; mode=block expires Sat, 01 Jan 2022 23:27:12 GMT
GET H3	200	pubads_impl_2021120601.js Show response securepubads.g.doubleclick.net/gpt/	348 KB 117 KB	37ms 19ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash 2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119476 x-xss-protection 0 last-modified Mon, 06 Dec 2021 09:34:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 01 Jan 2022 21:21:16 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	304 B 184 B	30ms 15ms	XHR application/json	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=autoclicker.en.uptodown.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 257102611adba35912d1182ddaa1fe7a6b4470c626ac3c26d9bc6e5b4e771772 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 159 x-xss-protection 0 expires Sat, 01 Jan 2022 21:21:16 GMT
POST H2	204	collect www.google-analytics.com/g/	0 179 B	36ms 14ms	Ping text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-DW5XRK7GYT&gtm=2oec10&_p=1372644808&sr=1600x1200&ul=en-us&cid=2129138816.1641072076&_s=1&dl=https%3A%2F%2Fautoclicker.en.uptodown.com%2Fwindows&dt=AutoClicker%201.0.0.2%20for%20Windows%20-%20Download&sid=1641072076&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://autoclicker.en.uptodown.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 01 Jan 2022 21:21:16 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autoclicker.en.uptodown.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-313498-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6382 date Sat, 01 Jan 2022 19:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sat, 01 Jan 2022 21:34:54 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	165 B 374 B	51ms 34ms	Script text/javascript	2606:4700:10::6814:b844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6c6ecbddaf0fe007-FRA
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	134 KB 36 KB	67ms 20ms	Script application/javascript	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: img.utdstc.com URL: https://img.utdstc.com/apps/cache/uptodown-sticky.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-amz-version-id KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm content-encoding gzip etag 1e39d25f07f5619925357b752ab10d04 age 30 x-cache Hit from cloudfront server Server x-amz-rid 0R606Q7SZ5VMT4JK81RK date Sat, 01 Jan 2022 21:20:49 GMT vary Accept-Encoding content-type application/javascript via 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea9.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop DUS51-P2 accept-ranges bytes timing-allow-origin * x-amz-cf-id 4l3q_2kuVcD4tghJEou-fjfCEQqgsGXMkHn6NJaciIZROjjgnhVH7w==
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	65ms 16ms	Script application/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=autoclicker.en.uptodown.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	53ms 15ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=autoclicker.en.uptodown.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	41 KB 10 KB	740ms 740ms	XHR text/plain	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2608469760198637&correlator=978443337546755&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220101&iu_parts=1060150%2CADHESION_ADS%2CADHESION_LEFT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C160x600%7C120x600&eri=1&cust_params=type%3Dgc%26ssmasdomain%3Dautoclicker.en.uptodown.com%26ssmasin%3D1%26ssmashour%3D21%26ssmascategory%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1641072076&dt=1641072076440&dlt=1641072076202&idt=213&frm=20&biw=1600&bih=1200&oid=2&adxs=-8&adys=300&adks=2300448503&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fautoclicker.en.uptodown.com%2Fwindows&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x3909&msz=300x-1&ga_vid=2129138816.1641072076&ga_sid=1641072076&ga_hid=1372644808&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 8e3b6dee1de2b26ca61547f55e062dcddb299e21fd217c7f14a58e2264476bbd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10524 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://autoclicker.en.uptodown.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	22 KB 11 KB	354ms 354ms	XHR text/plain	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2608469760198637&correlator=1295179365493820&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220101&iu_parts=1060150%2CADHESION_ADS%2CADHESION_RIGHT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C160x600%7C120x600&eri=1&cust_params=type%3Dgc%26ssmasdomain%3Dautoclicker.en.uptodown.com%26ssmasin%3D1%26ssmashour%3D21%26ssmascategory%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1641072076&dt=1641072076445&dlt=1641072076202&idt=213&frm=20&biw=1600&bih=1200&oid=2&adxs=1308&adys=300&adks=421840022&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fautoclicker.en.uptodown.com%2Fwindows&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x3909&msz=300x-1&ga_vid=2129138816.1641072076&ga_sid=1641072076&ga_hid=1372644808&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash a6542250e5bcb1d9672bc383e7852e294270a73672e525cb1e11bbb9e152898a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:16 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11164 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://autoclicker.en.uptodown.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5174	6 KB 4 KB	92ms 14ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Sat, 01 Jan 2022 21:21:16 GMT expires Sun, 01 Jan 2023 21:21:16 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	29ms 14ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1372644808&t=pageview&_s=1&dl=https%3A%2F%2Fautoclicker.en.uptodown.com%2Fwindows&ul=en-us&de=UTF-8&dt=AutoClicker%201.0.0.2%20for%20Windows%20-%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=666390467&gjid=754371283&cid=2129138816.1641072076&tid=UA-313498-1&_gid=1812733322.1641072076&_r=1&gtm=2ouc10&z=2035114388 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://autoclicker.en.uptodown.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 01 Jan 2022 21:21:16 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autoclicker.en.uptodown.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.25.0/	318 KB 76 KB	20ms 20ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 wv3c0qnkBhaWE//T4i2BGA== age 5601703 vary Accept-Encoding content-length 77456 x-ms-lease-status unlocked last-modified Fri, 22 Oct 2021 16:52:46 GMT server cloudflare etag 0x8D9957C5F8AA42D expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id c7192146-801e-00c4-7e63-cca720000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6c6ecbddff483260-FRA
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 448 B	42ms 14ms	XHR text/plain	2a00:1450:400c:c0a::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-313498-1&cid=2129138816.1641072076&jid=666390467&gjid=754371283&_gid=1812733322.1641072076&_u=YADAAUAAAAAAAC~&z=464663842 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://autoclicker.en.uptodown.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 01 Jan 2022 21:21:16 GMT content-type text/plain access-control-allow-origin https://autoclicker.en.uptodown.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 311 B	122ms 121ms	XHR text/plain	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fautoclicker.en.uptodown.com&pubid=9fb11589-5021-48ea-beaa-c53b84a2543f Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:16 GMT via 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea9.cloudfront.net (CloudFront) server Server x-amz-cf-pop DUS51-P2 x-cache Miss from cloudfront access-control-allow-origin https://autoclicker.en.uptodown.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id hnPw9ZyGVtUAlWHaZ6aJ4iE9wzlIBAcCdwQKFVn9OyMmAo4Sy-f70Q==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	43ms 24ms	XHR application/javascript	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-amz-version-id L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96 content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" x-amz-cf-pop DUS51-P2 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Wed, 22 Dec 2021 01:41:37 GMT server AmazonS3 date Sat, 01 Jan 2022 21:21:16 GMT vary Origin access-control-allow-methods GET content-type application/javascript via 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-id Rtopm2C5TbFc98X2Yx51nGEsVMh0l0ASkrpaiaLxIVW98q5tSwyJbA==
