urlscan.io logo urlscan.io
SecurityTrails logo

www.file.io Open in urlscan Pro
143.204.215.24  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://file.io/ykjpOJwlvDHB
Effective URL: https://www.file.io/deleted
Submission: On January 30 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 13 countries across 76 domains to perform 329 HTTP transactions. The main IP is 143.204.215.24, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io. The Cisco Umbrella rank of the primary domain is 931445.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 25th 2023. Valid for: a year.
This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 107.23.246.142 14618 (AMAZON-AES)
37 143.204.215.24 16509 (AMAZON-02)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:402... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
8 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 15 185.89.211.84 29990 (ASN-APPNEX)
5 185.86.138.16 201081 (SMARTADSE...)
15 52.28.203.152 16509 (AMAZON-02)
2 18.194.241.108 16509 (AMAZON-02)
1 185.255.84.150 200271 (IGUANE-)
5 52.31.186.144 16509 (AMAZON-02)
8 185.64.189.112 62713 (AS-PUBMATIC)
1 4 147.75.85.234 54825 (PACKET)
7 69.16.175.42 20446 (STACKPATH...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 69.16.175.10 20446 (STACKPATH...)
9 44.209.110.138 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.80.246.179 14618 (AMAZON-AES)
8 2a00:1450:400... 15169 (GOOGLE)
1 52.0.141.180 14618 (AMAZON-AES)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 138.199.36.10 60068 (CDN77 ^_^)
1 52.31.12.122 16509 (AMAZON-02)
10 173.223.112.191 16625 (AKAMAI-AS)
1 185.64.189.221 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
2 9 185.64.190.78 62713 (AS-PUBMATIC)
3 3 35.214.223.115 15169 (GOOGLE)
5 52.202.226.14 14618 (AMAZON-AES)
1 185.86.139.94 201081 (SMARTADSE...)
1 2 2.18.79.136 20940 (AKAMAI-ASN1)
1 2603:c020:400... 31898 (ORACLE-BM...)
1 72.251.249.9 32475 (SINGLEHOP...)
3 4 18.156.0.31 16509 (AMAZON-02)
1 1 104.96.145.246 16625 (AKAMAI-AS)
4 104.87.175.132 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 51.89.9.252 16276 (OVH)
4 4 198.148.27.139 19189 (PULSEPOINT)
3 3.64.134.215 16509 (AMAZON-02)
8 10 18.195.128.19 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
25 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.180 1299 (TWELVE99 ...)
7 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 4 54.239.38.253 16509 (AMAZON-02)
9 11 142.250.201.194 15169 (GOOGLE)
2 3 35.204.158.49 396982 (GOOGLE-CL...)
2 5 37.157.3.30 198622 (ADFORM)
7 35.71.131.137 16509 (AMAZON-02)
3 18.156.195.47 16509 (AMAZON-02)
3 3.68.23.185 16509 (AMAZON-02)
3 185.94.180.124 35220 (SPOTX-AMS)
5 5 213.19.147.45 3356 (LEVEL3)
5 8 69.173.144.138 26667 (RUBICONPR...)
1 8.43.72.98 26667 (RUBICONPR...)
1 52.46.155.104 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
4 162.19.138.116 16276 (OVH)
2 141.95.98.65 16276 (OVH)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 2600:1901:0:8... 15169 (GOOGLE)
2 178.250.0.157 44788 (ASN-CRITE...)
2 76.223.111.18 16509 (AMAZON-02)
3 151.101.65.108 54113 (FASTLY)
4 198.47.127.20 3257 (GTT-BACKB...)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
3 3 44.205.120.122 14618 (AMAZON-AES)
4 6 151.101.194.49 54113 (FASTLY)
15 15 54.229.240.67 16509 (AMAZON-02)
3 3 185.86.137.131 201081 (SMARTADSE...)
4 4 141.94.171.212 16276 (OVH)
4 34.252.135.184 16509 (AMAZON-02)
6 6 35.201.96.126 15169 (GOOGLE)
3 185.64.190.87 62713 (AS-PUBMATIC)
2 2 52.209.54.253 16509 (AMAZON-02)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 98.98.134.243 21859 (ZEN-ECN)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 195.5.165.20 44968 (IPROM-AS)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 162.55.120.196 24940 (HETZNER-AS)
2 35.186.193.173 15169 (GOOGLE)
2 2 141.94.161.158 16276 (OVH)
2 2 141.94.171.214 16276 (OVH)
2 2 159.65.197.210 14061 (DIGITALOC...)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
2 2 185.83.142.19 29990 (ASN-APPNEX)
2 2 54.78.254.47 16509 (AMAZON-02)
2 63.251.232.170 ()
2 4 77.243.60.138 ()
2 2606:4700:10:... ()
2 4 52.203.53.149 ()
4 4 34.111.129.221 ()
2 34.111.131.239 ()
329 87
1    107.23.246.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-246-142.compute-1.amazonaws.com
file.io
37    143.204.215.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-24.fra53.r.cloudfront.net
www.file.io
3    2400:52e0:1e00::1078:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
hb.vntsm.com
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    2600:9000:2057:fe00:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)
d1oykxszdrgjgl.cloudfront.net
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
8    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
15    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
15    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
web.ssp.yahoo.com
c2shb.pubgw.yahoo.com
2    18.194.241.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-241-108.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
5    52.31.186.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-186-144.eu-west-1.compute.amazonaws.com
ad.360yield.com
8    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
7    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
tg1.aniview.com
player.aniview.com
1    2a02:26f0:3500:c::5c7b:6822 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
feed.avplayer.com
5    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
player.avplayer.com
content1.avplayer.com
9    44.209.110.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-110-138.compute-1.amazonaws.com
track1.aniview.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
7    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
7    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)
e50cebfacb1b4bc0f18497a6f10fb44d.safeframe.googlesyndication.com
2    54.80.246.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-246-179.compute-1.amazonaws.com
track1.avplayer.com
8    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    52.0.141.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-141-180.compute-1.amazonaws.com
go1.aniview.com
3    2a00:1450:400d:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    138.199.36.10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-10.bunnyinfra.net
cdn1.vntsm.com
1    52.31.12.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-12-122.eu-west-1.compute.amazonaws.com
track.venatusmedia.com
10    173.223.112.191 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-112-191.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    185.64.189.221 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
5    52.202.226.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-226-14.compute-1.amazonaws.com
sync.aniview.com
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    2.18.79.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2603:c020:400d:3000:d7b5:8a93:2d80:f113 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.87.175.132 (Warsaw, Poland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-175-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
4    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    3.64.134.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-134-215.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
10    18.195.128.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-128-19.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
25    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
11    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
cm.g.doubleclick.net
3    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
5    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
3    3.68.23.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-23-185.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
3    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
5    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    2a05:d018:d29:3601:ebfb:2347:dbfe:4c27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
image4.pubmatic.com
3    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    44.205.120.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-120-122.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
15    54.229.240.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-240-67.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
4    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
4    34.252.135.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-135-184.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
6    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
3    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    52.209.54.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-54-253.eu-west-1.compute.amazonaws.com
r.scoota.co
3    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
3    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
4    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    141.94.161.158 (France)

ASN16276 (OVH, FR)
PTR: bixel-1.cloudy.ovh
green.erne.co
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel-eu.onaudience.com
2    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    63.251.232.170 (None, )

