urlscan.io logo urlscan.io
SecurityTrails logo

www.file.io Open in urlscan Pro
143.204.215.16  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://file.io/LD4HUmcyRMQo
Effective URL: https://www.file.io/NfnG/download/LD4HUmcyRMQo
Submission: On October 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 12 countries across 32 domains to perform 98 HTTP transactions. The main IP is 143.204.215.16, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io.
TLS certificate: Issued by Amazon on February 24th 2022. Valid for: a year.
This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 3.213.81.213 14618 (AMAZON-AES)
34 143.204.215.16 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 64.20.35.44 19318 (IS-AS-1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
4 4 37.252.172.249 29990 (ASN-APPNEX)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 72.251.249.14 32475 (SINGLEHOP...)
1 141.95.33.111 16276 (OVH)
1 3.65.142.183 16509 (AMAZON-02)
3 3 18.156.0.31 16509 (AMAZON-02)
1 1 23.35.228.23 16625 (AKAMAI-AS)
1 1 34.238.96.202 14618 (AMAZON-AES)
1 3 104.18.19.126 13335 (CLOUDFLAR...)
2 88.221.168.201 16625 (AKAMAI-AS)
1 1 96.16.141.156 16625 (AKAMAI-AS)
2 23.203.77.3 16625 (AKAMAI-AS)
1 51.75.86.98 16276 (OVH)
1 213.19.147.44 3356 (LEVEL3)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 15.197.193.217 16509 (AMAZON-02)
1 2 52.46.130.91 ()
1 4 185.80.39.216 27381 (CASALE-MEDIA)
5 5 172.217.18.2 15169 (GOOGLE)
2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 135.125.160.160 16276 (OVH)
1 69.173.144.138 26667 (RUBICONPR...)
3 4 37.157.3.28 198622 (ADFORM)
2 2 213.155.156.183 1299 (TWELVE99 ...)
4 185.64.189.110 62713 (AS-PUBMATIC)
2 2 185.29.134.244 30419 (MEDIAMATH...)
2 185.64.190.80 62713 (AS-PUBMATIC)
1 2a02:2638::22 44788 (ASN-CRITE...)
1 2 54.239.38.253 16509 (AMAZON-02)
1 185.64.190.81 ()
1 1 15.235.15.221 16276 (OVH)
1 34.91.62.186 396982 (GOOGLE-CL...)
1 69.173.151.100 ()
98 36
2    3.213.81.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-81-213.compute-1.amazonaws.com
file.io
34    143.204.215.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-16.fra53.r.cloudfront.net
www.file.io
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
securepubads.g.doubleclick.net
9    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
1    64.20.35.44 (United States)

ASN19318 (IS-AS-1, US)
PTR: bid.glass
bid.glass
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3b760e8a5a7275c4ef3cec6c6e4a3a3f.safeframe.googlesyndication.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:224a:de00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    3.65.142.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-142-183.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hbx.media.net
1    34.238.96.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-96-202.compute-1.amazonaws.com
ssp.disqus.com
3    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    213.19.147.44 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
usermatch.targeting.unrulymedia.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    52.46.130.91 (None, )

ASN- ()
s.amazon-adsystem.com
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
5    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
cm.g.doubleclick.net
2    2a05:d018:d29:3602:e223:977f:5d30:1217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2a02:2638::22 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    185.64.190.81 (None, )

ASN- ()
image4.pubmatic.com
1    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    69.173.151.100 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
36 file.io
file.io — Cisco Umbrella Rank: 545428
www.file.io
789 KB
10 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 495
image6.pubmatic.com — Cisco Umbrella Rank: 671
image2.pubmatic.com — Cisco Umbrella Rank: 894
simage2.pubmatic.com — Cisco Umbrella Rank: 706
image4.pubmatic.com
26 KB
9 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 11074
sync.quantumdex.io — Cisco Umbrella Rank: 4696
2 KB
9 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
131 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
3b760e8a5a7275c4ef3cec6c6e4a3a3f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
43 KB
7 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
dsum.casalemedia.com — Cisco Umbrella Rank: 1311
5 KB
5 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 929
eus.rubiconproject.com — Cisco Umbrella Rank: 596
token.rubiconproject.com — Cisco Umbrella Rank: 682
pixel-us-east.rubiconproject.com
11 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
4 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
793 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4553
562 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1355
843 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2142
1 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 841
612 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3372
419 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 679
363 B
1 unrulymedia.com
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 2970
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1707
296 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1195
450 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 554
35 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
1 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
277 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 717
241 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8724
792 B
1 bid.glass
bid.glass
317 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
27 KB
98 32
Domain Requested by
34 www.file.io www.file.io
8 sync.quantumdex.io www.file.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
5 cm.g.doubleclick.net 5 redirects
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ib.adnxs.com 4 redirects
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 match.adsrvr.org ssum-sec.casalemedia.com
ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
3 ups.analytics.yahoo.com 3 redirects
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 simage2.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 eus.rubiconproject.com sync.quantumdex.io
eus.rubiconproject.com
2 ads.pubmatic.com sync.quantumdex.io
ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 www.google-analytics.com www.file.io
www.google-analytics.com
2 file.io 1 redirects www.file.io
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 um.simpli.fi ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 token.rubiconproject.com eus.rubiconproject.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 usermatch.targeting.unrulymedia.com sync.quantumdex.io
1 onetag-sys.com sync.quantumdex.io
1 secure-assets.rubiconproject.com 1 redirects
1 ssp.disqus.com 1 redirects
1 hbx.media.net 1 redirects
1 match.sharethrough.com sync.quantumdex.io
1 id5-sync.com sync.quantumdex.io
1 ap.lijit.com sync.quantumdex.io
1 s.ad.smaato.net sync.quantumdex.io
1 www.google.com tpc.googlesyndication.com
1 3b760e8a5a7275c4ef3cec6c6e4a3a3f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 bid.glass www.file.io
1 useast.quantumdex.io www.file.io
1 www.googletagservices.com www.file.io
1 stats.g.doubleclick.net www.google-analytics.com
98 50

This site contains links to these domains. Also see Links.

Domain
file.io
mrcowboy.com
bid.glass
twitter.com
www.facebook.com
www.reddit.com
www.linkedin.com
github.com
Subject Issuer Validity Valid
*.file.io
Amazon		 2022-02-24 -
2023-03-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
www.onezo.bid.glass
R3		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
s.ad.smaato.net
Amazon		 2022-08-22 -
2023-09-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 17 frames:

Primary Page: https://www.file.io/NfnG/download/LD4HUmcyRMQo
Frame ID: 3F638B4F87B2B90405E9AEDD6BB325E7
Requests: 49 HTTP requests in this frame

Frame: https://3b760e8a5a7275c4ef3cec6c6e4a3a3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25025438623E304C5B9BC3109DE37C75
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A8D7148E33F8DD462DB461DBC39061E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F15F9F864F90FCB6F2976074A05F1EEE
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: B982B7C660F771183FDD90F0A353CDB2
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 5A5813A36D34493805A27A1825140F51
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 4751C4ADEB9CFB69E5830FFA45B5AF9A
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: E4396BF4CBA09D8B8FD2DCF4B24A8BA9
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 3866967C1DC6DD7AA110892E72FC1768
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 4864A4F82EBE4CCCA51ADB55439DF6E8
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=37FFAB02-EABB-42CC-AD91-550DA4714A46
Frame ID: C07D91F7A49390C814B2C2FBDF148351
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6872095075714925312
Frame ID: A0A43D576E7430942E5BF677FE996422
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fcb46359-c6b5-4000-9355-f1c3a747ece0&gdpr=0&gdpr_consent=
Frame ID: 410AD0C8516A1BFED87D8E7A55AD860E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 038F0991408C6552B568309D184BFF08
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9106725087360768925&gdpr=0&gdpr_consent=
Frame ID: B6634C811DA6939B6E4F57EAE350253E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=37FFAB02-EABB-42CC-AD91-550DA4714A46&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 99D7CDEBBFBDEEFBE6ABB9F0A772CEA8
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=37FFAB02-EABB-42CC-AD91-550DA4714A46
Frame ID: 7AC598A72FB72FF98523A4E29E00EBC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download | file.io