GET H2	200	en.json Show response cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/94924637-c1e5-4c85-810e-08532d82add4/	46 KB 10 KB	22ms 21ms	Fetch application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/94924637-c1e5-4c85-810e-08532d82add4/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 465060aafa2f8175137e65e80292a14b544cf34ccab65ce49fb028a763024404 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 u21ME32j6hYb4S+vChIfLQ== age 6271 vary Accept-Encoding content-length 10315 x-ms-lease-status unlocked last-modified Fri, 17 Dec 2021 07:28:30 GMT server cloudflare etag 0x8D9C12ED3749894 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id b5fd722a-701e-0174-06b6-f618f5000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6c6ecbde4aa38be8-FRA expires Sun, 02 Jan 2022 01:21:16 GMT
GET H2	200	iab2Data.json Show response cdn.cookielaw.org/vendorlist/	272 KB 38 KB	14ms 14ms	Fetch application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/vendorlist/iab2Data.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f56ac6c7d8481f7404ef9312cb58f84742761b90f813bdeba8c98fbafef1cf4b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 jpATlDQ6iH30xdinMFIcPQ== age 7822 vary Accept-Encoding content-length 38381 x-ms-lease-status unlocked last-modified Sat, 01 Jan 2022 13:00:05 GMT server cloudflare etag 0x8D9CD26A1D662DD expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 5b87cec8-301e-0099-1943-ff5724000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6c6ecbde4aa58be8-FRA
GET H2	200	otTCF.js Show response cdn.cookielaw.org/scripttemplates/6.25.0/	68 KB 15 KB	27ms 27ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.25.0/otTCF.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 YXJYn5Vw+11yZ/srS1Yf2Q== age 6470021 vary Accept-Encoding content-length 14952 x-ms-lease-status unlocked last-modified Thu, 14 Oct 2021 05:25:47 GMT server cloudflare etag 0x8D98ED3140A205E expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 75965901-e01e-0031-0b6c-c48331000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6c6ecbde4f983260-FRA
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	53ms 31ms	Image image/gif	2a00:1450:4001:82f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-313498-1&cid=2129138816.1641072076&jid=666390467&_u=YADAAUAAAAAAAC~&z=97396837 Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 01 Jan 2022 21:21:16 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 500 B	48ms 47ms	XHR text/javascript	108.156.255.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fautoclicker.en.uptodown.com%2Fwindows&pid=Aa0E1X74duWYH&cb=0&ws=1600x1200&v=7.71.1&t=900&slots=%5B%7B%22sd%22%3A%22ssm_container-394897441%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F1060150%2FADHESION_ADS%2FADHESION_LEFT%22%7D%2C%7B%22sd%22%3A%22ssm_container-929693429%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F1060150%2FADHESION_ADS%2FADHESION_RIGHT%22%7D%5D&schain=1.0%2C1!https%253A%252F%252Fwww.semseoymas.com%252Fsellers.json%2Cc058f544c737782deacefa532d9add4c%2C1%2C%2CUptodown%2Cuptodown.com&pubid=9fb11589-5021-48ea-beaa-c53b84a2543f&gdpre=1&gdprc=CPSJ7n-PSJ7n-AcABBENB8CgAAAAAH_AAChQAAAQ-AJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRFYQOrgp2VwE-oIWACE1ATgRAgxBRgwCAAASAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgKkWignsrEEoO9jTCEMs8CKBR_RUICNZogWBkJCwcxwBICXiyQPMEbgAAAAA.YAAAD_gAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.255.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:16 GMT via 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea9.cloudfront.net (CloudFront) server Server x-amz-cf-pop DUS51-P2 x-amz-rid ZSES71FJH9RKGE4E4KG7 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://autoclicker.en.uptodown.com access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id slskM_Jzv9Cdx9HhetYY-EZ2cyr6y-Q2iHveu2zkbH-YJZNrRVnepw==
GET H2	200	otCenterRounded.json Show response cdn.cookielaw.org/scripttemplates/6.25.0/assets/	9 KB 3 KB	14ms 14ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCenterRounded.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 GusGKeZw4BFJM/nj45byyg== age 7822 vary Accept-Encoding content-length 2584 x-ms-lease-status unlocked last-modified Fri, 22 Oct 2021 16:52:37 GMT server cloudflare etag 0x8D9957C5AAAE362 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id ca03ee3e-e01e-00b9-5656-f23be8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6c6ecbdedbfe8be8-FRA
GET H2	200	otPcTab.json Show response cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/	47 KB 12 KB	17ms 17ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/otPcTab.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 HVRygTYMrq20E07mjabR6A== age 7822 vary Accept-Encoding content-length 11929 x-ms-lease-status unlocked last-modified Fri, 22 Oct 2021 16:52:39 GMT server cloudflare etag 0x8D9957C5B4EFA5E expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 99e98ba6-101e-00ca-7b0c-de4b2b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6c6ecbdedc018be8-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/6.25.0/assets/	20 KB 4 KB	18ms 18ms	Fetch text/css	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Ye6OeZcNyuFoWog7CYs00A== age 7822 vary Accept-Encoding x-ms-lease-status unlocked last-modified Fri, 22 Oct 2021 16:52:54 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin * x-ms-request-id 205da904-601e-00a8-0c49-e00cf3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 6c6ecbdedc028be8-FRA
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	57ms 21ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 35463e5a564ccd11d6fd23a92fab09df672b62d0c4d66062d8dff008aedf5ac8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Sat, 01 Jan 2022 21:21:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8543 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	1162ms 1133ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:17 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 expires Sat, 01 Jan 2022 21:21:17 GMT