ASN- ()
cm.adgrx.com
4    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
2    2606:4700:10::ac43:db6 (None, )

ASN- ()
mwzeom.zeotap.com
4    52.203.53.149 (None, )

ASN- ()
a.audrte.com
4    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
2    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
Apex Domain
Subdomains		 Transfer
67 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450
ads.pubmatic.com — Cisco Umbrella Rank: 463
st.pubmatic.com — Cisco Umbrella Rank: 1056
image6.pubmatic.com — Cisco Umbrella Rank: 733
simage2.pubmatic.com — Cisco Umbrella Rank: 665
image2.pubmatic.com — Cisco Umbrella Rank: 872
simage4.pubmatic.com — Cisco Umbrella Rank: 1166
aud.pubmatic.com — Cisco Umbrella Rank: 4113
image4.pubmatic.com — Cisco Umbrella Rank: 941
125 KB
38 file.io
file.io — Cisco Umbrella Rank: 360392
www.file.io — Cisco Umbrella Rank: 931445
979 KB
26 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1129
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
web.ssp.yahoo.com — Cisco Umbrella Rank: 2704
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 816
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
6 KB
25 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
211 KB
22 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 8177
track1.aniview.com — Cisco Umbrella Rank: 1753
player.aniview.com — Cisco Umbrella Rank: 1783
go1.aniview.com — Cisco Umbrella Rank: 4770
sync.aniview.com — Cisco Umbrella Rank: 2167
270 KB
20 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 842
eus.rubiconproject.com — Cisco Umbrella Rank: 537
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4701
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 900
token.rubiconproject.com — Cisco Umbrella Rank: 548
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1079
pixel.rubiconproject.com — Cisco Umbrella Rank: 308
27 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
acdn.adnxs.com — Cisco Umbrella Rank: 534
secure.adnxs.com — Cisco Umbrella Rank: 409
68 KB
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
e50cebfacb1b4bc0f18497a6f10fb44d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
188 KB
15 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 470
7 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
3 KB
9 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1538
ssbsync.smartadserver.com — Cisco Umbrella Rank: 782
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 560
5 KB
8 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 10800
player.avplayer.com — Cisco Umbrella Rank: 8915
track1.avplayer.com — Cisco Umbrella Rank: 9553
content1.avplayer.com — Cisco Umbrella Rank: 12325
90 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
2 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9092
3 KB
6 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
1 KB
6 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3641
3 KB
6 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2833
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13267
3 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 556
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 568
2 KB
5 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
4 KB
5 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 696
gum.criteo.com — Cisco Umbrella Rank: 388
mug.criteo.com — Cisco Umbrella Rank: 2753
2 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 507 Failed
2 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 650
826 B
4 audrte.com
a.audrte.com
2 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1733
2 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 757
1 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 389
2 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 522
3 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 882
737 B
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 499
eb2.3lift.com — Cisco Umbrella Rank: 329
1 KB
4 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 23236
cdn1.vntsm.com — Cisco Umbrella Rank: 237910
447 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 601
573 B
3 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3016
310 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401
2 KB
3 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 578
3 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 767
2 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 835
734 B
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3735
73 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
2 zeotap.com
mwzeom.zeotap.com
615 B
2 adgrx.com
cm.adgrx.com
563 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 26108
2 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3445
677 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 748
1 KB
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1938
1 KB
2 erne.co
green.erne.co — Cisco Umbrella Rank: 16334
824 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5049
573 B
2 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5624
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5207
554 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
1 KB
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 31116
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1097
796 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4143
562 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 629
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8741
696 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2192
25 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1340
104 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1656
247 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 353
708 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 632
588 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
725 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
1 openx.net
u.openx.net — Cisco Umbrella Rank: 640
304 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 592
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1204
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
48 KB
1 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 27549
162 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3472
526 B
1 cloudfront.net
d1oykxszdrgjgl.cloudfront.net
42 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 912
939 B
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 30488
672 B
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
329 76
Domain Requested by
37 www.file.io www.file.io
d1oykxszdrgjgl.cloudfront.net
hb.vntsm.com
25 simage2.pubmatic.com ads.pubmatic.com
15 match.prod.bidr.io 15 redirects
15 ib.adnxs.com 6 redirects hb.vntsm.com
acdn.adnxs.com
11 cm.g.doubleclick.net 9 redirects eus.rubiconproject.com
10 x.bidswitch.net 8 redirects
10 ads.pubmatic.com www.file.io
d1oykxszdrgjgl.cloudfront.net
9 image6.pubmatic.com 2 redirects ads.pubmatic.com
9 track1.aniview.com player.aniview.com
9 c2shb.ssp.yahoo.com hb.vntsm.com
8 tpc.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
googleads.g.doubleclick.net
8 hbopenbid.pubmatic.com hb.vntsm.com
8 securepubads.g.doubleclick.net d1oykxszdrgjgl.cloudfront.net
hb.vntsm.com
7 match.adsrvr.org ads.pubmatic.com
eus.rubiconproject.com
hb.vntsm.com
7 image2.pubmatic.com ads.pubmatic.com
7 pagead2.googlesyndication.com hb.vntsm.com
tpc.googlesyndication.com
d1oykxszdrgjgl.cloudfront.net
www.google.com
googleads.g.doubleclick.net
www.googletagservices.com
7 mc.yandex.com 3 redirects
6 visitor.fiftyt.com 6 redirects
6 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
6 c2shb.pubgw.yahoo.com hb.vntsm.com
6 player.aniview.com www.file.io
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 c1.adform.net 2 redirects ads.pubmatic.com
5 sync.1rx.io hb.vntsm.com
5 sync.aniview.com www.file.io
5 googleads.g.doubleclick.net www.file.io
d1oykxszdrgjgl.cloudfront.net
googleads.g.doubleclick.net
5 ad.360yield.com hb.vntsm.com
5 prg.smartadserver.com hb.vntsm.com
4 cr.frontend.weborama.fr 4 redirects
4 a.audrte.com 2 redirects
4 uipglob.semasio.net 2 redirects
4 sync.crwdcntrl.net ads.pubmatic.com
4 pixel.onaudience.com 4 redirects
4 id5-sync.com hb.vntsm.com
4 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
eus.rubiconproject.com
4 bh.contextweb.com 4 redirects
4 eus.rubiconproject.com www.file.io
eus.rubiconproject.com
4 ups.analytics.yahoo.com 3 redirects www.file.io
4 content1.avplayer.com
4 prebid.a-mo.net 1 redirects hb.vntsm.com
3 pixel-sync.sitescout.com ads.pubmatic.com
3 pubmatic-match.dotomi.com ads.pubmatic.com
3 image4.pubmatic.com
3 aud.pubmatic.com
3 rtb-csync.smartadserver.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 acdn.adnxs.com d1oykxszdrgjgl.cloudfront.net
3 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
3 search.spotxchange.com hb.vntsm.com
3 prebid-server.rubiconproject.com hb.vntsm.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 optimized-by.rubiconproject.com d1oykxszdrgjgl.cloudfront.net
3 web.ssp.yahoo.com d1oykxszdrgjgl.cloudfront.net
3 csync.loopme.me 3 redirects
3 www.google.com 1 redirects d1oykxszdrgjgl.cloudfront.net
googleads.g.doubleclick.net
3 mc.yandex.ru 2 redirects hb.vntsm.com
3 www.google-analytics.com www.file.io
www.google-analytics.com
3 hb.vntsm.com www.file.io
hb.vntsm.com
2 idsync.frontend.weborama.fr
2 mwzeom.zeotap.com ads.pubmatic.com
2 cm.adgrx.com ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 secure.adnxs.com 2 redirects
2 ads.playground.xyz 2 redirects
2 ad.turn.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 green.erne.co 2 redirects
2 ipac.ctnsnet.com ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 core.iprom.net ads.pubmatic.com
2 p.rfihub.com 2 redirects
2 r.scoota.co 2 redirects
2 eb2.3lift.com d1oykxszdrgjgl.cloudfront.net
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 lb.eu-1-id5-sync.com hb.vntsm.com
2 d5p.de17a.com 2 redirects
2 ads.stickyadstv.com 1 redirects www.file.io
2 track1.avplayer.com
2 adservice.google.com d1oykxszdrgjgl.cloudfront.net
2 adservice.google.de d1oykxszdrgjgl.cloudfront.net
2 tlx.3lift.com hb.vntsm.com
2 script.4dex.io d1oykxszdrgjgl.cloudfront.net
2 i.clean.gg d1oykxszdrgjgl.cloudfront.net
1 simage4.pubmatic.com ads.pubmatic.com
1 lexicon.33across.com hb.vntsm.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 s.amazon-adsystem.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 onetag-sys.com www.file.io
1 u.openx.net www.file.io
1 secure-assets.rubiconproject.com 1 redirects
1 ap.lijit.com www.file.io
1 sync.technoratimedia.com www.file.io
1 ssbsync.smartadserver.com www.file.io
1 www.googletagservices.com googleads.g.doubleclick.net
1 st.pubmatic.com www.file.io
1 track.venatusmedia.com hb.vntsm.com
1 cdn1.vntsm.com www.file.io
1 go1.aniview.com hb.vntsm.com
1 e50cebfacb1b4bc0f18497a6f10fb44d.safeframe.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
1 player.avplayer.com d1oykxszdrgjgl.cloudfront.net
1 feed.avplayer.com hb.vntsm.com
1 tg1.aniview.com d1oykxszdrgjgl.cloudfront.net
1 hb-api.omnitagjs.com hb.vntsm.com
1 d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
1 ad-delivery.net hb.vntsm.com
1 hb.vntsm.io hb.vntsm.com
1 stats.g.doubleclick.net www.google-analytics.com
1 file.io 1 redirects
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 api.rlcdn.com Failed hb.vntsm.com
329 120