Page URL History Show full URLs

  1. https://file.io/LD4HUmcyRMQo HTTP 302
    https://www.file.io/NfnG/download/LD4HUmcyRMQo Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

98
Requests

83 %
HTTPS

28 %
IPv6

32
Domains

50
Subdomains

36
IPs

12
Countries

1060 kB
Transfer

2648 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://file.io/LD4HUmcyRMQo HTTP 302
    https://www.file.io/NfnG/download/LD4HUmcyRMQo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9106725087360768925
Request Chain 57
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=3589106e-863a-522c-bfac-2c47dcf5eaf2
Request Chain 61
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9yeXaClE2uHOwlZeHYlm1CBXCLkBcJSffBz2Gxg-~A
Request Chain 62
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 63
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-0f0144ca-4260-37a5-9251-50043db9457b
Request Chain 64
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 66
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 72
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB&dcc=t
Request Chain 73
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1nGtTdhG2DXqr.jnIxu6AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM8kf6F2OG53Hv3ibR7lyiE&google_cver=1&google_hm=2
Request Chain 74
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFlsq55hm1WotY-Vu99slI8&google_cver=1
Request Chain 76
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9106725087360768925
Request Chain 77
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB
Request Chain 78
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 81
  • https://c1.adform.net/serving/cookie/match?party=14&cid=37FFAB02-EABB-42CC-AD91-550DA4714A46 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=37FFAB02-EABB-42CC-AD91-550DA4714A46
Request Chain 82
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6872095075714925312
Request Chain 83
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fcb46359-c6b5-4000-9355-f1c3a747ece0&gdpr=0&gdpr_consent=
Request Chain 85
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9106725087360768925&gdpr=0&gdpr_consent=
Request Chain 86
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=37FFAB02-EABB-42CC-AD91-550DA4714A46&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=37FFAB02-EABB-42CC-AD91-550DA4714A46&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N_-rAuq7QsytkVUNpHFKRg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 89
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=29c36359-c6b5-4700-bcd4-0eee200309cc
Request Chain 90
  • https://pixel.onaudience.com/?partner=214&mapped=37FFAB02-EABB-42CC-AD91-550DA4714A46 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzdGRkFCMDItRUFCQi00MkNDLUFEOTEtNTUwREE0NzE0QTQ2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELeZwAGtc37bUCHLtcJccWI&google_cver=1
Request Chain 94
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8509228754897665545

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request LD4HUmcyRMQo
www.file.io/NfnG/download/
Redirect Chain
  • https://file.io/LD4HUmcyRMQo
  • https://www.file.io/NfnG/download/LD4HUmcyRMQo
312 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file.io/NfnG/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59bf619f845b59cb0bc97aa5f41941975609d290501243e71716c429c817f560