GET H3	200	container.html Show response 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B1BA	6 KB 3 KB	21ms 7ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Sat, 01 Jan 2022 21:21:16 GMT expires Sun, 01 Jan 2023 21:21:16 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame F7FA	624 B 974 B	40ms 17ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj4tsCjATAB&v=APEucNVLhFEZaXVOJ7eV2ro9gp7RLcgy0X-c8ch_YVjChOJan97B1HujbzR3bzaZf4E3IvhYMb1u0IJOWoiaUTNVJk79KZ2Uu1VbR1ddVmde2W-E-JFkjSiC3ASYf8F7BRZlL2ic67Gt--qauXJIpTIa-fiERfxd4SgIOhHmRQzIOaLq4-1YbX8 Requested by Host: 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com URL: https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Sat, 01 Jan 2022 21:21:16 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 01 Jan 2022 21:21:16 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame B1BA	24 KB 14 KB	61ms 39ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DC3VGsfj9N9gA-r5naxenJJYHniAnITjJlmVwEXV2HZ9Voctz1r0Ost_Z5gtQbusH37Ob2K8tzyHIF16KyVc1HsiIUudSqWT-n-CJXqgifRvcvVFMpTTZWGZFPWr5xLD8BYDfoG4Fk7zqqaHdS5-E1IgUVww&cry=1&dbm_d=AKAmf-BZEakKhhHSebtvg5_gmjEEr_A1BP7wr7lfMMVM8HskjUcwfCnSpCnnF_bPCJbvZsxVI8ZXtUJHDDspoZhoP1Sj8o-h79n6xTm80gJtTwD52SdtLqboHDWpbZDAedDQPygLkOYJW0J4Xe3Q5Y1dsc0q2KybHEXGbplXuP55qTcFoaNPiUgWqDVz1KSOhMNJY1mmyLjqF6ChjhDhXapkPdY2m7SwD0hWwCqmCkSg5HI_Yb2Is0VxX1yEazPkqM2elnlxj1lzRsT7F1NDqVasZbTr2PRq3ZdQNmQ54nW4nsjm_XrDbQ5GjiQlGxsZ7VhEgnTdjVttqY1Ot_zYHxO5MH-rOQxvwaDZVW84tAeIuV-eTJ67D7N6KXVdyiZ_-LOR67rIcCfNc2DSDKDih2yuEoiaw9X_DA0pBOiqEjyIyv7abtVjRNy8a9Sa9ayYZrirvovLJ9YhtX0GhI8HVsL59mme7HS8mw9vz-V5e8IiSCZH47sBG4AQOn6lFLv4Ar7Rm6ZvCkb7r8gV73EhzoKHmb_S0NAg2lGOobDTKfWfgiY5_nN6AVmsB_OtFUIe24q3uIf72ohboInnadC0nYRIROsQrRwBDdTQkYCFFz3KHTLVfStmlChrPVovogNEzf9Jg4j6SkLqNldiyc2ranIH4ILTyN2KwUiBgSRPp7I4cdv_Th3K5YdcWNc3mTrFcmtmIW9bcfvY1Y_LiRRUhtYCTD73W2HA80cot82XBumcyd6gk48-FJL-7_79kd3fvdKQE2qkGHbwE3FGMv7tnFP0lrjzPO4wG23PetlVyXBEOowGrtGKe6uPboEBp4WV9p0By-akOxy0x1So5Z4Ne5rYyle2zhsXe9HjRgzSGuHJWfzftkJaIvxhWQNbPoOHeLB7gEGui7s2eK-9FrWWTVAUoX0hy-xdbsKfc_fAPolOaNVNYTb5K6qsMIEO6xZ-VNOXKtbB2QmzAOEgFUuZmAc7rJmQRxie0-d20ZVprICu0_mPt_lO8kiM3OlpOn2NaFJm1z_VWhZifDhE1Ets2w7bp_FANugWYdcFgCi0HoG_Zx7OvyLJIK-fSmnwQX6c2ff5wdGuH_j1pYXKWSpVowAy3xdvp0WZ1VCQB1F9rnBUg-z6vc3JLxBxUytLOyXKOBmsZ4-SFnOcpx9RcUO2fVFFRP3PkNtp4M65Yw5PVUUy2UfPD8LxnsO10KQNRjML74Rg0Jj33tIcBk5a7iqq-I-_fec72IVvFPXeDzOK62BIfp7AYinSvC9BwRGbZUumcw50tJIe3TsGqoHFhDk15Nmzzo_xQaeaBddhW96inWvdTmD3XuGBUCmEazoAI4b8DpwOTi2R0GJPF5ZkszYZbMGjZbU6dBnu-7GjygGxnMe_VJihzx-jlLl5J_BGQCNyZNELEza8DrfC37VFEIn5X23U0f5IBdAGaxP25xYR-zVdrQXg5cL8zDsS5_Sq-cMr1rpfeDxdhhDojq-46b9y0GdMvV1fMNosKWLLsznKDmaz6jUsMOblPHZJViY5u5tnGtTDLz2I4Kvb9ax05tP2fqOP5FeNlHzp1V-BiEzGrpY8IJOswvpIjf9_YwRJlIuRYhhPWIDs-xF6hv9GsN3iSlnP7BIS5mMaYr-onYGkJRs7dBsO0-WyRT_Ro0g4ZY47Oc86vAdJbG-jl7O4UodUuhvAEbD26oj3f-oAKqSz0J1yCi6gBt-4kCJFS6hFAYNvmm_FevsCQJ9sRBG50bybrzDOd7KJjPbdaf0WtGe1_lT8onsKnRCxSPxzZC6PgH3sb6d4lGt_q5hBOBoIKGwgBtGt0sn2drPt9wM1O5MV6eT3chx4EujyU2NAQK0L27hQONb8ZfpfT7yvcdp71PHbNKTYCo0E8iAK4-9LaQXAufAE9OEuqMvShoq6ZiaXdtIf22Ytc9QuFIsj3vBEv31MeWjC_IAXBC3VB2BckQZvFxjIFRPjhevpYRabfujCGWDkwN7dsm1ipDcb-6G61o1zy4r28EcijKBxEDRVNUJo0EzfWL_9G7IRjEMCN2YnR1kr2tmkcGZ1LwJS2BCrBMlFYcnGFvhHAKHBk5n7u-fqInrOcd15SjyAgXr6sMylphuTBLkdE62zVF4l5Ua3dPbSwMyqrISq7HOf7zCNMPaBC_U-oDdUfGgJhbUVTK6q2CmSzdJZmzi3YRRdVQfBUjLPlIeE_gV3AJnz65o8eXFKuVzUbkAm7hZd95HrCzfpy0Aw771ztH7KjqydrHk39kE3mr1y_CwTdqO3uiFPF3HiEjfXwl9EctlgqfkEaFDWvHogqdTqTgummMad0qIvFe-hCtutoSjHfJ88tAB6AnIjgIPgP8vWBiS8HgSWUsN4y_2H07QVQQ4J7_i87RzY2AvaKhBx-ScyDXaVWlhBt0NdZTtpRIXl2n8CBR6UVc_4hy-HH9GN7G-yX8pl9H_YmorOv2prgiVoadkATVcoQDh7_S3XmSaQ2MxQgGn1h6tyRNDICfIZCl2sxnAoj38RCPPfUw67qhsQO_BAtDb6Vl-vEoLRBTrpo2mU628O_b1qwKn6YrNbTEF6moJZx-d-4LjEJagD_99m1qx_8aFXL2fiy2LY0g_4dxxIRvUaLyKjnSbgQ9ZqhsMJXAnebGbYQAKmRqFipb_CS53vgCWuoS8pxGhjQSH3fHTGMCcrf8wwX6owKWSa7TonOvzQVIFRNU8QItrzCaiSaShkvAz7XRtppdQdLR58KIuBN7zFJ-Vnpb9sF3Oa6kgLi0QoSXEWucN1vkUL06kHMXohLT0FWwXoAZeEAje8IqqrjYZJtnven_RXeZHWoEwCSbrmlirU9jVFaNWqLDQox_bWb0nFXmVx1vKSZr1IBG8Sv4avE0SEZ1FgXX_hVfIFE3W7WW-xxURuc1sUGLA0KZ3qzBuDfChet2hWI7v9nSXOUy151ya4BWpaKPFuYVUTHzQK-NMQaXXfxdaoI8NkNoHYdFpKKIScQCXZc1zmvFRQsNU1pi6jXgBj9D03-sN8hYe5aeKA0mKz_Zb7WHfKNwuG9n4yg89q2rNPT-A-NRXsSQkS6Yz_LvCA0pXQoowaf2BQtvwK2yBazygir5zPEjJ0J4092ZB3IS8BvHSvo_6LEaRAmrJYFb9UtsTrR3jyGKUjG3BeaP3KVqnAR_RhJf9d06KLVZuDi4WPxRK6Y2dbCrL4GfTnlqkYU8Ij5h136XgZLeaYEeqaW7oPuBF-N7KnDZAbraLVdcesfnXfuLqdiYHaJKV9qg7eeo4yKZRX_sTAalHCyH6Bh0W0JJp1jXi2y9fdreZwEw5oIizzB03YsRfMVrRchfQqI2t0aO1QFUZK-b8rhRnWrF7VnylzpROvltIox0HzZE7KDLbPMOO-bGQ9j52nowrSzSwUJ6KVQq8F_XJWbvZrrT8g_B--11sJUkMvtguhE7HvOn4XGyVTFEzVGp2Hd4aShHNuP9yWUF4Ub0fL5peMo_4EOiHVJKVkIg&cid=CAASFeRoxoSFTvwo3Ow8sfV_X_4wDPhIvQ&rfl=1%2Chttps%253A%252F%252Fautoclicker.en.uptodown.com%252F%240 Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ffb710a930dd836a6f518134d9f38a5495a16974629b81718cacf03878058809 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 01 Jan 2022 21:21:16 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14327 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame B1BA	42 B 63 B	54ms 39ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AX9HueKmv-YSa4La87ocLNc_ZQmkui8pC5mTaMd7jskalWpLJPHzlQs7wEqF9sT8dRHQ1bs343kLq47CvwmHGtcpuCg5qH8ty5ftd98CkURowK7b8 Requested by Host: 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com URL: https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 01 Jan 2022 21:21:16 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame B1BA	2 KB 1 KB	101ms 15ms	Script application/javascript	2a02:26f0:b600:1af::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4172055&sid=18330&dvregion=0&unit=300x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0g96soSTHHl8fVfJ5lLx1aQ&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118298&DVP_DBM_4=342891384&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=30723516090&turl=https://autoclicker.en.uptodown.com/windows&DVP_PP_BUNDLE_ID= Requested by Host: 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com URL: https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:b600:1af::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 21:21:16 GMT Content-Encoding gzip Last-Modified Wed, 08 Dec 2021 09:35:31 GMT Server Microsoft-IIS/10.0 ETag "8f6388f116ecd71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 1163
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame B1BA	8 KB 4 KB	102ms 16ms	Script application/javascript	2a02:26f0:b600:1af::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0g96soSTHHl8fVfJ5lLx1aQ&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118298&DVP_DBM_4=342891384&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=30723516090&turl=https://autoclicker.en.uptodown.com/windows&DVP_PP_BUNDLE_ID= Requested by Host: 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com URL: https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:b600:1af::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash da9aed600982c4847517d696f18e6c08884c6af8af578bba260590373fc63799 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 21:21:16 GMT Content-Encoding gzip Last-Modified Tue, 28 Dec 2021 09:42:49 GMT Server Microsoft-IIS/10.0 ETag "80327b46cffbd71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 3291
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B1BA	2 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js Requested by Host: 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com URL: https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:12:06 GMT content-encoding gzip x-content-type-options nosniff age 550 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1332 x-xss-protection 0 server cafe etag 3351516697335751560 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 15 Jan 2022 21:12:06 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B1BA	119 KB 37 KB	833ms 470ms	Script text/javascript	2a00:1450:4019:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com URL: https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4019:801::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:21:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37305 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1638461285297402" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 01 Jan 2022 21:21:17 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B1BA	15 KB 7 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com URL: https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:04:04 GMT content-encoding gzip x-content-type-options nosniff age 1032 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6464 