This site contains links to these domains. Also see Links.

Domain
mrcowboy.com
bid.glass
twitter.com
www.facebook.com
www.reddit.com
www.linkedin.com
github.com
Subject Issuer Validity Valid
*.file.io
Amazon RSA 2048 M01		 2023-01-25 -
2024-02-23		 a year crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-06		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-01-28 -
2023-04-28		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.aniview.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-07-14 -
2023-08-14		 a year crt.sh
outstreamedia.com
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.venatusmedia.com
Amazon RSA 2048 M02		 2023-01-24 -
2024-02-22		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-12-21 -
2023-03-21		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 80 frames:

Primary Page: https://www.file.io/deleted
Frame ID: 7BB9831993EE993B9CF6745CF64DFBEC
Requests: 164 HTTP requests in this frame

Frame: https://e50cebfacb1b4bc0f18497a6f10fb44d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8D47DCE7D3D7E638B9F3B9667428DD5
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Frame ID: 411CF6DF0E5B91882409CC5EB004CEAF
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 25795E4B973CE9DFC199D040EA7BB65B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38B1C61C78D95F9F56E37E213706C834
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Frame ID: 74FFA222B0A0D8EBF3ADCB9E4EACB87A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: F09180BEF4AC21A98926C82819C584CE
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.vntsm.com/TimeBucks/970x250.jpg
Frame ID: 212DA351140D7C6EE629B19646DE78D7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 146A1E77F56BF4B8E53A370CEA3D4A69
Requests: 8 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=159234&siteId=703967&adId=2886235&imprId=491CC990-AE53-4843-921D-C3DBA2C9BEC4&cksum=7445F230F8D131AD&adType=10&adServerId=243&kefact=0.011765&kaxefact=0.011765&kadNetFrequecy=0&kadwidth=970&kadheight=250&kadsizeid=32&kltstamp=1675072535&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.012743&dcId=3&tldId=0&passback=0&svr=BID22622U&adsver=_16601138&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=F5TXYxOFBADTS_J6bDRRLhAvDWAZlfE-9kNyLILcU-pI89SG&ekaxefact=F5TXYyiFBACOdqy3bLcesehc5jpv82L5OjZz2xSipifJ1dFg&ekpbmtpfact=F5TXYzmFBABrU8VjSrZ0XGd9IwukP9EeGOHKxqv5nhuxwMbO&enpp=F5TXY0uFBABjx5XGWbs0ueTMRJEHDAfwL_m8baB0GSAbxi9Q&pfi=1&domId=16921222812304876096&dc=AMS&pubBuyId=14924&crID=643234436528&lpu=cotosen.com&ucrid=3136003832240301077&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=2&wDspId=80&wbId=7&wrId=0&wAdvID=1355857&wDspCampId=132250330206&isRTB=1&rtbId=C0C160C7-5C29-4A5A-91BF-CBAE5A6B3E2C&ver=2&dateHr=2023013009&oid=491CC990-AE53-4843-921D-C3DBA2C9BEC4&cntryId=58&domain=file.io&sec=1&pAuSt=2&wops=0&sURL=file.io&BrID=5
Frame ID: 36762D82DEAC5043F9D06C5AE0BF988B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 951399DBA7F252D3CB7DA9D41B3D3EFF
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=56&pid=5f2063121d82c82557194737&key=d75bf244-1693-4d3a-b25e-9d7235d48250&gdpr_consent=null&gdpr=1
Frame ID: 37E17868B45643BEC134DA867B701A42
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Frame ID: F7F5492B78256B36FDD4A387AE5009D4
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ca4d4d6aa61fd63ee832d9dfac19eb&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: ABAF1DCBE04F24BAE93323B85490A52C
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: F83B24D0EA1AD51FA7622C6C75CD9325
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1675072536156-954188294057-001153-000-008805&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: D207485AE03E68CE0E9F12ACD65A9945
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D1%26key%3D
Frame ID: ABC49C6B8A5702D88E9CBBDF1B431839
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D18%26key%3D%24UID
Frame ID: D72B217A7B89672FC3C5312B02774C5B
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 245EB9EFAE6DE744D559217D99F6A364
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: C44341E24A2D1ACD5345E50E5A562AB1
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D23%26key%3D
Frame ID: 0473C522EA9CBEA96D4729A8CCF7A6C4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 124AC3A352E4577E1906A30E8E3ED325
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=10&pid=59c9148628a0612da3689288&key=kV9onFqB4koD&ev=1&us_privacy=1---&pid=562704
Frame ID: 6F5A81130E192C0E2397E0878BD4B55B
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=105&pid=59c9148628a0612da3689288&key=0b98d6e4-fce6-4efd-8d7c-0a038ef78f90&gdpr=1&gdpr_consent=&us_privacy=
Frame ID: 867380D7FACEB4430E21C06D4E8DC338
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Frame ID: D76384BF38AD706F21B916058D192FBF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0ae163d7-9419-4700-ba5e-1ce21f3ec24b&gdpr=0&gdpr_consent=
Frame ID: 8F4EE3784F44C55AE3E9512951D1A028
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4645871933401885513
Frame ID: 4B634B5CED32041CB4A43DA15E81AFAD
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F0D1CDBB4C73D81E710157983E504611
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x2YgOchhdTbcYnNox2BpbJcxcTvcZnA4xm2SrmdT
Frame ID: BB89DF1CDAE8988BD5272CDC87496ED0
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: EF7E10C4A498EA36D3CEF863C1FD4B09
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805
Frame ID: 7B4D993229D909EAB4725A68976F6789
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B15981F9113A83E8EA5905665FA67E30
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: B1EFAB42D97F80CF4EA11E79520BB6FD
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 643434CD0A3CEA56781FB53EBA86A222
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: C4A6A777188F5D62815C572306E98B30
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: C8A0ADFDD5134EEA1D7E8FC7019EE2E6
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5A4B53B60BCB4F053D86876F837CA8DA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 446EDF2399AEA763F5CB7D731F1A6FB7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: EE68F5C282808941BF14C8A7F4B2B0F6
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 566F54ABF9BF39802A247ACB2EE4F66E
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 34C360A90903656BFFE34E68902F4973
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AD7BFEF1A99A7E928371623D041D1199
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
Frame ID: 798AD8FD0E1CD84250BAA3F04549C5D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
Frame ID: 6C768BD432E9E9C33C50C6C63B23B71D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777738135692&gdpr=0&gdpr_consent=
Frame ID: D96505DBDA50F6EE96A0B0480573FE9D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JcActfvVRi150g-nemy_wiU6Ovc
Frame ID: 349B4888D57C27B2AD932F24FCF78D50
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9eUHAADRUs6ygAF
Frame ID: 2C80D0A4C4CF1F956251E127E0101391
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
Frame ID: D7B9E58B5F6B0F154CBC1F6ACADFFA7E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
Frame ID: 1301C66AF327181B91BD93AF90420C7A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
Frame ID: 0FE7B046069FCAC282D2D9C3FE004256
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777737545875&gdpr=0&gdpr_consent=
Frame ID: F13F86F14B20837E9357BF8CD589096B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9af3QhaYTkFY7nEz9KTZjCU6Ovc
Frame ID: 1EDF4C3EE88F4960BC89BBB5220D919F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9eUHAADQ8s6zAAF&gdpr=1&gdpr_consent=&_test=Y9eUHAADQ8s6zAAF
Frame ID: 8AD967E1CB0FC7DD4B90CDF896DD7814
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
Frame ID: 134C0B13EA7D67C26C1643A5FD406F6C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 39C854F90349FE0ED59AE32756A6477D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 668EE7C6F3748BC63E432358E2FCD40B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=158198538
Frame ID: 44B3608CE336A39C6D4A4B3CBABF1A15
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 4514C4433AEC0FBC4E8CAABD33191B47
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: C09DB7A457E135D695196384D209C0BE
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 9D48A874CAC5F286E306C11D397BBB4C
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhTYbaUTWbYMWRgWT%2526gdpr%253D0%2526gdpr_consent%253D
Frame ID: B33AD50B2BAB5A2A14214A6524F32182
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
Frame ID: 41B39D870FA43C2C3874845AD80C605C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
Frame ID: 0E030FEC704D2EBE7AA983E62EF56A9C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777737152662&gdpr=0&gdpr_consent=
Frame ID: E95AA5C1143FE72751102C4B64863033
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-TRS6gr4SEF7zVEL1GjvWCU6Ovc
Frame ID: 75C7776AF1892A20E9BD534DAE25A19A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9eUHAADItcg5wAb
Frame ID: 3A98B1E9637256F55F4EA1C80AE5485D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
Frame ID: 3B01AB29178F2B0EAD058D789E6A6758
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 5F7E822996E000EAEF0FE1A818C8E00D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 00468B83DE9F655C25103714153B77B3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5727440244
Frame ID: 43615847FF4259E0D4E4962DA9A4249B
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 1B7BB02F9B5FB15A802E639BC619568E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: D84E2DC8D0470427B65EB256C018E594
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2BD8FCF02574A0EA2A39891D62BF43A5
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhTYbaUTWbYMWRgWT%2526gdpr%253D0%2526gdpr_consent%253D
Frame ID: 0C0F3C3EE0F34F14E060B6E707EC9F08
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: FE06AE3394E582BF43A1E1B46C1D658B
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 1B135CFC465C208EBE1B224EBB104A49
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FFB15589DDA4460381CC818D6EA0AC11&gdpr=0&gdpr_consent=
Frame ID: 29F843E85B3B45677D4E7A8307EDA4C3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4E2B7B4CE967FE286CE1464E44EB4203
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 40FC335B311180FE507775B11E77E460
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FFB15589DDA4460381CC818D6EA0AC11&gdpr=0&gdpr_consent=
Frame ID: 7943AB0D1FDE71B535BAA0525F3BF989
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Deleted | file.io

Page URL History Show full URLs

  1. https://file.io/ykjpOJwlvDHB HTTP 302
    https://www.file.io/deleted Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