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=86400
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 23:45:53 GMT
etag
W/"59b8cce2f892105f8e39b4e78de42577"
last-modified
Mon, 24 Oct 2022 09:05:42 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
x-amz-cf-id
_OKIybRq0vlqKKp7GFnS4ew12X1HuwJ0dV_nLTrQRDkqd9SpZplxbA==
x-amz-cf-pop
FRA53-C1
x-amz-id-2
4kZN83zXDAq3vVcLjfk06n7x2MQ+1xt0v7YArl4eDlydNE+wchFGlPVIIVgHkp7luHJcHCsSAq8=
x-amz-request-id
6FX25FGJ4EH10T34
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
access-control-allow-methods
GET,HEAD,POST,PUT,PATCH,DELETE
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
content-length
136
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 23:45:51 GMT
location
https://www.file.io/NfnG/download/LD4HUmcyRMQo
retry-after
1
vary
Accept
x-ratelimit-limit
1
x-ratelimit-remaining
7
x-ratelimit-reset
2022-10-26T23:45:52.508Z
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.file.io
URL: https://www.file.io/NfnG/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Oct 2022 23:01:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2634
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 27 Oct 2022 01:01:58 GMT
app-438588750f6b6905c6ff.js
www.file.io/ 		638 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/app-438588750f6b6905c6ff.js
Requested by
Host: www.file.io
URL: https://www.file.io/NfnG/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bfbb8f42b3e79f5e8093d4459dbc75d1c9cb481c5c13c31b34ffc1890f0b787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:08 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:39 GMT
server
AmazonS3
x-amz-request-id
SRS7GCGA4YHDF860
x-amz-cf-pop
FRA53-C1
etag
W/"bf53dfdd7a2d5df4ce50d7ce51826663"
age
225465
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
qtxVHlLlimmwazocO1hrBfEHuzfztzaAZotlyoFh4prC8QSQAhASxg==
x-amz-id-2
MRv5yEpnbL/ghwGbI9U3f9HIIoPF4wmqt5w61T64V58ftr3ybyrSyoT4QzKMuIgtmVok57bgzBY=
0eceb729-761e2b4090024f08e2ca.js
www.file.io/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/0eceb729-761e2b4090024f08e2ca.js
Requested by
Host: www.file.io
URL: https://www.file.io/NfnG/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:08 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:34 GMT
server
AmazonS3
x-amz-request-id
SRS63QM99MTAAKZA
x-amz-cf-pop
FRA53-C1
etag
W/"d8fa3e295945b4065c7adabadd2be99b"
age
225465
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
Emja3PDfkzxcuATjQbkZVEV3BoGE2WTgyzrh_1aOfn8iI2-q3I-yJQ==
x-amz-id-2
JxxWHVWeObB7WjGHfuIsjkF2XMjXJt4HdGiZ9sPl8U8Qp+mDT1zX5IIgZVajyZ2rSyGPv1tJpY8=
d6a9949e-4e9c210da2d83a376ddb.js
www.file.io/ 		51 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/d6a9949e-4e9c210da2d83a376ddb.js
Requested by
Host: www.file.io
URL: https://www.file.io/NfnG/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:08 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:42 GMT
server
AmazonS3
x-amz-request-id
SRSE0J7DGTDV1TD9
x-amz-cf-pop
FRA53-C1
etag
W/"2feda6389a53a29ad5102ef7918752f6"
age
225465
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
GLFt6faVx_XHXNIKzncGzCcKrcEGt03PqE7g4U-O-3twqAPdDllKGw==
x-amz-id-2
L3LHmssI5k48PAA48H5dihyJAqH4BrKFEt7CjYyYYAjB75SsFBybBYOKyBMXO5BtqfHHeczAYI0=
e82996df-3c73e38611643c5bb219.js
www.file.io/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e82996df-3c73e38611643c5bb219.js
Requested by
Host: www.file.io
URL: https://www.file.io/NfnG/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:08 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:42 GMT
server
AmazonS3
x-amz-request-id
SRSCBT94885ZFG0W
x-amz-cf-pop
FRA53-C1
etag
W/"785aafc2bda0f767992456b4ba1b0627"
age
225465
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
AxNdTOOVEW_K178D69h0yVQl92898RzfA3ciw4nLXD4PRpmrth-TRw==
x-amz-id-2
tbFVwHmDl6PIyjM2veQ9XlBQ7NLY7EL6vuloNI8hT9UwcuvFvbPQYDlXBRUSz8cOlwNPk/Fav7c=
framework-8fce40ee519418a713c9.js
www.file.io/ 		145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/framework-8fce40ee519418a713c9.js
Requested by
Host: www.file.io
URL: https://www.file.io/NfnG/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:08 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:43 GMT
server
AmazonS3
x-amz-request-id
SRSCP1BDBWX1GZWE
x-amz-cf-pop
FRA53-C1
etag
W/"c4a5f7717ceee6ea81514ff62873ada9"
age
225465
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
34sB-dQngvfawgW-ZAht0jRpdUNLBmSGhIqf1xkILeZQoKNwZohR2g==
x-amz-id-2
o6oF1SEnq8r3RjN03V8Onv2fS9J2Po2Bk5PUzzHs7He60/9IHlLDI5L5FNx8cWFpRU03221Mcoc=
webpack-runtime-048164bed35c94f5e17a.js
www.file.io/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Requested by
Host: www.file.io
URL: https://www.file.io/NfnG/download/LD4HUmcyRMQo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10dcaaf69bd430ace51c25e2c8a0d676faaedf2bce0acabaa1def47c7bcc0ad3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:07:31 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:47 GMT
server
AmazonS3
x-amz-request-id
MRVE1V48XWWMW8H8
x-amz-cf-pop
FRA53-C1
etag
W/"e0397cf582f6a185758876a8b057cc11"
age
225502
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
5mACRHbVMB2ps6wt-8kqOE1GofMg7r0hv8G-F82h-vAT3XxBKdIV4Q==
x-amz-id-2
VU45pltBY/MukrZU57W0JAeKGZKnxSRqtGnH5wfRnH9we+KjGlFDKMwSlmmg/zwGqC8TIl4N1l0=
app-data.json
www.file.io/page-data/ 		50 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/app-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27b75a7887b7fd3716f7abff1ede95e77201eab7cbb4cc167d250c2082a56871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 05:52:46 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
NAHD0QV8986YQDGD
x-amz-cf-pop
FRA53-C1
etag
"c2add5c1ce131d8981ee8ababaf5ec74"
age
64387
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
50
x-amz-id-2
cem4N/LEZ5hv8h0RsefRB9nuV8rimV5hVlXAw8Umy2bNAtwimmw9v11YJdIvmeVIX51x91NJjwU=
x-amz-cf-id
HpcXvmhc3v5Jwwicbg3AQx-PE1qxP_ame6P1v3bpWIuvmdVtfcxViA==
page-data.json
www.file.io/page-data/downloadStopGap/ 		208 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/downloadStopGap/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 05:52:46 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
NAH6W6HP351WCMWF
x-amz-cf-pop
FRA53-C1
etag
"a2bc2e30a9725de62058caf12cd11a0e"
age
64387
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
208
x-amz-id-2
n5vpt1YutDhEjv9JCfkC8gjNDgv+llHaHuiZvqKcG5dDlA+SMs5wo75L8hDN5tj5y444mqkG7ok=
x-amz-cf-id
gZ25p9_fS6AXyNNSIg-gGYtHVMVsAy29Umg5P-VMJ3HuAlPNaL-OFQ==
cb1608f2-c3c6ab3068acdccdccc5.js
www.file.io/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/cb1608f2-c3c6ab3068acdccdccc5.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb26ba7d6c1e90849f333847be322f55b4de508d294467d7c8a7f1cd70d366f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:09 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:39 GMT
server
AmazonS3
x-amz-request-id
W7FN4MK6W17MCM8E
x-amz-cf-pop
FRA53-C1
etag
W/"be2740357851b35d3b50ac372bdc1864"
age
225464
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
akZ1j_V-XGn3EyASRdhvwKbCU6IaRp9H-ZYbUuAtcX_vqJJQA2ggtw==
x-amz-id-2
VypVug1DIpGbHsNTadoU0QGmXqpk2R2GxzJzXaYMLpeGu2+YEwiRX4CtA+pfOAWH0UwAGZM/aI8=
a9a7754c-f1b5f9c5144f62adc766.js
www.file.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/a9a7754c-f1b5f9c5144f62adc766.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:09 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:36 GMT
server
AmazonS3
x-amz-request-id
W7FV1F952NQGEQX5
x-amz-cf-pop
FRA53-C1
etag
W/"4ae04cdf11989fa265bb8cc9b598298f"
age
225464
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
ek9om-5RJCLohaR8mXILaUvu7me2_DCGYYPeEPHVu42xH26caAqfXA==
x-amz-id-2
aBMEd5ZuNqmIoPAu76M55AHelZKLSTOteblTs1nV76N0dFkFM+x393D1YC/08Vn93PrHbp9IGRU=
381417c15e948e10ceded78bff93c5a25db3efa3-40bf9a1dd8e6dc843785.js
www.file.io/ 		117 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-40bf9a1dd8e6dc843785.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a057fa3a8cb5ddac308191c23926e496ed8874cc71e6640806a09760e6732a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:09 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:35 GMT
server
AmazonS3
x-amz-request-id
W7FWHCWENB9747XM
x-amz-cf-pop
FRA53-C1
etag
W/"d7b6ca59f2fccbba3f62d8b48c85f4ab"
age
225464
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
oWc4hjaOtbxvU_CNzWvcirSsoA8s387K9L-KaQ2uofYNCwggwth4cA==
x-amz-id-2
Gj21ZWbkKC5kP3+7VOu6YQJOMs3J+tgeoW+uXLf4UR0QIy7vbR5BGDeu2WNSk/Fq8dGtTxd9kg0=
a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
www.file.io/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:09 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:36 GMT
server
AmazonS3
x-amz-request-id
W7FJJ34V3GD5AKP2
x-amz-cf-pop
FRA53-C1
etag
W/"2b921aab089ea83ec7bb825f970e0b68"
age
225464
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
oTH_IpYOahwsBk2aaT6_lwbPTMUQa-AWdv7gLpdvbW76GUp8rsMDVA==
x-amz-id-2
1UO22uvA0B/HYbkcJl0IkwJwf074iSXMkLcO/ho4H+ROBjm3ZnVr4zV0tFfeRll/7p2P/rUYc5aJd0bMbUoXzQ==
6043c7ae7d033d369a2fc1db82212855efeac9f9-77152812dffde4f282dc.js
www.file.io/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-77152812dffde4f282dc.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15a6c1f335e08bfbef5ddca3572088dfa897eaa5a7c020885e33a73e769e2833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:09 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:35 GMT
server
AmazonS3
x-amz-request-id
W7FJHG0Z276CEB0H
x-amz-cf-pop
FRA53-C1
etag
W/"28a08914b667bd7d6c376d859bef83e6"
age
225464
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
0ij0VvQm54RUFeRyi_07DRYHeroHpuGFzrriX5WTLT0IavH90ki8XA==
x-amz-id-2
PpWFgMl0mGur71Fgu8M1djCeDik58sepZIqKNI8RUykvw7FUJCXehEhu0llC2N842fTw/TAluKA=
e98b170d240584cc273f592e36a9137245db2ee9-dfa71bc7c182e143d729.js
www.file.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e98b170d240584cc273f592e36a9137245db2ee9-dfa71bc7c182e143d729.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c6c40892eeac45630835e71ea88a7bee39454223bc54fdeae25ed642cb11a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:07:32 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:43 GMT
server
AmazonS3
x-amz-request-id
YHPZ29BT8843JN7N
x-amz-cf-pop
FRA53-C1
etag
W/"d3020b9765fef3dbbe2edff35496bdd2"
age
225501
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
rS6-3k8Au-nLdF6EsLNAo7C4dbH4SRpKjNvQFbSTQJpqwBuFjxY0nQ==
x-amz-id-2
w8+NNEicWy/Rmxpq7QfR+0U8bb3q8Hmh9d5g6HpFQjTlNiMjZ2PtSMphgtaTBp/2vq0i6hXs5Bk=
03f9af1d91ffaa672a221f7c6442c75365c47a72-5283f7f11eb1e01106ce.js
www.file.io/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/03f9af1d91ffaa672a221f7c6442c75365c47a72-5283f7f11eb1e01106ce.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3176130038be20ee8b06cd5fe0581a5af3cc00ad74fbe357bf912dbf597e354c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:12 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:34 GMT
server
AmazonS3
x-amz-request-id
RG6XWD8M38CJ7AS9
x-amz-cf-pop
FRA53-C1
etag
W/"95dc1a5c4346aabef840745fe774bb62"
age
225461
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
p3R_QE2XwqyB39Fr6sXKQm2j473WALlXtE2BJFC9VAzYSItQDUlsfA==
x-amz-id-2
ZVr6Qlw06+8gFKfcSc3/MbkSINm5tCPO2V94mr6lHw6MNoxw49gxrZdbTVqVtV0o7SBIThw6TMg0RqnedtONPw==
component---src-pages-download-stop-gap-js-34bb5ee9867992aabea8.js
www.file.io/ 		400 B
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-download-stop-gap-js-34bb5ee9867992aabea8.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fdf482b1595dea6b2f3db2b253bca64e053aabbdf23a0b2fb5cc40d9e0c745ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:11:28 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:40 GMT
server
AmazonS3
x-amz-request-id
H9B2AGQY8G4Z9GQP
x-amz-cf-pop
FRA53-C1
etag
"3225401b5dee9afc24ffc305b1eac20e"
age
225265
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
400
x-amz-id-2
1euIjD0IuvdfG4gxfdP1pIDIeArwZ6NkVDgDevuBo4+3YpYrM60oUBAb1sg1azHK6q73U+xZEZ4=
x-amz-cf-id
BFRC6XD9or3tih8jvTI445xU04eAfZGjkffvsMd1QtsT8rc_JxYAYA==
1655680770.json
www.file.io/page-data/sq/d/ 		447 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1655680770.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:01:05 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
H5W1HGD1PSHZ20D5
x-amz-cf-pop
FRA53-C1
etag
"c839c57483bd5d788408e7fc88e7cc8d"
age
81888
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
447
x-amz-id-2
SFbmDmF9GjegQ6jxBqvWu6bOXNGBVX+ix9fVBIn+BpDEzUVnlKrGrGgjvmkMtImB8bjucDzrCc8=
x-amz-cf-id
hQPoeGA99rH7BsFqnSEl_2Az2GYaa4gLFUpZlsSEb6tgR0JcNxRkRQ==
1810866655.json
www.file.io/page-data/sq/d/ 		2 KB
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1810866655.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 04:11:58 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
KRWWZE0TDPRT23V6
x-amz-cf-pop
FRA53-C1
etag
W/"7bb0144e136507cd9bfbaceb72189d09"
age
70435
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
4gQYT_LAuHHNG7TUT6uqXN8Kxg80Hs8B0yZ7ZSVgk0Fw1GZUYCEUQQ==
x-amz-id-2
VC2eBJty9CW5/QM/e1ebShJS4t0U3A9/9NoakVkr2eiviSNfL3iERp1Wo9PuO/ElqpqxAXAbR30=
Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/ 		317 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:09:02 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:46 GMT
server
AmazonS3
x-amz-request-id
W3XRACMSY7QT2C89
x-amz-cf-pop
FRA53-C1
etag
"8dd26c3dd0125fb16ce19b8f5e8273fb"
age
225411
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
324864
x-amz-id-2
sSSvEVeGWnw7g7RUFP6xImOcCkbUsEPYe9N2/GzPM+Ki8UbN8r3w1aufQi9nenxqJwIhpSVIU/c=
x-amz-cf-id
-JIZiZRP5oJVbzqYGyzpZOXN5NjBVT7LOamkd5i77xILgdyTYkRv9Q==
metadata
file.io/LD4HUmcyRMQo/ 		484 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://file.io/LD4HUmcyRMQo/metadata
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.81.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-81-213.compute-1.amazonaws.com
Software
/
Resource Hash
c7dd5d81b2a12deebfebb565d485ebb7b1743b91a015bcf14bd8bbdbff89e678