x-xss-protection 0 server cafe etag 15715955993838318253 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 15 Jan 2022 21:04:04 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame B1BA	0 0	31ms 14ms	Image text/html	2a00:1450:4001:82f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHXaZcJ0MDFxiDLby0gIuc1bAc-CkXyz6G5kPHhWEkdRqSEiXWmWHczaYvzySL4WJ84JloHdnY0LHqP6KX7Rsx13t5_A Requested by Host: 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com URL: https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame F7FA Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzuwad2u7DVhVvCpKHbTU0&google_cver=1	43 B 1014 B	25ms 12ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzuwad2u7DVhVvCpKHbTU0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj4tsCjATAB&v=APEucNVLhFEZaXVOJ7eV2ro9gp7RLcgy0X-c8ch_YVjChOJan97B1HujbzR3bzaZf4E3IvhYMb1u0IJOWoiaUTNVJk79KZ2Uu1VbR1ddVmde2W-E-JFkjSiC3ASYf8F7BRZlL2ic67Gt--qauXJIpTIa-fiERfxd4SgIOhHmRQzIOaLq4-1YbX8 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Sat, 01 Jan 2022 21:21:16 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 01 Jan 2022 21:21:16 GMT Redirect headers pragma no-cache date Sat, 01 Jan 2022 21:21:16 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzuwad2u7DVhVvCpKHbTU0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame F7FA Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdDFzPv7t5HnMteEQuD1YAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjYgG1dgl-MRTgcG9d5yls&google_cver=1	43 B 894 B	13ms 13ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjYgG1dgl-MRTgcG9d5yls&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj4tsCjATAB&v=APEucNVLhFEZaXVOJ7eV2ro9gp7RLcgy0X-c8ch_YVjChOJan97B1HujbzR3bzaZf4E3IvhYMb1u0IJOWoiaUTNVJk79KZ2Uu1VbR1ddVmde2W-E-JFkjSiC3ASYf8F7BRZlL2ic67Gt--qauXJIpTIa-fiERfxd4SgIOhHmRQzIOaLq4-1YbX8 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Sat, 01 Jan 2022 21:21:16 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 01 Jan 2022 21:21:16 GMT Redirect headers pragma no-cache date Sat, 01 Jan 2022 21:21:16 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjYgG1dgl-MRTgcG9d5yls&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame F7FA Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEFveKEH1ZT8z-JQO-KZY8yE&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFveKEH1ZT8z-JQO-KZY8yE%26google_cver%3D1	43 B 1 KB	8ms 8ms	Image image/gif	37.252.172.45 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFveKEH1ZT8z-JQO-KZY8yE%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj4tsCjATAB&v=APEucNVLhFEZaXVOJ7eV2ro9gp7RLcgy0X-c8ch_YVjChOJan97B1HujbzR3bzaZf4E3IvhYMb1u0IJOWoiaUTNVJk79KZ2Uu1VbR1ddVmde2W-E-JFkjSiC3ASYf8F7BRZlL2ic67Gt--qauXJIpTIa-fiERfxd4SgIOhHmRQzIOaLq4-1YbX8 Protocol HTTP/1.1 Server 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Sat, 01 Jan 2022 21:21:16 GMT X-Proxy-Origin 91.199.118.77; 91.199.118.77; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid f6cd309c-91bc-4e72-afdc-c7b8816d8f91 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Sat, 01 Jan 2022 21:21:16 GMT X-Proxy-Origin 91.199.118.77; 91.199.118.77; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 43baa02b-2635-48f7-b7fa-bb4cfa0973cd Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFveKEH1ZT8z-JQO-KZY8yE%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F7FA Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NDUzMTE0NjMzNjE3NDA3Mg%3D%3D	170 B 188 B	17ms 16ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NDUzMTE0NjMzNjE3NDA3Mg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj4tsCjATAB&v=APEucNVLhFEZaXVOJ7eV2ro9gp7RLcgy0X-c8ch_YVjChOJan97B1HujbzR3bzaZf4E3IvhYMb1u0IJOWoiaUTNVJk79KZ2Uu1VbR1ddVmde2W-E-JFkjSiC3ASYf8F7BRZlL2ic67Gt--qauXJIpTIa-fiERfxd4SgIOhHmRQzIOaLq4-1YbX8 Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 01 Jan 2022 21:21:16 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 01 Jan 2022 21:21:16 GMT X-Proxy-Origin 91.199.118.77; 91.199.118.77; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 113b1eae-2b1b-4571-94bb-bcf096afd1b3 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk0NDUzMTE0NjMzNjE3NDA3Mg%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame B1BA	24 KB 9 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DC3VGsfj9N9gA-r5naxenJJYHniAnITjJlmVwEXV2HZ9Voctz1r0Ost_Z5gtQbusH37Ob2K8tzyHIF16KyVc1HsiIUudSqWT-n-CJXqgifRvcvVFMpTTZWGZFPWr5xLD8BYDfoG4Fk7zqqaHdS5-E1IgUVww&cry=1&dbm_d=AKAmf-BZEakKhhHSebtvg5_gmjEEr_A1BP7wr7lfMMVM8HskjUcwfCnSpCnnF_bPCJbvZsxVI8ZXtUJHDDspoZhoP1Sj8o-h79n6xTm80gJtTwD52SdtLqboHDWpbZDAedDQPygLkOYJW0J4Xe3Q5Y1dsc0q2KybHEXGbplXuP55qTcFoaNPiUgWqDVz1KSOhMNJY1mmyLjqF6ChjhDhXapkPdY2m7SwD0hWwCqmCkSg5HI_Yb2Is0VxX1yEazPkqM2elnlxj1lzRsT7F1NDqVasZbTr2PRq3ZdQNmQ54nW4nsjm_XrDbQ5GjiQlGxsZ7VhEgnTdjVttqY1Ot_zYHxO5MH-rOQxvwaDZVW84tAeIuV-eTJ67D7N6KXVdyiZ_-LOR67rIcCfNc2DSDKDih2yuEoiaw9X_DA0pBOiqEjyIyv7abtVjRNy8a9Sa9ayYZrirvovLJ9YhtX0GhI8HVsL59mme7HS8mw9vz-V5e8IiSCZH47sBG4AQOn6lFLv4Ar7Rm6ZvCkb7r8gV73EhzoKHmb_S0NAg2lGOobDTKfWfgiY5_nN6AVmsB_OtFUIe24q3uIf72ohboInnadC0nYRIROsQrRwBDdTQkYCFFz3KHTLVfStmlChrPVovogNEzf9Jg4j6SkLqNldiyc2ranIH4ILTyN2KwUiBgSRPp7I4cdv_Th3K5YdcWNc3mTrFcmtmIW9bcfvY1Y_LiRRUhtYCTD73W2HA80cot82XBumcyd6gk48-FJL-7_79kd3fvdKQE2qkGHbwE3FGMv7tnFP0lrjzPO4wG23PetlVyXBEOowGrtGKe6uPboEBp4WV9p0By-akOxy0x1So5Z4Ne5rYyle2zhsXe9HjRgzSGuHJWfzftkJaIvxhWQNbPoOHeLB7gEGui7s2eK-9FrWWTVAUoX0hy-xdbsKfc_fAPolOaNVNYTb5K6qsMIEO6xZ-VNOXKtbB2QmzAOEgFUuZmAc7rJmQRxie0-d20ZVprICu0_mPt_lO8kiM3OlpOn2NaFJm1z_VWhZifDhE1Ets2w7bp_FANugWYdcFgCi0HoG_Zx7OvyLJIK-fSmnwQX6c2ff5wdGuH_j1pYXKWSpVowAy3xdvp0WZ1VCQB1F9rnBUg-z6vc3JLxBxUytLOyXKOBmsZ4-SFnOcpx9RcUO2fVFFRP3PkNtp4M65Yw5PVUUy2UfPD8LxnsO10KQNRjML74Rg0Jj33tIcBk5a7iqq-I-_fec72IVvFPXeDzOK62BIfp7AYinSvC9BwRGbZUumcw50tJIe3TsGqoHFhDk15Nmzzo_xQaeaBddhW96inWvdTmD3XuGBUCmEazoAI4b8DpwOTi2R0GJPF5ZkszYZbMGjZbU6dBnu-7GjygGxnMe_VJihzx-jlLl5J_BGQCNyZNELEza8DrfC37VFEIn5X23U0f5IBdAGaxP25xYR-zVdrQXg5cL8zDsS5_Sq-cMr1rpfeDxdhhDojq-46b9y0GdMvV1fMNosKWLLsznKDmaz6jUsMOblPHZJViY5u5tnGtTDLz2I4Kvb9ax05tP2fqOP5FeNlHzp1V-BiEzGrpY8IJOswvpIjf9_YwRJlIuRYhhPWIDs-xF6hv9GsN3iSlnP7BIS5mMaYr-onYGkJRs7dBsO0-WyRT_Ro0g4ZY47Oc86vAdJbG-jl7O4UodUuhvAEbD26oj3f-oAKqSz0J1yCi6gBt-4kCJFS6hFAYNvmm_FevsCQJ9sRBG50bybrzDOd7KJjPbdaf0WtGe1_lT8onsKnRCxSPxzZC6PgH3sb6d4lGt_q5hBOBoIKGwgBtGt0sn2drPt9wM1O5MV6eT3chx4EujyU2NAQK0L27hQONb8ZfpfT7yvcdp71PHbNKTYCo0E8iAK4-9LaQXAufAE9OEuqMvShoq6ZiaXdtIf22Ytc9QuFIsj3vBEv31MeWjC_IAXBC3VB2BckQZvFxjIFRPjhevpYRabfujCGWDkwN7dsm1ipDcb-6G61o1zy4r28EcijKBxEDRVNUJo0EzfWL_9G7IRjEMCN2YnR1kr2tmkcGZ1LwJS2BCrBMlFYcnGFvhHAKHBk5n7u-fqInrOcd15SjyAgXr6sMylphuTBLkdE62zVF4l5Ua3dPbSwMyqrISq7HOf7zCNMPaBC_U-oDdUfGgJhbUVTK6q2CmSzdJZmzi3YRRdVQfBUjLPlIeE_gV3AJnz65o8eXFKuVzUbkAm7hZd95HrCzfpy0Aw771ztH7KjqydrHk39kE3mr1y_CwTdqO3uiFPF3HiEjfXwl9EctlgqfkEaFDWvHogqdTqTgummMad0qIvFe-hCtutoSjHfJ88tAB6AnIjgIPgP8vWBiS8HgSWUsN4y_2H07QVQQ4J7_i87RzY2AvaKhBx-ScyDXaVWlhBt0NdZTtpRIXl2n8CBR6UVc_4hy-HH9GN7G-yX8pl9H_YmorOv2prgiVoadkATVcoQDh7_S3XmSaQ2MxQgGn1h6tyRNDICfIZCl2sxnAoj38RCPPfUw67qhsQO_BAtDb6Vl-vEoLRBTrpo2mU628O_b1qwKn6YrNbTEF6moJZx-d-4LjEJagD_99m1qx_8aFXL2fiy2LY0g_4dxxIRvUaLyKjnSbgQ9ZqhsMJXAnebGbYQAKmRqFipb_CS53vgCWuoS8pxGhjQSH3fHTGMCcrf8wwX6owKWSa7TonOvzQVIFRNU8QItrzCaiSaShkvAz7XRtppdQdLR58KIuBN7zFJ-Vnpb9sF3Oa6kgLi0QoSXEWucN1vkUL06kHMXohLT0FWwXoAZeEAje8IqqrjYZJtnven_RXeZHWoEwCSbrmlirU9jVFaNWqLDQox_bWb0nFXmVx1vKSZr1IBG8Sv4avE0SEZ1FgXX_hVfIFE3W7WW-xxURuc1sUGLA0KZ3qzBuDfChet2hWI7v9nSXOUy151ya4BWpaKPFuYVUTHzQK-NMQaXXfxdaoI8NkNoHYdFpKKIScQCXZc1zmvFRQsNU1pi6jXgBj9D03-sN8hYe5aeKA0mKz_Zb7WHfKNwuG9n4yg89q2rNPT-A-NRXsSQkS6Yz_LvCA0pXQoowaf2BQtvwK2yBazygir5zPEjJ0J4092ZB3IS8BvHSvo_6LEaRAmrJYFb9UtsTrR3jyGKUjG3BeaP3KVqnAR_RhJf9d06KLVZuDi4WPxRK6Y2dbCrL4GfTnlqkYU8Ij5h136XgZLeaYEeqaW7oPuBF-N7KnDZAbraLVdcesfnXfuLqdiYHaJKV9qg7eeo4yKZRX_sTAalHCyH6Bh0W0JJp1jXi2y9fdreZwEw5oIizzB03YsRfMVrRchfQqI2t0aO1QFUZK-b8rhRnWrF7VnylzpROvltIox0HzZE7KDLbPMOO-bGQ9j52nowrSzSwUJ6KVQq8F_XJWbvZrrT8g_B--11sJUkMvtguhE7HvOn4XGyVTFEzVGp2Hd4aShHNuP9yWUF4Ub0fL5peMo_4EOiHVJKVkIg&cid=CAASFeRoxoSFTvwo3Ow8sfV_X_4wDPhIvQ&rfl=1%2Chttps%253A%252F%252Fautoclicker.en.uptodown.