329
Requests

85 %
HTTPS

25 %
IPv6

76
Domains

120
Subdomains

87
IPs

13
Countries

2640 kB
Transfer

10342 kB
Size

100
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://file.io/ykjpOJwlvDHB HTTP 302
    https://www.file.io/deleted Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9899.adYql6zqAK10tk4IaspC367JarPMA1zVLtO6V4gg8QjW2MFuoZvIfyOemoMDVwFa.xuvnHW89p335wb5mVKLNxtW2k68%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9899.dWaXrpkYsXHJ2AXn1UtIJ567LQPyY_CChc6v81bz3PK2RFjLAsE8Oj5KLJekRaf_6ezZIoilC8dcuM7XMHtU1E77OQRsKZLTo5r6u8ZMvio%2C.2IOb_HmBqlwBetb0Kk6LTj1S33M%2C
Request Chain 72
  • https://mc.yandex.com/watch/90916604?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A918%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A481686359899%3Ahid%3A312873563%3Az%3A0%3Ai%3A20230130095535%3Aet%3A1675072535%3Ac%3A1%3Arn%3A656230736%3Arqn%3A1%3Au%3A167507253515543915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A27%2C22%2C26%2C14%2C805%2C0%2C%2C28%2C0%2C1286%2C1286%2C0%2C923%3Aco%3A0%3Acpf%3A1%3Ans%3A1675072533124%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675072535%3At%3ADeleted%20%7C%20file.io&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A918%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A481686359899%3Ahid%3A312873563%3Az%3A0%3Ai%3A20230130095535%3Aet%3A1675072535%3Ac%3A1%3Arn%3A656230736%3Arqn%3A1%3Au%3A167507253515543915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A27%2C22%2C26%2C14%2C805%2C0%2C%2C28%2C0%2C1286%2C1286%2C0%2C923%3Aco%3A0%3Acpf%3A1%3Ans%3A1675072533124%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675072535%3At%3ADeleted%20%7C%20file.io&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 95
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9899.EFF2HaTGU1BGmT3CGAAa5RzIgfx8n9QCFNid3IOuDQeiy4dyv2YbP3kzuQggcdvv.Iu9xEUIdHRu8doyaQfq43mNo8sw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9899.hXbCyq1X91gTFfmI9nIrpLAeKkrvFImPeHXMe6MxZ4DocNqNcPdiN7qNJJYebsRRDeubD8JhO4Rmvfu8OUI6Nyb0o7Xv5bSub4E1eMJcgxU%2C.5BLySFOm2V9GJhwajUeWS7urjRI%2C
Request Chain 122
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 124
  • https://csync.loopme.me/?pubid=11398&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D56%26pid%3D5f2063121d82c82557194737%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=56&pid=5f2063121d82c82557194737&key=d75bf244-1693-4d3a-b25e-9d7235d48250&gdpr_consent=null&gdpr=1
Request Chain 126
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ca4d4d6aa61fd63ee832d9dfac19eb&_fw_gdpr=1&_fw_gdpr_consent=
Request Chain 133
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 136
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=10&pid=59c9148628a0612da3689288&key=kV9onFqB4koD&ev=1&us_privacy=1---&pid=562704
Request Chain 137
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=105&pid=59c9148628a0612da3689288&key=0b98d6e4-fce6-4efd-8d7c-0a038ef78f90&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 150
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0ae163d7-9419-4700-ba5e-1ce21f3ec24b&gdpr=0&gdpr_consent=
Request Chain 151
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4645871933401885513
Request Chain 153
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x2YgOchhdTbcYnNox2BpbJcxcTvcZnA4xm2SrmdT
Request Chain 154
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkFEODA3NzgtNEY5Ri00N0M0LUEzQTktNEU4RjVBNkQ4NTMx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOqmO81e_TQjfcc1FsQh4hI&google_cver=1
Request Chain 158
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6936813945336792066
Request Chain 168
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=200&key=[RX_UUID] HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEYAh2yFSLDQO0Af4mo5Guw&google_cver=1
Request Chain 188
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eZbP2SLvQvGEqhWqUOOHgQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eZbP2SLvQvGEqhWqUOOHgQ
Request Chain 189
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDIMXT2I-U-938I
Request Chain 190
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTczMmZkNjk5ZGU1ZmU3ODE5ZmM1NjJjODc5MzIyN2Y3MWU0MmEwZA
Request Chain 191
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJTVhUMkktVS05MzhJ
Request Chain 192
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/b2eprWATLykpgYl6VdGBNg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UkruMm9E2oLXC4ukxionvf_Vvhp2zf69ILCQqg--~A
Request Chain 229
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=1rOiYHxrL0lBTUVURmptcjZORmFGQTBMNU5Xd0pFOHFUVDVHTWd4QmdQVUZ3cFFDTnZqdG94UHM2ZVBGcEl4TzNNbzFlc2NxenNQUFdRcEcvV3Y2UTR0bXhBZ29zWW1iTFVNL2Z2TlVlTWtBZ21Ob1hRMHlzTWpaRy9nU2podlJvRFphRG83eW54bjJhVXhKRE80QkI2S0huV0JVMmZDM3JSVURvMVNodERwRDFOMEhMczFhTnVoNW9QVlprcTh3NkZzTlNKYjRqMFFvcFJ2RzFzeXJ2WXl2TndkeHNQZTVJL2FRR3FaN01YbHJ1dm1NPXw&cppv=2
Request Chain 242
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 243
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 244
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 255
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
Request Chain 256
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777738135692&gdpr=0&gdpr_consent=
Request Chain 257
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JcActfvVRi150g-nemy_wiU6Ovc
Request Chain 258
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9eUHAADRUs6ygAF
Request Chain 259
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHbWYwN0hyeWdBQUI4Ymt1RUg5Zw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFaK07HrygAACBcxlwnTQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7418194950593606653&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFaK07HrygAACBcxlwnTQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7418194950593606653%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7418194950593606653&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFaK07HrygAACBcxlwnTQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=atgHeE-fR8SjqU6PWm2FMQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 261
  • https://pixel.onaudience.com/?partner=214&mapped=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f386cb86445fe071/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 262
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
Request Chain 263
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=75bf4a3c-8054-40c6-b92b-3f8dae56a524&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 265
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=atgHeE-fR8SjqU6PWm2FMQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 270
  • https://pixel.onaudience.com/?partner=214&mapped=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=307f84046bf1db67/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 271
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
Request Chain 272
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
Request Chain 273
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084923545697175&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 274
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777737545875&gdpr=0&gdpr_consent=
Request Chain 276
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
Request Chain 278
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9af3QhaYTkFY7nEz9KTZjCU6Ovc
Request Chain 279
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9eUHAADQ8s6zAAF HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9eUHAADQ8s6zAAF&gdpr=1&gdpr_consent=&_test=Y9eUHAADQ8s6zAAF
Request Chain 281
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFSLXhrN0hyeWdBQUJfMGY3TEFiZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFaK07HrygAACBcxlwnTQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5893617397444277031&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFaK07HrygAACBcxlwnTQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5893617397444277031%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5893617397444277031&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFaK07HrygAACBcxlwnTQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
Request Chain 283
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 284
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675072540188 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=158198538
Request Chain 286
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 288
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhTYbaUTWbYMWRgWT%2526gdpr%253D0%2526gdpr_consent%253D
Request Chain 289
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:17ca8222-a5d8-4e7a-9fd0-5bc7d00bf5eb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 290
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8369655134954053058&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 291
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2065234573506573244
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=atgHeE-fR8SjqU6PWm2FMQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 294
  • https://pixel.onaudience.com/?partner=214&mapped=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9583fadb25f29c6dee891e224e4d8cc6&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 295
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
Request Chain 296
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
Request Chain 297
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685625986601802&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 298
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777737152662&gdpr=0&gdpr_consent=
Request Chain 300
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
Request Chain 302
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-TRS6gr4SEF7zVEL1GjvWCU6Ovc
Request Chain 303
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9eUHAADItcg5wAb
Request Chain 305
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGYUswN0hyeWdBQUNCY3hsd25UUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFaK07HrygAACBcxlwnTQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1876881905400050493&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFaK07HrygAACBcxlwnTQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1876881905400050493%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1876881905400050493&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFaK07HrygAACBcxlwnTQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
Request Chain 306
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b7d8fdfd-624d-45e0-9eb5-d94c642ae01d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 307
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2460650948867251650&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 309
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 310
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2065234573506573244
Request Chain 311
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675072540188 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5727440244
Request Chain 313
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 315
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhTYbaUTWbYMWRgWT%2526gdpr%253D0%2526gdpr_consent%253D
Request Chain 327
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FFB15589DDA4460381CC818D6EA0AC11&gdpr=0&gdpr_consent=
Request Chain 328
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 330
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531 HTTP 302
  • https://a.audrte.com/p
Request Chain 331
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4086358715 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
Request Chain 332
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 334
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531 HTTP 302
  • https://a.audrte.com/p
Request Chain 335
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1049187492 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
Request Chain 338
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FFB15589DDA4460381CC818D6EA0AC11&gdpr=0&gdpr_consent=