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:53 GMT
etag
W/"1e4-YBUHda5OuM3A4KCiKafhyT0MebU"
x-ratelimit-remaining
7
access-control-allow-methods
GET,HEAD,POST,PUT,PATCH,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
x-ratelimit-reset
2022-10-26T23:45:54.223Z
x-ratelimit-limit
1
access-control-allow-headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
content-length
484
retry-after
1
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=685406938&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2FNfnG%2Fdownload%2FLD4HUmcyRMQo&dp=%2FNfnG%2Fdownload%2FLD4HUmcyRMQo&ul=en-us&de=UTF-8&dt=Download%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=806067120&gjid=912109999&cid=1302597383.1666827953&tid=UA-65658019-1&_gid=140227620.1666827953&_r=1&_slc=1&z=357395489
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:45:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-65658019-1&cid=1302597383.1666827953&jid=806067120&gjid=912109999&_gid=140227620.1666827953&_u=aEBAAEAAAAAAACAAI~&z=184949531
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 26 Oct 2022 23:45:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.file.io
URL: https://www.file.io/03f9af1d91ffaa672a221f7c6442c75365c47a72-5283f7f11eb1e01106ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5696f49866f8b8b992cc17fa5648557237c3f6495096f6b516967052748c938
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27375
x-xss-protection
0
server
sffe
etag
"1375 / 488 of 1000 / last-modified: 1666821989"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Oct 2022 23:45:53 GMT
prebid7.18.0.js
www.file.io/scripts/ 		163 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/scripts/prebid7.18.0.js
Requested by
Host: www.file.io
URL: https://www.file.io/03f9af1d91ffaa672a221f7c6442c75365c47a72-5283f7f11eb1e01106ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
280d9cb374b03e01072f2db3b7f1dd3c2d767e601c52212d7393f4f7158a08dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:10 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:45 GMT
server
AmazonS3
x-amz-request-id
48T0FY3STDN5MWBT
x-amz-cf-pop
FRA53-C1
etag
W/"c488e1001b33af7893c3558f28b0fac8"
age
225464
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
fNSRNoijQFCn6q_18AaWNvhromuc75LX8U3vofxcJWe5RzqIlLffVw==
x-amz-id-2
jnwnZcd/3jvZD0E7Tmkj6ZJ+9PRo2To6H8j2dqVdeA6aRlxJs4Y0ykD1oxUEA+Abedi2b3FbVl4=
ads-hodgepodge-ad-61589d581d2636ac2a38.js
www.file.io/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/ads-hodgepodge-ad-61589d581d2636ac2a38.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-048164bed35c94f5e17a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
870981ad8d93bcec8b2a487ee4efb161adf0241410ecec1fcb33c14a994555e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:07:32 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:38 GMT
server
AmazonS3
x-amz-request-id
YHPG4XEBXP3J7026
x-amz-cf-pop
FRA53-C1
etag
W/"8faee19bb807b3a2874fa928075b1226"
age
225502
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
K2FmVo3yxqnOAqCnGSvMqVENFD7IeU-iHtVTcrrSDF9tv3WlMSMteA==
x-amz-id-2
vuNanSigU3fkikvrRjxZUFGmY2a0w09DJx6ygVmeVqrZH8fZc8KclvaXh9vpxKzJspPit/p8/DE=
pubads_impl_2022102401.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 20:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130586
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 08:37:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 26 Oct 2023 20:04:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		65 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ff8085ad02fa11d476c2329de7ee3df744e70655075a378a95b6a1e1278083b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71
x-xss-protection
0
expires
Wed, 26 Oct 2022 23:45:53 GMT
pbjs
useast.quantumdex.io/auction/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 26 Oct 2022 23:45:53 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
760711759d5990d4-FRA
access-control-allow-methods
POST, GET
hb.php
bid.glass/ad/ 		19 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.glass/ad/hb.php?src=prebid_prebid_7.18.0
Requested by
Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.20.35.44 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
bid.glass
Software
Apache /
Resource Hash
6a1aa3bcfd973ebc6bf69ae5551f82e379e0f362be2b09c3381857b41b1d97f3