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 21:06:53 GMT content-encoding gzip x-content-type-options nosniff age 863 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9516 x-xss-protection 0 server cafe etag 14328493792227503680 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 15 Jan 2022 21:06:53 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame B1BA	41 KB 15 KB	23ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DC3VGsfj9N9gA-r5naxenJJYHniAnITjJlmVwEXV2HZ9Voctz1r0Ost_Z5gtQbusH37Ob2K8tzyHIF16KyVc1HsiIUudSqWT-n-CJXqgifRvcvVFMpTTZWGZFPWr5xLD8BYDfoG4Fk7zqqaHdS5-E1IgUVww&cry=1&dbm_d=AKAmf-BZEakKhhHSebtvg5_gmjEEr_A1BP7wr7lfMMVM8HskjUcwfCnSpCnnF_bPCJbvZsxVI8ZXtUJHDDspoZhoP1Sj8o-h79n6xTm80gJtTwD52SdtLqboHDWpbZDAedDQPygLkOYJW0J4Xe3Q5Y1dsc0q2KybHEXGbplXuP55qTcFoaNPiUgWqDVz1KSOhMNJY1mmyLjqF6ChjhDhXapkPdY2m7SwD0hWwCqmCkSg5HI_Yb2Is0VxX1yEazPkqM2elnlxj1lzRsT7F1NDqVasZbTr2PRq3ZdQNmQ54nW4nsjm_XrDbQ5GjiQlGxsZ7VhEgnTdjVttqY1Ot_zYHxO5MH-rOQxvwaDZVW84tAeIuV-eTJ67D7N6KXVdyiZ_-LOR67rIcCfNc2DSDKDih2yuEoiaw9X_DA0pBOiqEjyIyv7abtVjRNy8a9Sa9ayYZrirvovLJ9YhtX0GhI8HVsL59mme7HS8mw9vz-V5e8IiSCZH47sBG4AQOn6lFLv4Ar7Rm6ZvCkb7r8gV73EhzoKHmb_S0NAg2lGOobDTKfWfgiY5_nN6AVmsB_OtFUIe24q3uIf72ohboInnadC0nYRIROsQrRwBDdTQkYCFFz3KHTLVfStmlChrPVovogNEzf9Jg4j6SkLqNldiyc2ranIH4ILTyN2KwUiBgSRPp7I4cdv_Th3K5YdcWNc3mTrFcmtmIW9bcfvY1Y_LiRRUhtYCTD73W2HA80cot82XBumcyd6gk48-FJL-7_79kd3fvdKQE2qkGHbwE3FGMv7tnFP0lrjzPO4wG23PetlVyXBEOowGrtGKe6uPboEBp4WV9p0By-akOxy0x1So5Z4Ne5rYyle2zhsXe9HjRgzSGuHJWfzftkJaIvxhWQNbPoOHeLB7gEGui7s2eK-9FrWWTVAUoX0hy-xdbsKfc_fAPolOaNVNYTb5K6qsMIEO6xZ-VNOXKtbB2QmzAOEgFUuZmAc7rJmQRxie0-d20ZVprICu0_mPt_lO8kiM3OlpOn2NaFJm1z_VWhZifDhE1Ets2w7bp_FANugWYdcFgCi0HoG_Zx7OvyLJIK-fSmnwQX6c2ff5wdGuH_j1pYXKWSpVowAy3xdvp0WZ1VCQB1F9rnBUg-z6vc3JLxBxUytLOyXKOBmsZ4-SFnOcpx9RcUO2fVFFRP3PkNtp4M65Yw5PVUUy2UfPD8LxnsO10KQNRjML74Rg0Jj33tIcBk5a7iqq-I-_fec72IVvFPXeDzOK62BIfp7AYinSvC9BwRGbZUumcw50tJIe3TsGqoHFhDk15Nmzzo_xQaeaBddhW96inWvdTmD3XuGBUCmEazoAI4b8DpwOTi2R0GJPF5ZkszYZbMGjZbU6dBnu-7GjygGxnMe_VJihzx-jlLl5J_BGQCNyZNELEza8DrfC37VFEIn5X23U0f5IBdAGaxP25xYR-zVdrQXg5cL8zDsS5_Sq-cMr1rpfeDxdhhDojq-46b9y0GdMvV1fMNosKWLLsznKDmaz6jUsMOblPHZJViY5u5tnGtTDLz2I4Kvb9ax05tP2fqOP5FeNlHzp1V-BiEzGrpY8IJOswvpIjf9_YwRJlIuRYhhPWIDs-xF6hv9GsN3iSlnP7BIS5mMaYr-onYGkJRs7dBsO0-WyRT_Ro0g4ZY47Oc86vAdJbG-jl7O4UodUuhvAEbD26oj3f-oAKqSz0J1yCi6gBt-4kCJFS6hFAYNvmm_FevsCQJ9sRBG50bybrzDOd7KJjPbdaf0WtGe1_lT8onsKnRCxSPxzZC6PgH3sb6d4lGt_q5hBOBoIKGwgBtGt0sn2drPt9wM1O5MV6eT3chx4EujyU2NAQK0L27hQONb8ZfpfT7yvcdp71PHbNKTYCo0E8iAK4-9LaQXAufAE9OEuqMvShoq6ZiaXdtIf22Ytc9QuFIsj3vBEv31MeWjC_IAXBC3VB2BckQZvFxjIFRPjhevpYRabfujCGWDkwN7dsm1ipDcb-6G61o1zy4r28EcijKBxEDRVNUJo0EzfWL_9G7IRjEMCN2YnR1kr2tmkcGZ1LwJS2BCrBMlFYcnGFvhHAKHBk5n7u-fqInrOcd15SjyAgXr6sMylphuTBLkdE62zVF4l5Ua3dPbSwMyqrISq7HOf7zCNMPaBC_U-oDdUfGgJhbUVTK6q2CmSzdJZmzi3YRRdVQfBUjLPlIeE_gV3AJnz65o8eXFKuVzUbkAm7hZd95HrCzfpy0Aw771ztH7KjqydrHk39kE3mr1y_CwTdqO3uiFPF3HiEjfXwl9EctlgqfkEaFDWvHogqdTqTgummMad0qIvFe-hCtutoSjHfJ88tAB6AnIjgIPgP8vWBiS8HgSWUsN4y_2H07QVQQ4J7_i87RzY2AvaKhBx-ScyDXaVWlhBt0NdZTtpRIXl2n8CBR6UVc_4hy-HH9GN7G-yX8pl9H_YmorOv2prgiVoadkATVcoQDh7_S3XmSaQ2MxQgGn1h6tyRNDICfIZCl2sxnAoj38RCPPfUw67qhsQO_BAtDb6Vl-vEoLRBTrpo2mU628O_b1qwKn6YrNbTEF6moJZx-d-4LjEJagD_99m1qx_8aFXL2fiy2LY0g_4dxxIRvUaLyKjnSbgQ9ZqhsMJXAnebGbYQAKmRqFipb_CS53vgCWuoS8pxGhjQSH3fHTGMCcrf8wwX6owKWSa7TonOvzQVIFRNU8QItrzCaiSaShkvAz7XRtppdQdLR58KIuBN7zFJ-Vnpb9sF3Oa6kgLi0QoSXEWucN1vkUL06kHMXohLT0FWwXoAZeEAje8IqqrjYZJtnven_RXeZHWoEwCSbrmlirU9jVFaNWqLDQox_bWb0nFXmVx1vKSZr1IBG8Sv4avE0SEZ1FgXX_hVfIFE3W7WW-xxURuc1sUGLA0KZ3qzBuDfChet2hWI7v9nSXOUy151ya4BWpaKPFuYVUTHzQK-NMQaXXfxdaoI8NkNoHYdFpKKIScQCXZc1zmvFRQsNU1pi6jXgBj9D03-sN8hYe5aeKA0mKz_Zb7WHfKNwuG9n4yg89q2rNPT-A-NRXsSQkS6Yz_LvCA0pXQoowaf2BQtvwK2yBazygir5zPEjJ0J4092ZB3IS8BvHSvo_6LEaRAmrJYFb9UtsTrR3jyGKUjG3BeaP3KVqnAR_RhJf9d06KLVZuDi4WPxRK6Y2dbCrL4GfTnlqkYU8Ij5h136XgZLeaYEeqaW7oPuBF-N7KnDZAbraLVdcesfnXfuLqdiYHaJKV9qg7eeo4yKZRX_sTAalHCyH6Bh0W0JJp1jXi2y9fdreZwEw5oIizzB03YsRfMVrRchfQqI2t0aO1QFUZK-b8rhRnWrF7VnylzpROvltIox0HzZE7KDLbPMOO-bGQ9j52nowrSzSwUJ6KVQq8F_XJWbvZrrT8g_B--11sJUkMvtguhE7HvOn4XGyVTFEzVGp2Hd4aShHNuP9yWUF4Ub0fL5peMo_4EOiHVJKVkIg&cid=CAASFeRoxoSFTvwo3Ow8sfV_X_4wDPhIvQ&rfl=1%2Chttps%253A%252F%252Fautoclicker.en.uptodown.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 28 Dec 2021 14:56:46 GMT content-encoding gzip x-content-type-options nosniff age 368670 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 28 Dec 2022 14:56:46 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame F2BA	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Tue, 28 Dec 2021 14:56:46 GMT expires Wed, 28 Dec 2022 14:56:46 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 368670 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	dvbs_src_internal101.js Show response cdn.doubleverify.com/ Frame B1BA	55 KB 18 KB	17ms 17ms	Script application/javascript	2a02:26f0:b600:1af::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal101.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4172055&sid=18330&dvregion=0&unit=300x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0g96soSTHHl8fVfJ5lLx1aQ&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118298&DVP_DBM_4=342891384&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=30723516090&turl=https://autoclicker.en.uptodown.com/windows&DVP_PP_BUNDLE_ID= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:b600:1af::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 21:21:16 GMT Content-Encoding gzip Last-Modified Wed, 08 Dec 2021 09:35:46 GMT Server Microsoft-IIS/10.0 ETag "08517fa16ecd71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080000 Connection keep-alive Accept-Ranges bytes Content-Length 18088
GET H3	200	U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response pagead2.googlesyndication.com/bg/ Frame F2BA	35 KB 13 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 31 Dec 2021 18:33:15 GMT content-encoding br x-content-type-options nosniff age 96481 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13577 x-xss-protection 0 last-modified Mon, 06 Dec 2021 19:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 31 Dec 2022 18:33:15 GMT
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/ Frame B1BA	2 KB 1 KB	229ms 11ms	Script text/javascript	213.254.244.11 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_833608571272&jsTagObjCallback=__tagObject_callback_833608571272&num=6&ctx=1828362&cmp=115750&plc=4172055&sid=18330&advid=&adsrv=&unit=300x600&isdvvid=&uid=833608571272&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=96&bridua=3&dup=null&turl=https://autoclicker.en.uptodown.com/windows&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0g96soSTHHl8fVfJ5lLx1aQ&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118298&DVP_DBM_4=342891384&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=30723516090&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=4&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTau2FE%404%3D%3A4%3C6C%5D6%3F%5DFAE%405%40H%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2FE%404%3D%3A4%3C6C%5D6%3F%5DFAE%405%40H%3F%5D4%40%3ETar9EEADTbpTauTaudb5c_2_b53h2a7fahhf5h%60dcf7g6ggb_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2FE%404%3D%3A4%3C6C%5D6%3F%5DFAE%405%40H%3F%5D4%40%3ETauH%3A%3F5%40HD&dvp_exetime=4.10&callbackName=__verify_callback_833608571272 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal101.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.11 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash 4b0f710393cf47fb1ebb7a8ed0c127e070aa3410ec56fab859ab4833504ed5ff Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache X-DV-Response 1 Content-Encoding gzip Date Sat, 01 Jan 2022 21:21:16 GMT Vary Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control max-age=0 Transfer-Encoding chunked Expires 12/31/2021 9:21:17 PM