329 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request deleted
www.file.io/
Redirect Chain
  • https://file.io/ykjpOJwlvDHB
  • https://www.file.io/deleted
439 KB
111 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ceb24d9bf634b034bc20d2321e7c4cf29d2b82572754612308e02bfa7a43a79f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29493
cache-control
public, max-age=0, s-maxage=86400
content-encoding
br
content-type
text/html
date
Mon, 30 Jan 2023 01:44:01 GMT
etag
W/"dcd54f24d9946be4664b61b5de3eb6f9"
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-cf-id
HolvzvYrd0euOXfknzjCqFcMdttsA1oKW_RCanilzzi-4Gpce58Xeg==
x-amz-cf-pop
FRA53-C1
x-amz-id-2
5KdCyXbRexTfzZze+h+dnjkYTH/e7FUAu/BZJzlKBHa925G/zyBeKQFz7qY+1KGP5fylZu73O5w=
x-amz-request-id
1TVACK6PNN1XPF7N
x-cache
Hit from cloudfront

Redirect headers

access-control-allow-headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
access-control-allow-methods
GET,HEAD,POST,PUT,PATCH,DELETE
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
content-length
98
content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:33 GMT
location
https://www.file.io/deleted
retry-after
60
vary
Accept
x-ratelimit-limit
1
x-ratelimit-remaining
9
x-ratelimit-reset
2023-01-30T09:56:33.411Z
ad-manager.min.js
hb.vntsm.com/v3/live/ 		1 MB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
6874ae9768713bc153ca59dbb900d5b69e3169878b19a386aa53468beac8e531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:34 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-cachedat
01/27/2023 14:19:17
cdn-pullzone
131999
last-modified
Wed, 25 Jan 2023 17:18:49 GMT
server
BunnyCDN-DE1-1078
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"e0bb97052f1d0c0a27f5eeb3aa32a641"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
b74eabf9cc18442418b5c0b24a0e6935
cdn-requestcountrycode
RU
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 30 Jan 2023 08:54:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3644
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 30 Jan 2023 10:54:50 GMT
Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/ 		317 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