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 26 Oct 2022 23:45:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.file.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.file.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=857866137634588&correlator=850119415285085&eid=31070566%2C44761478&output=ldjh&gdfp_req=1&vrg=2022102401&ptt=17&impl=fifs&iu_parts=22175459031%2Cfileio-halfpage-gallery-1%2Cfileio-halfpage-gallery-2%2Cfileio-halfpage-gallery-3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x600%2C300x600%2C300x600&ifi=1&adks=2093335146%2C3306312227%2C2065559030&sfv=1-0-38&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1666827953890&lmt=1666602342&dlt=1666827952200&idt=1364&adxs=393%2C806%2C1219&adys=328%2C328%2C328&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2FNfnG%2Fdownload%2FLD4HUmcyRMQo&frm=20&vis=1&psz=413x600%7C413x600%7C413x600&msz=300x600%7C300x600%7C300x600&fws=0%2C0%2C0&ohw=0%2C0%2C0&ga_vid=1302597383.1666827953&ga_sid=1666827954&ga_hid=685406938&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dadb86819722d7fd6a63e6ddd42b0f6935df1b65c0d348a9050a38aa390c2e8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
408
x-xss-protection
0
google-lineitem-id
-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b61927bde0f63801037c8c28a9c63068384377f8e6b544377eacc0eab55bcabd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11263
x-xss-protection
0
container.html
3b760e8a5a7275c4ef3cec6c6e4a3a3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2502 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3b760e8a5a7275c4ef3cec6c6e4a3a3f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 23:45:54 GMT
expires
Thu, 26 Oct 2023 23:45:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102401.js?cb=31070566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 23:45:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A8D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 20:09:05 GMT
expires
Thu, 26 Oct 2023 20:09:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F15F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
325d2356a103582375a4c17e33b98dee20328af535fc065fc6d8cf7efa0b8b3c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1NHXUUDABscaE3_9vS5fDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-1NHXUUDABscaE3_9vS5fDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 23:45:54 GMT
expires
Wed, 26 Oct 2022 23:45:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
pagead2.googlesyndication.com/bg/ Frame 5A8D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16118
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 17:17:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F15F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102401&jk=857866137634588&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5A8D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DbKwIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102401&jk=857866137634588&bg=!sLOls_fNAAZPh4lnb4c7ACkAdvg8WrCxUU8aow6yPB38hrb-M_qAuznEwWcGDL6V0O9mdoiENn-lbwIAAABQUgAAAApoAQcKAH07cM1K-0omkPUBlmV7_oTox3ctwpp4RhRoiFm585UfD7eAyb-BLB6FRZCAYuJgWMDTSk24sWHlQnRLtuDyptKp8ZO7X9qvzojvhVygwjOMuGJcIXpse4A6sP5nfYPF8PBZlqtDZCEcyLDCFhBhI60MZ5vFs3wfQEAezxcU5JkCnNzqru3_tBjjMtMcarEcWB_XqfzLYIfWDaSmk5a2pw4DO4H9wc0XT_CWIwv29-n9gFb6I1pENQjXNFDIAgjd6bvfEvbYc-Tg_Zd_6YYq3lMIY9G8rqHt8P32IcmtFoJT3ZS0mJF1aP-KnN3UhtQSW6cts-r2OENlmIqr0TrsgozMXwDfxysSMNHSOjcU6EqoBSgZkGmb1h4Nm8EXaEv5AtXmgv4rZ5-oh3_B4yGYSOhMGc4YFSXaP3Xou-La-35LUqh4cxZ0tRpWWsM020VNwa4h0IojHSgOzb-YNfy2oWHvHezltwZWXwbEyOnoUR6oukSRiYZcz9PjYBTKeayJM9GsVhy726-H3LtD7AU7PSEe4KwGeTtC3pEr3S7xSmSxepLqN4DTeBDiKPwpb-8u5Jj9U3u8NSLRvZs1utZwUJ04bnGL9C2GUUCqr0mDmFVLa4r3aM1f327HpEUb8ZNqNtorGs6yrA8n16X91X-vZpeaItrsvwCq3-YekkHjKa98q9-xAvegVwo6uK5-OhPFOhx5mNzU0XfmAVyQivgQK-c8ZW91buGQ9qVIe8U45DyfXwnqx6dk6Az-5kvma9-RF_Zt3W-sgcdYYjfw1p4WIe6aPH1cxgmRSm2G5u4A471LlBUy3vp0EfdrnOlAILMG6xGO5Sznw8XU6QjMRyjMNf-B51qpah0vN5sMf5D5NOdl2M5fchRQUU-kfniqF_VHLh7Mw9fywWL9H7a1u7ZPRnB9mmZI4EnCV7PJVZ1HVHgEH7TxgyYJYanwftdH93FwRn28r2izVhIT-sX5vhHn4MmJtji-XCMLF4ZCda1ya6xv83Ut8w_LqyRHTMLp9ae_uOKSB4vjF0BNfrFok714cVpQeyhM-X_hl4a8WFAe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
page-data.json
www.file.io/page-data/about/ 		0
615 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9J9D5YHVYVCVJPW
x-amz-cf-pop
FRA53-C1
etag
"cfb91ae7cd0473e276a9361907a683fc"
age
53366
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
147
x-amz-id-2
KSh/lgmJotrOtP5/L+3OG41Tm0i4SnWIvLKO99Rfq7U9DAYG6Z1+sy/+5LKbCiVET35HBccsWtc=
x-amz-cf-id
QGowFnkqReS7gU7bYFpMuoYBkuhXBy36IrmYYjcXRHEMO6vcJ3yCkQ==
page-data.json
www.file.io/page-data/plans/ 		0
607 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9JETX9DX1FCJDHP
x-amz-cf-pop
FRA53-C1
etag
"1022652c2bef86b84cb16cd11c50b2ca"
age
53365
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
141
x-amz-id-2
5FWnQzJKdaZjAs3gesviENfnq6EFDOUA0Ds+MFod12FxfhtQG69QGvNbQlukP8Fhnd2ghdZeRk8=
x-amz-cf-id
s586Zt4VK8RcxOh2mVNwOFSSjw21IyRS8L8yZGPudksH6xPoQq2eeQ==
page-data.json
www.file.io/page-data/signup/ 		0
603 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 15:12:30 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
2JYDKBXPAENJRG2P
x-amz-cf-pop
FRA53-C1
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
age
30806
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
137
x-amz-id-2
ylJlqxVtqc7QxHAdfHxZFG0B1+6eH/aCac09kFwdQHtp6cwlSI49I/uJCcu1DgYRb2pr5ALVbFI=
x-amz-cf-id
d0uzNKnV1llo1sxNV2gJ9QFs_seXixSS8b8YQ52IbXtFL-6-KOb_mw==
page-data.json
www.file.io/page-data/login/ 		0
600 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9JFHZYBE7G934TD
x-amz-cf-pop
FRA53-C1
etag
"4f561e1f747160f0e60849c13facafec"
age
53366
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
135
x-amz-id-2
8f+60HMSfNwvJw7kT6UzFRiJG2q4ELPRLybJ2AID558VcubH9zQWd/OHM+9CUmnucpmXeocGto4=
x-amz-cf-id
r5JB0P7MW4YnUSci6hGY9bc_TW6btxNlefdiQTrp5r42eiJunfmh9A==
page-data.json
www.file.io/page-data/about/ 		147 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9J9D5YHVYVCVJPW
x-amz-cf-pop
FRA53-C1
etag
"cfb91ae7cd0473e276a9361907a683fc"
age
53367
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
147
x-amz-id-2
KSh/lgmJotrOtP5/L+3OG41Tm0i4SnWIvLKO99Rfq7U9DAYG6Z1+sy/+5LKbCiVET35HBccsWtc=
x-amz-cf-id
iGO6OL02fplUZZKa7yG6wJNfKsjboNvr8ihwZR6WCTOoL_pGA1srqA==
page-data.json
www.file.io/page-data/signup/ 		137 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 15:12:30 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
2JYDKBXPAENJRG2P
x-amz-cf-pop
FRA53-C1
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
age
30807
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
137
x-amz-id-2
ylJlqxVtqc7QxHAdfHxZFG0B1+6eH/aCac09kFwdQHtp6cwlSI49I/uJCcu1DgYRb2pr5ALVbFI=
x-amz-cf-id
zkAZedgwYclvgmGQVMDaSXAQgv74UMwlBlniE0HW1czlFlpBFLbeJw==
page-data.json
www.file.io/page-data/login/ 		135 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9JFHZYBE7G934TD
x-amz-cf-pop
FRA53-C1
etag
"4f561e1f747160f0e60849c13facafec"
age
53367
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
135
x-amz-id-2
8f+60HMSfNwvJw7kT6UzFRiJG2q4ELPRLybJ2AID558VcubH9zQWd/OHM+9CUmnucpmXeocGto4=
x-amz-cf-id
_kDa9ivYMzWdOH6MEA0TOc_eUnakX7p4p7fMZ3qZI2jkk7w7lJB1rA==
page-data.json
www.file.io/page-data/plans/ 		141 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:56:30 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:44 GMT
server
AmazonS3
x-amz-request-id
F9JETX9DX1FCJDHP
x-amz-cf-pop
FRA53-C1
etag
"1022652c2bef86b84cb16cd11c50b2ca"
age
53366
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
content-length
141
x-amz-id-2
5FWnQzJKdaZjAs3gesviENfnq6EFDOUA0Ds+MFod12FxfhtQG69QGvNbQlukP8Fhnd2ghdZeRk8=
x-amz-cf-id
zDXuMRE99l6eUHvnl5tp-rqWIqKXjiVLX6sjsvaCAL8w4EwvduJvPQ==
component---src-pages-plans-index-js-96d405d5fd543f9313a9.js
www.file.io/ 		0
943 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-plans-index-js-96d405d5fd543f9313a9.js
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:09:59 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:41 GMT
server
AmazonS3
x-amz-request-id
RM65436RZYTKGM53
x-amz-cf-pop
FRA53-C1
etag
"8139bb6ed64141936a03214f930ef478"
age
225358
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
473
x-amz-id-2
QiTR0QXWm/mCtV+if8INBihD7+Qz1UqII0v8L9usJ7GJ7c49SqxQmekXZ6MX/he/9mYkfbwN+5I=
x-amz-cf-id
LcY0C4Rmk1U8CeWqmVg46wUKnAMaWaBXBJgRwRUiAyYYXfqthbCQxQ==
component---src-pages-login-js-8b4ef13d8d99765162da.js
www.file.io/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-login-js-8b4ef13d8d99765162da.js
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:15 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:41 GMT
server
AmazonS3
x-amz-request-id
B7R1SJGZTRXMPQZX
x-amz-cf-pop
FRA53-C1
etag
W/"42d35658c40d04d6d2845a41aded67f8"
age
225462
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
stzXcTqo-AtRnJ-pzgZUN6svb5QkL_rw5CVMGIUqwVNFMOKRFC2Chg==
x-amz-id-2
+5abAOeyBkZnZRrQ+EvIMb02ALT/cm4+O6c6tudEYBdHnXW5BHzFN0wUvZj7z1gGQqGJeBjdOTE=
component---src-pages-about-js-84374eec6d3399a16108.js
www.file.io/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-about-js-84374eec6d3399a16108.js
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 04:23:09 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:39 GMT
server
AmazonS3
x-amz-request-id
E5BPFTGEKQTEG3QS
x-amz-cf-pop
FRA53-C1
etag
W/"d57f30a1cae8ec119e561c026feb5e75"
age
69768
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
DN2DMfLVhpAHxuSWQERCHBzz4leUj_DGTbodAYaj9pcyKMNG9uzPIw==
x-amz-id-2
YsGK8j6hZjyRDWR4vfDHLIlk7EpMwg/q/e5/KowQoXUL53+9NyFPGfmsxxrjS2poOt1r3vNoJ4E=
component---src-pages-signup-js-1a83f5fd1238ade6fa23.js
www.file.io/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-signup-js-1a83f5fd1238ade6fa23.js
Requested by
Host: www.file.io
URL: https://www.file.io/app-438588750f6b6905c6ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/NfnG/download/LD4HUmcyRMQo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 09:08:15 GMT
content-encoding
br
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 09:05:42 GMT
server
AmazonS3
x-amz-request-id
B7RBSF5MRZCDY1HQ
x-amz-cf-pop
FRA53-C1
etag
W/"095f55f0ba100895ad857054e6e6b681"
age
225462
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
zxyaqaRw9z8ssM0uJsPHS8PUVX_6LmTHFU1rlsiowwdN04Mq93vuwg==
x-amz-id-2
RH8kvY01kCV8Ls4t5OiglMqKDBWGxen+vK7RSB5lQhuQHWXFGWxAqt8GWeCjaAJVYyrualRTXcs=
pbjs
sync.quantumdex.io/usersync/ Frame B982 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: www.file.io
URL: https://www.file.io/scripts/prebid7.18.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edd57f57f39e89a40158c8ff6504a6b3e8848949244e2424d3b1addae4ccef83