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F2BA	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRcmyzMXQYY3WNZ_k7_UPrsqz6AEAAAAAOAHgBAI&bg=!6-il6KzNAAZKWFskSlg7ACkAdvg8Wl_-66SVkGflzlhJGLdNB5rRx-jh0E1kT-Gk9KQlyfBNLFuCKAIAAABGUgAAAANoAQeZAx8Ihv1JwZPkMXYAtdl6ladJYAskYrmPwPExEPtbV_FSq-aOP4I8BarTzP4DYpe0GnFRbwq6krDGhNTl6zJQx0wiywqlhe9TS7pUUBPs3XLsIJ68geU_J-miOKQJP3FsxHU5dL_TXik-5cogq189aztPq26TphOwuR7DIatfjy2smZ3Na_GXtT0MgHFxdnEWGCHCt5cctZtbWeLHrYDUtfnaSVA8PeWdlrGiN2may7l9TTlqhDmYsQ2DhGWBcykZZy3MtDKUpRvmeImUWe7sCIKXIbagoKTAaz4eMo2QgWG21JAErQxbtVqsspa7enlL-lQ1vXFkncrBD_k2y44dDrBzXNy8wenHUp-8R4Kbpddz81rl8iAwSKh6ZoJ8QsaAJ4EpUghIpPrA9TRHKpKemyuRWbqadQ1xNS45ja3JUQni8VUPSkvVDauJRkLOgZgBe-MjSnsIMJE2lcGCinQpZlsMJLuYAzwwLm9RZNP680tZcTzeTm5RlJKw8PeWLdYzazryJvD_E6nW6CDsHA_5EsscGm_wwJn353iYiueujll4etuqQMj3FxFA9fv6-YQuOkc7HDLwd6Oq_YdLfkoOxKQR0h2hge9zL20C7DUFZI-2DrWiYldW7Y8XyoSIYlZU-ouh-t8dQ6XPU0SUWerbjHZBuwwTWGzVf9F9-td-gKk-FJA59IqxPpIEznWk2vhtd60jzlmjzAJyIGEGGp-2o3rO-mlIwwJh2THcDAkZVgzwoRt_zO-hsO9cG9hgJXgt728gHMc1UnSGAmfrV1kPXAVMDsB96MvDltCPss23iMy2RMPk7EIBjRc-cWLYathAujHTiKDM0WzmUm5AHe4KEuOgn2UMeYjfaPwp4Hq3g-0yNo3N7qXDrx98THAgNf8rhIUWf2ZqirMxOQX7DatypJlBpdTfUQSr4EICYsGMIDhIizw6H7VHN7TkdCS9XYmTDTpcSkQ3fVAZznKO_mB8gE4HM-9uqKr_-bFJjaw3QyFs9hNxAbAd7TZJvCrBbvJDWgIK-2KXRWEugpfAQhZA_b8GF8mwunu0FE39zM6qyL2b Requested by Host: 53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com URL: https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 01 Jan 2022 21:21:17 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012111011823000/ Frame 1C60	189 KB 55 KB	61ms 8ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 368685 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55592 x-xss-protection 0 server sffe date Tue, 28 Dec 2021 14:56:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "11dee2040f5fc1d7" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 28 Dec 2022 14:56:32 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1C60	13 KB 5 KB	71ms 17ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 368685 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4992 x-xss-protection 0 server sffe date Tue, 28 Dec 2021 14:56:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "858600ba27ef7413" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 28 Dec 2022 14:56:32 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1C60	89 KB 28 KB	72ms 18ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 368685 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28555 x-xss-protection 0 server sffe date Tue, 28 Dec 2021 14:56:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "a64e482645fd262b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 28 Dec 2022 14:56:32 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1C60	5 KB 2 KB	70ms 17ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 368685 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1731 x-xss-protection 0 server sffe date Tue, 28 Dec 2021 14:56:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "cb4f0e89d7d37d9b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 28 Dec 2022 14:56:32 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 1C60	40 KB 13 KB	73ms 21ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 368685 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12826 x-xss-protection 0 server sffe date Tue, 28 Dec 2021 14:56:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "f02165e023e70703" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 28 Dec 2022 14:56:32 GMT
GET DATA	200 OK	truncated / Frame 1C60	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 552c4b0a92fa7d1911a636753c4b81c44032b83b3a01245e629b44d1232feed4 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET H3	200	4507335621995726532 tpc.googlesyndication.com/simgad/ Frame 1C60	66 KB 66 KB	9ms 8ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4507335621995726532?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkIP_L6WUN6eGD4q9MFVyRtyF0RJQ Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d25fe3e3f52c3c5c1152fbb586f5dd40dbd25044938de8b0d96e8a93132736a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 28 Dec 2021 14:07:45 GMT x-content-type-options nosniff age 371612 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 67279 x-xss-protection 0 last-modified Wed, 29 Sep 2021 09:39:20 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 28 Dec 2022 14:07:45 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1C60	2 KB 2 KB	8ms 7ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Sat, 01 Jan 2022 20:15:16 GMT x-content-type-options nosniff server cafe age 3961 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Sun, 02 Jan 2022 20:15:16 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1C60	295 B 319 B	7ms 6ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Sat, 01 Jan 2022 05:43:34 GMT x-content-type-options nosniff server cafe age 56263 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sun, 02 Jan 2022 05:43:34 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 1C60	0 0	14ms 14ms	Image text/html	2a00:1450:4001:82f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQKop_7VX3d3kpReHBQfiuMXaxDvN04KiV7Jy8R5IwbI0s8AmhxRSdIQXuRKbW7eE3dL1M8fAhIeCbzSXHndX33ZhuOA Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 1C60	0 0	49ms 49ms	Image text/html	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CNNY7zMXQYb-nHcns3wPA9LzwAcO36JRn8e_Q7PQO2dkeEAEg48isImCVgoCAlAegAazyuL8ByAECqQKz1_KJc-AMPuACAKgDAcgDCKoElwJP0I08gLovBHc_ex9M6NziJzQlxyis10XiZ8DTgI_SjnS7mJn2vy1-CoKL-RrHWnhYS7jKHen0fFQ7PWL-E3jsPOS7ZgokwQNGtE93KviZL_dvrJ_I-8YZ1vBCn06KSuw3rIxz1IV89QPWLxRCkLY4rK0qAu0vx21nDeG9KTefC0t1qSc0Ey_0kqA6cNfe25WtjJ5FDIZ8qIqS6q2VUgmQ0gX6Dq5bfloRxEU9j02IheuW1Ef2FhKZCJWmLB-tkZrPi7SQcoyIsN1dMwa5qR0thDvL3T3yMCo24fEzVaxpuWywKs6NPbGnwcbK1lyhncOj-0aOP8L9ZuPrZCctk00PnzWei_XlrnfFo36OSyOJxaU_mDK-OH7ABO-cwaziA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe8jcfAAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIyVL9IICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzE1OTc4ODA4MjYyODg1MYAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi01OTE4NTUyMjcwNzQ3MzEzGP6GCQ&sigh=zjooVDnWwhE&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness) Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H2	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame B1BA	9 KB 5 KB	120ms 120ms	Script text/javascript	2a00:1450:4019:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal101.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4019:801::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 01 Jan 2022 20:39:48 GMT content-encoding gzip x-content-type-options nosniff age 2489 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4486 x-xss-protection 0 last-modified Mon, 29 Nov 2021 19:29:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Sat, 01 Jan 2022 21:39:48 GMT