Referer
https://www.file.io/deleted
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 01:17:34 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:47 GMT
server
AmazonS3
x-amz-request-id
4FGRTFF0605TC195
x-amz-cf-pop
FRA53-C1
etag
"8dd26c3dd0125fb16ce19b8f5e8273fb"
age
981481
x-cache
Hit from cloudfront
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
324864
x-amz-id-2
DRbfIXbgRc9nmjlChBTVO0+TEm1X/TnwFJvkr+ScSn8mvLiua71o9pRoCJhYIptAHJbqDhKkHGM=
x-amz-cf-id
oqKNEjiFQRU2qMRtXDM1ZaYPgSHjqpcHuVN_3KbMhG41fS9f4nyofA==
app-94ab6235bc4552ec45d3.js
www.file.io/ 		651 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/app-94ab6235bc4552ec45d3.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6adc8d1333d3210036fb1f70540db20bce7b2540a199635eda879d05002e8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 01:19:46 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:39 GMT
server
AmazonS3
x-amz-request-id
KDHFC2F0Q034BTVR
x-amz-cf-pop
FRA53-C1
etag
W/"d5b96f90610fd0e66fccb62435e7f262"
age
1413349
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
kDAllPGwlc4SWyW9gEz1eMs3qQbbOSUTa1aM6RN8dwuCW8kwCzuwVw==
x-amz-id-2
0Jqie3ZTI1MQg8LPyMBOTqirEuvtcHatxtorSy/C2VxaUPVyKxJ3udL0IX7OCDBrfpW/59/uyAsAWfMVntE3PQ==
0eceb729-761e2b4090024f08e2ca.js
www.file.io/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/0eceb729-761e2b4090024f08e2ca.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 00:22:46 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:35 GMT
server
AmazonS3
x-amz-request-id
5N9013S403ZGT5MR
x-amz-cf-pop
FRA53-C1
etag
W/"d8fa3e295945b4065c7adabadd2be99b"
age
1675969
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
FQkFeRKbE_3IUTMzrxWsr3oVuznCVIZDXlsQrYMywy6NE352ky_AxA==
x-amz-id-2
TPyY/6h78ld+mkH3p1VkEu2Od8AMJOb8wzHkHFbAZ9IEs73G8fViJoKGg6zsWGiZfDTjcMVKhaw=
d6a9949e-4e9c210da2d83a376ddb.js
www.file.io/ 		51 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/d6a9949e-4e9c210da2d83a376ddb.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 00:26:30 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
CVSJ9VXZEP1QP6CT
x-amz-cf-pop
FRA53-C1
etag
W/"2feda6389a53a29ad5102ef7918752f6"
age
1416545
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
3OCz4r00gr77ST1v4qr-bnxuqtiBemZmO3_TB1ilp_rAujp1a9xu0A==
x-amz-id-2
3b6/nzulmYw1nqM3PzaJZcSlJztmTzct/Dlrj4NLvuCMGxM1b1qkFiQmEqyLIOL///c/+7iT65o=
e82996df-3c73e38611643c5bb219.js
www.file.io/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e82996df-3c73e38611643c5bb219.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 00:27:13 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
C17JGGMETQC3EA8H
x-amz-cf-pop
FRA53-C1
etag
W/"785aafc2bda0f767992456b4ba1b0627"
age
725302
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
SBbIC1Y4d9B4WWSFN7x-FX_a7toI84A-JRIhrkT-Z8htdStucrayZw==
x-amz-id-2
qX7CYPDcKnICIO53BDqekCPT2kjBbsDIYEcHCOHMpG3RhBXfe81noscewwYoa8kFBJzeWME3do8=
framework-8fce40ee519418a713c9.js
www.file.io/ 		145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/framework-8fce40ee519418a713c9.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 01:18:30 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:44 GMT
server
AmazonS3
x-amz-request-id
E5YBDK1PNVEFSGW7
x-amz-cf-pop
FRA53-C1
etag
W/"c4a5f7717ceee6ea81514ff62873ada9"
age
1931825
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
Bi4K7Dfrlm3zf-X1MsLmNf8uuFLEz8ZBrOTofqp7uc8HQmYctZlPKQ==
x-amz-id-2
MOGgScAN0cGtS39aS2P+Mnpc7xNscVFJ4wzlDN9PnEpo9MU9jcq+EwlOj4gfIZIlPeJjJ1onTjhD0+UnIAwimQ==
webpack-runtime-e85adc3f73c70220e1cc.js
www.file.io/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eae67948d40ba7e48ffcdc4f534d48bcae6f98e5d1fc77afa1c7e931462772f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:11:00 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:47 GMT
server
AmazonS3
x-amz-request-id
8H22GD8HC73B1FT0
x-amz-cf-pop
FRA53-C1
etag
W/"a0b7944440774d5a3e8f33e901ae323f"
age
2184275
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
V-rzcdOh82aZ_-hl5XN68IRS_ptmGY4Fl6Q90PQz4xmZXDDz75so6Q==
x-amz-id-2
4jstbOo0t8fyCfrrK8ZjnWtVd7vYVx7KoOeXhOzahULTWj0NuMDxIuxH887FzRSxKeTgg8eQu2w=
app-data.json
www.file.io/page-data/ 		50 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/app-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5485f7c109c1e517093f2b972c6cae2deebbb0e998691d0f3143ccaa2c705a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 05:57:13 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
TPW9ANMWFWHMRXWW
x-amz-cf-pop
FRA53-C1
age
14302
x-cache
Hit from cloudfront
content-length
50
x-amz-id-2
8h3MtyfviidBWDWvbHShhUxIVnI24NCDXNCkUJZoQ2rePm40L/RBnu26V4TaM07I68AbqJnxthk=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"8560808e9c37804e4c72d09857f5dca0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
TVCwYzC2ngQQL7PScgY48EWVX2vxBYWUhBhCFF3i9BAKS6gT052WmA==
page-data.json
www.file.io/page-data/deleted/ 		152 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/deleted/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 03:21:34 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
CA2XG8Z4C2A29F1V
x-amz-cf-pop
FRA53-C1
age
23641
x-cache
Hit from cloudfront
content-length
152
x-amz-id-2
iUH1gNiHIJx2YPJUdKxOMGwOe6CeDqqa4T2jz2H/eMJHTl0wCS3D5Xw71TU4GpaPcvUeCvJ/KII=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"728a4f433ef9bed1433eaa226cad06d0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
SMgn6PvEV1KS05Fm-DY-McyWcU0Sk-vQlBUSc7Abk_oCJOeF0oqP1g==
cb1608f2-e216539eabbd5925fc79.js
www.file.io/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/cb1608f2-e216539eabbd5925fc79.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f78b804125d36b1a1c502fc0bc1aae64f96ade1ee9a773ba5def5b80804094ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:18:57 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:40 GMT
server
AmazonS3
x-amz-request-id
0WT7MFXJ3R79JXE7
x-amz-cf-pop
FRA53-C1
etag
W/"67e460d9dbcf3a954ab115654390d3d7"
age
2183798
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
xiGM-pOd144tk3UqiWm58Gi_Gi7e8fTro2OyubOoc4xO4-WEqAce3g==
x-amz-id-2
aVcaOeDoX5t3N5ixnHetwDOeBqpUwn66A8+8hv/2nCizm3olW9loULnuUezliYx/GZsZ6DHA8PI=
a9a7754c-f1b5f9c5144f62adc766.js
www.file.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/a9a7754c-f1b5f9c5144f62adc766.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 00:50:48 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:37 GMT
server
AmazonS3
x-amz-request-id
MQPXAB6BMNYV4DZ3
x-amz-cf-pop
FRA53-C1
etag
W/"4ae04cdf11989fa265bb8cc9b598298f"
age
1242287
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