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7607118aae9490d4-FRA
content-encoding
gzip
content-type
text/html
date
Wed, 26 Oct 2022 23:45:56 GMT
server
cloudflare
/
s.ad.smaato.net/c/ Frame B982 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:de00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
cache-control
no-cache, must-revalidate
via
1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
IWc0bBnzjfw-PcQdx2DledOJfLJqw78qGB8bezyxviWdsyFsEyQrdw==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame B982
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9106725087360768925
43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9106725087360768925
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7607118c0fb790d4-FRA
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:45:57 GMT
AN-X-Request-Uuid
754b77c0-4ceb-4f0b-a6d2-388a5d7de4b2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=9106725087360768925
Connection
keep-alive
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame B982
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=3589106e-863a-522c-bfac-2c47dcf5eaf2
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=3589106e-863a-522c-bfac-2c47dcf5eaf2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7607118e79de90d4-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=3589106e-863a-522c-bfac-2c47dcf5eaf2
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
ap.lijit.com/ Frame B982 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Oct 2022 23:45:57 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
0.gif
id5-sync.com/i/495/ Frame B982 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 26 Oct 2022 23:45:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
v1
match.sharethrough.com/FGMrCMMc/ Frame B982 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.142.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-142-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
setuid
sync.quantumdex.io/ Frame B982
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9yeXaClE2uHOwlZeHYlm1CBXCLkBcJSffBz2Gxg-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9yeXaClE2uHOwlZeHYlm1CBXCLkBcJSffBz2Gxg-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7607118c3fe490d4-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-9yeXaClE2uHOwlZeHYlm1CBXCLkBcJSffBz2Gxg-~A
date
Wed, 26 Oct 2022 23:45:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame B982
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7607118c4feb90d4-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 26 Oct 2022 23:45:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Wed, 26 Oct 2022 23:45:57 GMT
setuid
sync.quantumdex.io/ Frame B982
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-0f0144ca-4260-37a5-9251-50043db9457b
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-0f0144ca-4260-37a5-9251-50043db9457b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7607118f0a5090d4-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-0f0144ca-4260-37a5-9251-50043db9457b
pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
usermatch
ssum-sec.casalemedia.com/ Frame 5A58
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691bbf76b877ebff0d846d4002de1c93f46d275d8c76c8e04142803d36a96d09