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 1C60 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	113ms 98ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol H3 Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Redirect headers date Sat, 01 Jan 2022 21:21:17 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	impl_v81.js Show response www.googletagservices.com/dcm/ Frame B1BA	41 KB 17 KB	7ms 6ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v81.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 31 Dec 2021 15:41:00 GMT content-encoding gzip x-content-type-options nosniff age 106817 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17189 x-xss-protection 0 last-modified Mon, 29 Nov 2021 19:28:15 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 31 Dec 2022 15:41:00 GMT
GET H/1.1	200 OK	dv-measurements1953.js Show response cdn.doubleverify.com/ Frame 6A60	499 KB 92 KB	17ms 17ms	Script application/javascript	2a02:26f0:b600:1af::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dv-measurements1953.js Requested by Host: autoclicker.en.uptodown.com URL: https://autoclicker.en.uptodown.com/windows Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:b600:1af::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 04de522bd92b4351527d64657e77abd3d7a70bedee55dc18f62efee5f6958577 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 01 Jan 2022 21:21:17 GMT Content-Encoding gzip Last-Modified Mon, 27 Dec 2021 10:11:55 GMT Server Microsoft-IIS/10.0 ETag "80e7c32cafbd71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080900 Connection keep-alive Accept-Ranges bytes Content-Length 93548
GET H/1.1	200 OK	visit.js Show response tps.doubleverify.com/ Frame 6A60	1 KB 1 KB	333ms 13ms	Script text/javascript	34.149.12.213 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=52&ttfrms=22&brid=3&brver=96.0.4664.93&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau2FE%404%3D%3A4%3C6C%5D6%3F%5DFAE%405%40H%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2FE%404%3D%3A4%3C6C%5D6%3F%5DFAE%405%40H%3F%5D4%40%3ETar9EEADTbpTauTaudb5c_2_b53h2a7fahhf5h%60dcf7g6ggb_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2FE%404%3D%3A4%3C6C%5D6%3F%5DFAE%405%40H%3F%5D4%40%3ETauH%3A%3F5%40HD&srcurlD=0&aUrlD=-1&ssl=https:&uid=1641072077432249&jsCallback=dvCallback_1641072077432624&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1953&tgjsver=1953&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=5&brh=2&sdf=2&dvp_epl=366&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://autoclicker.en.uptodown.com/windows&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0g96soSTHHl8fVfJ5lLx1aQ&DVP_DBM_1=3060631&DVP_DBM_2=11763541&DVP_DBM_3=32118298&DVP_DBM_4=342891384&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=30723516090&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=838084635360.3079&dvp_tukv=39817478.256283864&dvp_uuid=16252119.254285723&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=1160419242951 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1953.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 213.12.149.34.bc.googleusercontent.com Software / Resource Hash 544272b50a6470c39155266e0b4f2528083b63ebcd2541e20c754dbade7a1bab Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Pragma no-cache Date Sat, 01 Jan 2022 21:21:17 GMT Content-Encoding br Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Transfer-Encoding chunked Connection keep-alive Expires 12/31/2021 21:21:17
GET DATA	200 OK	truncated / Frame B1BA	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3604e30479815cad3cea0d8c7700818e59de1d8c8961961de12e3f5bed021c38 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 99DD	13 KB 5 KB	7ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 date Sat, 01 Jan 2022 19:18:14 GMT expires Sun, 01 Jan 2023 19:18:14 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7383 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame F32B	783 B 534 B	16ms 16ms	Document text/html	2a00:1450:4001:82f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 139b112ddd328c089c8621eaa0088ca30137572b20484122c3e82b1db18cb9fc Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-UCyyhog1LjKGQHhAbRdOAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sat, 01 Jan 2022 21:21:17 GMT date Sat, 01 Jan 2022 21:21:17 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-UCyyhog1LjKGQHhAbRdOAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response pagead2.googlesyndication.com/bg/ Frame 99DD	35 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 31 Dec 2021 18:33:15 GMT content-encoding br x-content-type-options nosniff age 96482 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13577 x-xss-protection 0 last-modified Mon, 06 Dec 2021 19:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 31 Dec 2022 18:33:15 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F32B	0 0	47ms 46ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2608469760198637&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2608469760198637&bg=!trWltfHNAAZKWFskSlg7ACkAdvg8WrIjZpxG6rxtP5SOMveGgSC7KmGy9c9D3lF-7u1dEl9VqDgl7QIAAABBUgAAAAloAQeZArwsDBnGMuqeKHgHjaOvi0jTKdvQdwDFTKa3IwesoDhzUkBTuO3ge4Kxudxocs6GThME-gDKQ9UqvZFoRzvW78b92XjNnqx7NIhxSFeOV-Jpmt9E9yc9ALGjceSVIehDPqunOpu_c7SqW262M9yKO1XM0uoGOyJv6ERFceiqn5BdUDB-gVlXIl7WmIsVQ-AGu29To3FNE87HekA5u-Hm9RSWBRWp0T1KqfJ-u1Qun0fUegWoqItDNmTeaIkPt0X3oV9tkQylSeymOJDBUvrzK6bXKDGgSM0ivgAi3z1o5aEeXWaVPViLKYTHVJugix1tNpiv17J2VUQWzBWpNEr8Yi_Ei200GJF-qJFLxCC8HpS5YhdvFzjqaZkbKnwRziOQNEICqJrosbYFAY0Mj9dfesU00GDBGpeC8XRfSX2NVs5UciqgFLUoZVDHf0ULu1lVtyq7CBnhVp4izVD3KR_N2EhDLXzTNsxjz_Rlh7ZF7RGXxmMHlkeRkfftnBaO8qKaa2dijBz7owFmTh0DB4muQr1Y40iC9nSrNMpqbK43S8nBHTHrK5zLFILEBOUxrcfzbYfv-7UeWxPcLSNA_yc-i3ILTmhiI9-7rPXgcBKQSp8HKIkbQuRbkG0rd0Mw4ML0GYVryH2M33VbIkqIRCqO2b8xZiJL1gS7vL1LDkMNOZC_s0o2lHP2oK8TZ_Dy0b_a6zfGWK3s2ni_nKIouZUvbE2RV4GLUBsaswFKaSS9tu9oqdQzF0bDBTwZBoPpYxpeDwAGn7wHCT1C_oP0bW5_wfd-bwDOIWbjPNpNPePCwrtXP7N0gTljeC9lxackr6vgg_4abIRQHjFjGxKfrdbYyZniElBcFaRzTz1ogPqvXEEwv36gOJAa2A1laYyGcRK5jNhhdjCxOYTQx7rV6VXMYLYl8MA4L1K3AQ5rFwdc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 01 Jan 2022 21:21:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	icon-download.svg stc.utdstc.com/img/	541 B 703 B	17ms 17ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-download.svg Requested by Host: stc.utdstc.com URL: https://stc.utdstc.com/1640947956890/vendor-en.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash c01524a3a9835d934fc9546e82fb2f72eb70ca3528328b537280f8d4d287a12d Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fae5-21d" x-cache-status MISS content-length 326 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:35:33 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:18 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Sun, 22 May 2022 09:36:49 GMT
GET H2	200	icon-license.svg stc.utdstc.com/img/	1 KB 912 B	18ms 18ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-license.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 0531e59699ca5fdb3bdcf033086116608abfb0d0379a50805542b17de92fced1 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fb76-59d" x-cache-status MISS content-length 535 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:37:58 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:18 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Fri, 13 May 2022 09:05:27 GMT
GET H2	200	icon-system.svg stc.utdstc.com/img/	530 B 653 B	19ms 18ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-system.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 5e956f503117aff4c7d5d4aaba718d007d27d57844ea46dd537039b11bc55fd7 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fc0a-212" x-cache-status MISS content-length 276 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:40:26 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:18 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Fri, 13 May 2022 09:05:27 GMT