n_aC_aXNpNen8ZXTnF3_H2NzsGv-giBB3KLgHXMxzlfLsWPZ-n2LEA==
x-amz-id-2
vTKPpwdcKSKK59w82n7DI28+EZH8+E4QKdMEt7nE4YFbuXeEE5ybkDAlIyDOtLhQuLFc9ECRf1Y=
381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js
www.file.io/ 		117 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/381417c15e948e10ceded78bff93c5a25db3efa3-2d94fedc279a22390bf3.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 00:43:19 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:35 GMT
server
AmazonS3
x-amz-request-id
8TNW1SCG2KPY3SWX
x-amz-cf-pop
FRA53-C1
etag
W/"9c41c9970ebc8fe4c98c8f02b631cd07"
age
983536
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
0iFxTrSdWyMz7mpkAuppZEMOo1YScvVZDEBfKl9LdrjXwPEumPPfbQ==
x-amz-id-2
+RqZMILRZQQPLDZZBMjnPjPa3O/reIH8ASq1e7Zez2/VtNaVb5CQ3ekHRDl135q98AmTsTuzizE=
a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
www.file.io/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/a874c63d384a247abb93b2eff37b6f661aa3cb57-5cfe5a4092f64f208325.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 00:26:31 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:37 GMT
server
AmazonS3
x-amz-request-id
ZRTH123J38CRGS70
x-amz-cf-pop
FRA53-C1
etag
W/"2b921aab089ea83ec7bb825f970e0b68"
age
638944
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
UHBLLBhxn8fm2Byawa4zxLIs7lVqhamK8oRoA2PrYPy3v6kW6nSLww==
x-amz-id-2
6UWtlXkAkOgC81KAmx0I2bTb0Uht1sddKjqVU5kwbgydA+9PQ4rjOrE+cA/pA4SnTZim2QxEZa8=
6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js
www.file.io/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/6043c7ae7d033d369a2fc1db82212855efeac9f9-0c41508d128eae5ff268.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 01:05:03 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:36 GMT
server
AmazonS3
x-amz-request-id
XJSBJQ4M4TG6M60Z
x-amz-cf-pop
FRA53-C1
etag
W/"02f76c7d444e6eab701d07bea36dfd50"
age
1500632
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
gKbfneHa4jEvBeDK4QdzSYm_wUKwx9ViauXQD3LUvzICMBxrzNIJ8g==
x-amz-id-2
6O/LznFOxPoGYi6kNMoRXFxfEI9iqj3K3T5Hn6gysV3Ga/z3V6+mAQuS7cQqPytNygJQa8lkcUw=
ed516ccec82792e61eba5551e335b957b2d7d02c-6ae9c8365097e016cebe.js
www.file.io/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/ed516ccec82792e61eba5551e335b957b2d7d02c-6ae9c8365097e016cebe.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a54cc829e9e54c97f61adab5c35ac3225b179b11a792a91f49022d1db7b9b9aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 00:26:31 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:43 GMT
server
AmazonS3
x-amz-request-id
ZRTQSSXYPYGGCNRJ
x-amz-cf-pop
FRA53-C1
etag
W/"83f8c9e26a69db93869cfcef32de2315"
age
638944
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
SyTEF3fi6N5Zyh0pbI_I3kTgsvEae1-r7yd3Pv1IrFmfYpBxzsJgfw==
x-amz-id-2
Qml9ScRnQbg/NIaiSou6bn/eDBUlrkCRSGuEBPtSEGn6X/9/KVkUiMWvdSH5ks2XsklTiZ3M9Qk=
component---src-pages-deleted-js-5722fd90ebe96ef888eb.js
www.file.io/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-deleted-js-5722fd90ebe96ef888eb.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-e85adc3f73c70220e1cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7644bc819a01d32c6850d97e70779351138612c2cb63af9a95cc048441170a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 04:07:13 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
GRARCN5HPY365XN2
x-amz-cf-pop
FRA53-C1
etag
W/"3546f418175eba4bde29ef79090a1c6c"
age
2008102
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
SFLMK7rQ_ijcH2rKvlR62SdVAGs1xldSNUFGew4ldxdBauqAQ-Ktsg==
x-amz-id-2
Xqnai12en11O+DGLDX44vmc76ujFfv2yZ+aG0dE60Zkva5V0zlKnqUzHuoqsLkc0YfI/VWB614JzSectLgHuhA==
1655680770.json
www.file.io/page-data/sq/d/ 		447 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1655680770.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 03:04:19 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
6EY9B2Z65YTE1NX6
x-amz-cf-pop
FRA53-C1
age
24675
x-cache
Hit from cloudfront
content-length
447
x-amz-id-2
6lvphRF16DDcSr+lx9KysAwZbne0zM5RAuwJ75EGY+RDUykFetYwIc1Y+GbIXjgd5347inBi8wg=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"c839c57483bd5d788408e7fc88e7cc8d"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
qBxtRBT7SytNwkeUpOI09jY-XpdE_H3Ek2zS4rRLZ19sSy8psXLjLw==
1810866655.json
www.file.io/page-data/sq/d/ 		2 KB
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1810866655.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-94ab6235bc4552ec45d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 06:10:16 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
x-amz-request-id
AERN4Q5TY8T2H72Z
x-amz-cf-pop
FRA53-C1
etag
W/"7bb0144e136507cd9bfbaceb72189d09"
age
13519
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
D_68ozVVnC9-6i6CAS4RQTFRPTrp6-3pncHgQHVooeDPGer6-cybfQ==
x-amz-id-2
HfBs1uHBDt/NjC9zMsqVj9KRMBeW/zOdu1TsScoARl9BCb9kFtMBO9YPpkmejluo4t2Nj1zGpO1wxuncAJ28BQ==
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2127343964&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&dp=%2Fdeleted%2F&ul=en-us&de=UTF-8&dt=Deleted%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=218409936&gjid=261512697&cid=1166269738.1675072534&tid=UA-65658019-1&_gid=352518577.1675072534&_r=1&_slc=1&z=1909190698
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-65658019-1&cid=1166269738.1675072534&jid=218409936&gjid=261512697&_gid=352518577.1675072534&_u=aEBAAEAAAAAAACAAI~&z=752619100
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 30 Jan 2023 09:55:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
6357fe75b1abda701427d92a.enc
hb.vntsm.com/v2/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6357fe75b1abda701427d92a.enc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ref_url
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-pullzone
131999
cdn-requestcountrycode
RU
cdn-requestid
c8ade634c4eff988607c1df71b1f7f4a
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-type
application/octet-stream
date
Mon, 30 Jan 2023 09:55:34 GMT
server
BunnyCDN-DE1-1078
x-bl
0
content.html
hb.vntsm.io/ 		32 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:34 GMT
cf-cache-status
HIT
x-amz-request-id
SQ3ERJ7JTQE6TAD2
age
4376
content-length
32
x-amz-id-2
AjgekodoibLi+PEY+Y9epPcj1CDpaolNH8k3XiyA3Mj6XDSabf6oXEk8nnp1eUPEaSeZotabSa0=
geo
DE
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7919552c1ed030cc-FRA
6357fe75b1abda701427d92a.enc
hb.vntsm.com/v2/live/ 		39 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6357fe75b1abda701427d92a.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
aa92025db7d6e619e6251e77dd26f5266bd18bdb3cd110b06b4ac6250762dc92