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7607118c3880bbf5-FRA
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 23:45:57 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7607118beb315c14-FRA
content-length
0
date
Wed, 26 Oct 2022 23:45:57 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4751 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=37307
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 23:45:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 27 Oct 2022 10:07:44 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E439
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 26 Oct 2022 23:45:57 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 26 Oct 2022 23:45:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 3866 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 4864 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4751 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81518893&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f740042c9deea3a60aba6c6fcbbdbd529ec7cbcb65a2c5fe107ad4412e3d4639

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 23:45:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame E439 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 23:45:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72819
Connection
keep-alive
Content-Length
9454
Expires
Thu, 27 Oct 2022 19:59:36 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5A58 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 5A58
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:45:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z11K57DKXAJ79J6E0N20
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:45:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X9BC15CW1N7HKJD7K1H0
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5A58
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1nGtTdhG2DXqr.jnIxu6AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM8kf6F2OG53Hv3ibR7lyiE&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM8kf6F2OG53Hv3ibR7lyiE&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:45:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM8kf6F2OG53Hv3ibR7lyiE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5A58
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFlsq55hm1WotY-Vu99slI8&google_cver=1
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFlsq55hm1WotY-Vu99slI8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7607118d09e8bbf5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFlsq55hm1WotY-Vu99slI8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5A58 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:e223:977f:5d30:1217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame 5A58
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9106725087360768925
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9106725087360768925
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:45:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:45:57 GMT
AN-X-Request-Uuid
192fe488-548e-4096-a4d6-8bcd1dd82265
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9106725087360768925
Connection
keep-alive
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5A58
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB
43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
2a05:d018:d29:3602:e223:977f:5d30:1217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB
date
Wed, 26 Oct 2022 23:45:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 5A58
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 23:45:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Wed, 26 Oct 2022 23:45:57 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
setuid
sync.quantumdex.io/ Frame 5A58 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Y1nGtTdhG2DXqr-jnIxu6AAABLsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7607118c881f90d4-FRA
content-length
43
content-type
image/gif
khaos.jpg
token.rubiconproject.com/ Frame E439 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame C07D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=37FFAB02-EABB-42CC-AD91-550DA4714A46
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=37FFAB02-EABB-42CC-AD91-550DA4714A46
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=37FFAB02-EABB-42CC-AD91-550DA4714A46
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 26 Oct 2022 23:45:57 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 26 Oct 2022 23:45:57 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=37FFAB02-EABB-42CC-AD91-550DA4714A46
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame A0A4
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6872095075714925312
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6872095075714925312
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:45:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6872095075714925312
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 410A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fcb46359-c6b5-4000-9355-f1c3a747ece0&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fcb46359-c6b5-4000-9355-f1c3a747ece0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:45:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 26 Oct 2022 23:45:57 GMT
Expires
Wed, 26 Oct 2022 23:45:56 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master cdg-pixel-x11 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fcb46359-c6b5-4000-9355-f1c3a747ece0&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 038F 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::22 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 23:45:56 GMT
expires
Wed, 26 Oct 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
571006
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame B663
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9106725087360768925&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9106725087360768925&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:45:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
3fee1763-4240-44d9-8184-83615a5cff87
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Oct 2022 23:45:57 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9106725087360768925&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 99D7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=37FFAB02-EABB-42CC-AD91-550DA4714A46&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=37FFAB02-EABB-42CC-AD91-550DA4714A46&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=37FFAB02-EABB-42CC-AD91-550DA4714A46&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 26 Oct 2022 23:45:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4GR51RJFHF7JFHYZS76D

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 26 Oct 2022 23:45:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=37FFAB02-EABB-42CC-AD91-550DA4714A46&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
R1662KSGHYBZ5CSHZZYV
setuid
sync.quantumdex.io/ Frame 7AC5 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=37FFAB02-EABB-42CC-AD91-550DA4714A46
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7607118cc84590d4-FRA
content-length
43
content-type
image/gif
date
Wed, 26 Oct 2022 23:45:57 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4751
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N_-rAuq7QsytkVUNpHFKRg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=37307
accept-ranges
bytes
content-length
5549
expires
Thu, 27 Oct 2022 10:07:44 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 4751
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=29c36359-c6b5-4700-bcd4-0eee200309cc
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=29c36359-c6b5-4700-bcd4-0eee200309cc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 26 Oct 2022 23:45:57 GMT
Server
MT3 4539 98cc2da master cdg-pixel-x31 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=29c36359-c6b5-4700-bcd4-0eee200309cc
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 Oct 2022 23:45:56 GMT
generic
match.adsrvr.org/track/cmf/ Frame 4751
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=37FFAB02-EABB-42CC-AD91-550DA4714A46
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4751
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzdGRkFCMDItRUFCQi00MkNDLUFEOTEtNTUwREE0NzE0QTQ2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:45:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4751
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELeZwAGtc37bUCHLtcJccWI&google_cver=1
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELeZwAGtc37bUCHLtcJccWI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:45:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELeZwAGtc37bUCHLtcJccWI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4751 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 23:45:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 25 Oct 2022 23:45:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4751
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8509228754897665545
42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8509228754897665545
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 26 Oct 2022 23:45:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8509228754897665545
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 4751 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Oct 2022 23:45:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame E439 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga string| pagePath string| ___webpackCompilationHash object| ___chunkMapping object| __LOADABLE_LOADED_CHUNKS__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| pbjsChunk object| pbjs object| _pbjsGlobals object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| slots object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