GET H2	200	icon-category.svg stc.utdstc.com/img/	293 B 598 B	20ms 19ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-category.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash a8b2f7a942aea95229916c0e6b883d798eb0ab4bbfeec534c860a33a51df6769 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fb84-125" x-cache-status MISS content-length 222 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:38:12 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:18 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Sun, 22 May 2022 09:36:49 GMT
GET H2	200	icon-language.svg stc.utdstc.com/img/	1 KB 847 B	20ms 19ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-language.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 1b7ca4cd18952229fe2b83c99e051a8fb1bcda97b8daffb96c9b8ba7252ff9e9 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fba0-427" x-cache-status MISS content-length 470 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:38:40 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:18 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Sun, 22 May 2022 09:36:49 GMT
GET H2	200	menu-login.svg stc.utdstc.com/img/	565 B 665 B	20ms 20ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/menu-login.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 6ad8b546667c7ecca4a2f3ef6df58967a307b0297c704adaa20143a10ba66f5a Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6183f759-235" x-cache-status MISS content-length 288 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Thu, 04 Nov 2021 15:08:09 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:18 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Sun, 22 May 2022 09:36:49 GMT
GET H2	200	icon-date.svg stc.utdstc.com/img/	2 KB 813 B	16ms 15ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-date.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 563178d5672d7d9a39176dd6a0767d627d2bbeaa98a1e88237de8ab1c62c49cf Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fbcc-65c" x-cache-status MISS content-length 436 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:39:24 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:18 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Fri, 13 May 2022 09:05:41 GMT
GET H2	200	icon-why.svg stc.utdstc.com/img/	2 KB 1016 B	15ms 15ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-why.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 03f176c989036ab752ddfb3a815c2a002e9c2f20a084c2c9d7a860cc666a2ef4 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fcce-7b3" x-cache-status MISS content-length 639 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:43:42 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:18 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Fri, 13 May 2022 17:21:15 GMT
GET H2	200	menu-close.svg stc.utdstc.com/img/	273 B 577 B	15ms 13ms	Image image/svg+xml	104.90.137.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/menu-close.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-137-209.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash d2c93a24a13c1c829e2d49cccc6d5fbee92ef5b9cad4be4d8a5cb974d4b3b4bf Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6183e4c3-111" x-cache-status MISS content-length 201 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Thu, 04 Nov 2021 13:48:51 GMT server nginx/1.14.2 x-frame-options SAMEORIGIN date Sat, 01 Jan 2022 21:21:18 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Fri, 13 May 2022 09:05:25 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 1C60	42 B 64 B	43ms 42ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4fQQZdsfJSJVHaCZCES2zgo2CM27TyvgimzQsi8OHYscNSAw3pM8K1O9bVa3sS94huswm1--rfEhYSSFTrswTs0Zh-lzul012R8p5ngFv727ppAFtdA&sai=AMfl-YQ3k66pEogt43_qBPOttKp48LyHBNBgOFtLdUSKgh2LJ5ONb1lezrDJL-1qDEAAklnF1VhGTyuKSnGt_TcxkjkDzMYNKw9uEPHVd9kWDfkG7p8FNH4rOI1UQelIRwU&sig=Cg0ArKJSzHYax5UOciCAEAE&id=ampim&o=-8,300&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=44&tls=1045&g=97.33333587646484&h=97.33333587646484&tt=1045&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2300448503 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://autoclicker.en.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 01 Jan 2022 21:21:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B1BA	42 B 64 B	57ms 42ms	Fetch image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJEJiAqdXbDEN7Gq_0rEkRWncIRHHshix3h62jFHlFWs_uo6RRNV4XBZNIUSnbpqEYiXzd8lQHdaAsR4hdeI9QJdzQcVxtD-UjnboVPIADlbJkSy8V8g&sai=AMfl-YRAQgTCppjhc-lsL-omZfaPDGlSta4e7-SztukBe2b90DIirW6NFOjzORfPy6zNeW1BfAbqafiOwvyCuFLzq533v5gAyv_I6gERTEp7kt0Xx0MvpO-2_LYdiBIngy4&sig=Cg0ArKJSzFJmIMNkZU0kEAE&cid=CAASFeRoxoSFTvwo3Ow8sfV_X_4wDPhIvQ&id=lidar2&mcvt=1000&p=300,1308,904,1608&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&app=0&itpl=20&adk=421840022&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641072076811&rpt=1048&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sat, 01 Jan 2022 21:21:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	bsevent.gif tps20522.doubleverify.com/ Frame B1BA	807 B 1 KB	287ms 7ms	Ping image/gif	213.254.244.11 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://tps20522.doubleverify.com/bsevent.gif?impid=62f515f6701d4244973feca5934b0f7c&nav_pltfrm=Linux%20x86_64&cbust=1641072079209679 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal101.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.11 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416 Request headers Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Sat, 01 Jan 2022 21:21:18 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type image/gif Access-Control-Allow-Origin https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 860 Expires 12/31/2021 9:21:19 PM
POST H/1.1	204 No Content	event.png tpsc-eu3.doubleverify.com/ Frame 6A60	0 305 B	43ms 8ms	Ping text/plain	34.149.12.213 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpsc-eu3.doubleverify.com/event.png?impid=0a246fce06f74d27966a9a3edbce5321&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=334&eoid=8&msrjs=1953&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=0&tetms=6&msltms=32&vltms=334&sei=289&vetms=5&engms=1&engisel=1&ttfurm=2360&cbust=1641072079772908 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1953.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 213.12.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com Pragma no-cache Date Sat, 01 Jan 2022 21:21:19 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 12/31/2021 21:21:19
POST H/1.1	204 No Content	event.png tpsc-eu3.doubleverify.com/ Frame 6A60	0 305 B	8ms 8ms	Ping text/plain	34.149.12.213 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpsc-eu3.doubleverify.com/event.png?impid=0a246fce06f74d27966a9a3edbce5321&gdpr=&gdpr_consent=&msrcanlm=264&msrcannum=2&eoid=11&ismms=30&isumms=29&isvelg=1&nvr=6&isgmmims=29&isgmv4mims=29&elmtp=4&isbxdms=2429&b0=100&b10=2426&adhgt=604&adwdth=300&norwdth=300&norhgt=600&engisel=1&vsos=9&dvp_vsosnmr=16&lftb=2526&sftb=2526&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1029&isuiabvms=1029&engalms=28&dvp_dpr=1&dvp_valpct=2&dvp_itg=HEAD:1,META:1,TITLE:1,SCRIPT:23,BODY:1,DIV:18,IMG:2,IFRAME:4,STYLE:2,svg:3,circle:2,path:2,A:1,INS:1,&cbust=1641072080771403 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1953.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 213.12.149.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://53d40a03db9a2f72997d91547f8e8830.safeframe.googlesyndication.com Pragma no-cache Date Sat, 01 Jan 2022 21:21:20 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 12/31/2021 21:21:20