47 Cookies

Domain/Path Name / Value
.file.io/ Name: _ga
Value: GA1.2.1302597383.1666827953
.file.io/ Name: _gid
Value: GA1.2.140227620.1666827953
.file.io/ Name: _gat
Value: 1
.quantumdex.io/ Name: uid
Value: cdbf8d60-eca3-41d5-a08a-b889678571e5
.file.io/ Name: __gads
Value: ID=5b621ff6d63df30f-223aecac5ace000a:T=1666827953:S=ALNI_MZlbKNZuZs6IdlVes_1Zh-mRux33w
.file.io/ Name: __gpi
Value: UID=00000b78aa55c2e7:T=1666827953:RT=1666827953:S=ALNI_MbdZRuzrAxpD433mJEar4jdm-kkYQ
.adnxs.com/ Name: uuid2
Value: 9106725087360768925
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.yahoo.com/ Name: A3
Value: d=AQABBLXGWWMCEA0_ZwH3r4ChYqHYmRw8qk4FEgEBAQEYW2NjYwAAAAAA_eMAAA&S=AQAAAmEwhrVGIwyLfch6aFwmv6M
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMID
Value: Y1nGtTdhG2DXqr.jnIxu6AAA
.casalemedia.com/ Name: CMPS
Value: 1211
.casalemedia.com/ Name: CMPRO
Value: 1211
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.analytics.yahoo.com/ Name: IDSYNC
Value: "192w~27xz:175w~27xz"
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 37FFAB02-EABB-42CC-AD91-550DA4714A46
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1667952000%3A201_197_219%7C1666828800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1667952000%3A161_7_21_13_56_54_3_251_220%7C1668038400%3A35
.doubleclick.net/ Name: IDE
Value: AHWqTUnznjCsW6UT5oZLxHlAUZSWBwKk-zutjjz9xeQ-PK9XoZtmGtnnd-EkUrclJr8
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: CEF784D253DE48B896DDD08330371959
.casalemedia.com/ Name: CMTS
Value: 2235
.adform.net/ Name: uid
Value: 8509228754897665545
.de17a.com/ Name: guid
Value: 1.6872095075714925312
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8509228754897665545&KRTB&23263-8509228754897665545
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 3589106e-863a-522c-bfac-2c47dcf5eaf2
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: Y1nGtQAHibAcGdqRQjk-Ve7QODRXLc4muNynSQ==
.onaudience.com/ Name: cookie
Value: 0b65fa2c227bfa20
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-9106725087360768925&KRTB&23339-9106725087360768925
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6872095075714925312
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELeZwAGtc37bUCHLtcJccWI&KRTB&16514-CAESELeZwAGtc37bUCHLtcJccWI&KRTB&23025-CAESELeZwAGtc37bUCHLtcJccWI&KRTB&23386-CAESELeZwAGtc37bUCHLtcJccWI
.mathtag.com/ Name: uuid
Value: 29c36359-c6b5-4700-bcd4-0eee200309cc
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-0f0144ca-4260-37a5-9251-50043db9457b
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:fcb46359-c6b5-4000-9355-f1c3a747ece0&KRTB&16736-uid:fcb46359-c6b5-4000-9355-f1c3a747ece0&KRTB&23019-uid:fcb46359-c6b5-4000-9355-f1c3a747ece0&KRTB&23208-uid:fcb46359-c6b5-4000-9355-f1c3a747ece0
.pubmatic.com/ Name: PugT
Value: 1666827957
.amazon-adsystem.com/ Name: ad-id
Value: A3OzG1K_A0bQrc8zB98RqDY|t

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b760e8a5a7275c4ef3cec6c6e4a3a3f.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
bid.glass
c1.adform.net
cm.g.doubleclick.net
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
file.io
gu.dyntrk.com
hbx.media.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsrvr.org
match.sharethrough.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pr-bh.ybp.yahoo.com
s.ad.smaato.net
s.amazon-adsystem.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssp.disqus.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.mathtag.com
sync.quantumdex.io
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
www.file.io
www.google-analytics.com
www.google.com
www.googletagservices.com
104.18.19.126
135.125.160.160
141.95.33.111
143.204.215.16
15.197.193.217
15.235.15.221
172.217.18.2
18.156.0.31
185.29.134.244
185.64.189.110
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
188.42.196.115
213.155.156.183
213.19.147.44
23.203.77.3
23.35.228.23
2600:9000:224a:de00:1b:5138:8a40:93a1
2606:4700:10::6816:2460
2a00:1450:4001:806::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9d
2a02:2638::22
2a05:d018:d29:3602:e223:977f:5d30:1217
3.213.81.213
3.65.142.183
34.238.96.202
34.91.62.186
37.157.3.28
37.252.172.249
51.75.86.98
52.46.130.91
54.239.38.253
64.20.35.44
69.173.144.138
69.173.151.100
72.251.249.14
88.221.168.201
96.16.141.156
10dcaaf69bd430ace51c25e2c8a0d676faaedf2bce0acabaa1def47c7bcc0ad3
15a6c1f335e08bfbef5ddca3572088dfa897eaa5a7c020885e33a73e769e2833
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
27b75a7887b7fd3716f7abff1ede95e77201eab7cbb4cc167d250c2082a56871
280d9cb374b03e01072f2db3b7f1dd3c2d767e601c52212d7393f4f7158a08dd
2c6c40892eeac45630835e71ea88a7bee39454223bc54fdeae25ed642cb11a6f
3176130038be20ee8b06cd5fe0581a5af3cc00ad74fbe357bf912dbf597e354c
325d2356a103582375a4c17e33b98dee20328af535fc065fc6d8cf7efa0b8b3c
3bfbb8f42b3e79f5e8093d4459dbc75d1c9cb481c5c13c31b34ffc1890f0b787
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59bf619f845b59cb0bc97aa5f41941975609d290501243e71716c429c817f560
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3
5ff8085ad02fa11d476c2329de7ee3df744e70655075a378a95b6a1e1278083b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
691bbf76b877ebff0d846d4002de1c93f46d275d8c76c8e04142803d36a96d09
6a1aa3bcfd973ebc6bf69ae5551f82e379e0f362be2b09c3381857b41b1d97f3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79bbd067eff59b0e77f2c105b6a23129e341e4e0ed12a27e2618216fc1e850e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
870981ad8d93bcec8b2a487ee4efb161adf0241410ecec1fcb33c14a994555e8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1
94a057fa3a8cb5ddac308191c23926e496ed8874cc71e6640806a09760e6732a
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b61927bde0f63801037c8c28a9c63068384377f8e6b544377eacc0eab55bcabd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c7dd5d81b2a12deebfebb565d485ebb7b1743b91a015bcf14bd8bbdbff89e678
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769
dadb86819722d7fd6a63e6ddd42b0f6935df1b65c0d348a9050a38aa390c2e8c
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5696f49866f8b8b992cc17fa5648557237c3f6495096f6b516967052748c938
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a
edd57f57f39e89a40158c8ff6504a6b3e8848949244e2424d3b1addae4ccef83
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f740042c9deea3a60aba6c6fcbbdbd529ec7cbcb65a2c5fe107ad4412e3d4639
fb26ba7d6c1e90849f333847be322f55b4de508d294467d7c8a7f1cd70d366f0
fdf482b1595dea6b2f3db2b253bca64e053aabbdf23a0b2fb5cc40d9e0c745ed