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
ref_url
aHR0cHM6Ly93d3cuZmlsZS5pby9kZWxldGVkLw==

Response headers

date
Mon, 30 Jan 2023 09:55:34 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-cachedat
01/27/2023 14:27:11
cdn-pullzone
131999
last-modified
Fri, 09 Dec 2022 15:41:50 GMT
server
BunnyCDN-DE1-1078
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"f22a972c9769c5941b943c4fab8a0755"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
874ba6276cc6f4e28e1b1a86fa926a6a
cdn-requestcountrycode
RU
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2127343964&t=timing&_s=2&dl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&dp=%2Fdeleted%2F&ul=en-us&de=UTF-8&dt=Deleted%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1285&pdt=15&dns=27&rrt=804&srt=26&tcp=22&dit=923&clt=923&_gst=908&_gbt=1028&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=1166269738.1675072534&tid=UA-65658019-1&_gid=352518577.1675072534&z=988763029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 02:05:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28178
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/ 		211 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 15:40:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63c93a4b-11ffd"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73725
expires
Mon, 30 Jan 2023 10:55:34 GMT
px.gif
ad-delivery.net/ 		43 B
939 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
675927
x-guploader-uploadid
ADPycdshmNfNRzzk2Y8lksC53mmeyRqOnx7GMrCkgwpMysQiOHYUu8VJ-t7ke5irK9RQaWmSGh09EyEwSN9zMzQz83QZEQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYqR8IiDfADvY067qj9t9apDrXQgroUvBBNFldFTh7w4J0AO%2FKTqo%2FEbzRAacGrG22j4XiRktDUHYPtoKubyjw6uBpNZeDEhBkYf5P5zvJ0NBhHREJCWfbkfaBW7xgShVy2cFSv0%2FreDhkdSww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7919552e6fbf9238-FRA
expires
Sun, 22 Jan 2023 14:16:49 GMT
script.js
d1oykxszdrgjgl.cloudfront.net/ 		120 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:fe00:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
749bfb9120cf715ec4345dac709b503c78d1c3d97ad212547e1defc8a055643f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:46:12 GMT
content-encoding
gzip
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-version-id
jkjY7lzM9fsdrrXlQzeVar.fIBMU0RzK
last-modified
Mon, 30 Jan 2023 09:20:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
563
etag
W/"e2ee4251d931b88af613ffdcde9b7160"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
Y3dbTOVObG6J-duxTmMmIbwxfw2V3B1x0TwQQPgCRKEaPrx4A1GAjA==
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 30 Jan 2023 09:55:34 GMT
server
nginx/1.21.6
via
1.1 google
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a26780461fa5b189686ca3891aeed135a2c599eecb4d1c80a6b0f3b2e91bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27567
x-xss-protection
0
server
sffe
etag
"1467 / 280 of 1000 / last-modified: 1674860937"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 09:55:35 GMT
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 09:55:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
494662
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgHayYilcyqmLLzf%2F8RRmfBpIBRWkebbgdtYkBVTucgqMU8AIyh10kkHezmJ6zm%2FClDqGAckK%2B6FP4DdikHi%2Fp%2BT8mzWFAC%2FSP8Sz%2FfIB3JZLUtoNttcBP%2FZgzD0JD7g2azSgPnjpt7i0yZt"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
791955300e3e5b68-FRA
prebid
ib.adnxs.com/ut/v3/ 		137 B
938 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1d3f046c7bfd5e811eb5f1427f39da44c93c378c535ae46f48067c88b7e1efc7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:35 GMT
AN-X-Request-Uuid
295fe37d-d3d2-4538-9a75-447eee7282df
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 09:55:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
44V0SA1Y42KEB4E3
Age
600905
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
+pq1lvrkHjoKj4hH9iBM94LvZjdhbwnhfhzQnEJaI3PAQJT5LdD71OEUJbMgnjw4Ga5dojmyyOQ=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghfjL3D138%2Fk3LFHOrxAw7k2Y5dsYwwQoByhBw00RlbSp30TwpxgYHC9%2BjK3%2FgJxNprNc4aeE%2F7DFiXEHuhdpDMsdAmkyBWV%2FchU0QFqybL39Ux5gvCMSbcAd4VfO%2Bx89iHmZkstjexmJDNX"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
791955305c63995c-FRA
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e260fc202e4&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
738f71066bfaee46ca77395f9b9bc7ef41fc7bc037c58c6cf2c845c3c16f66f2

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=%208a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
474d6a7493f88db6d3e1ba313270bcd9d561b94f91d30dcffacfd7fa065440c6

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
bb386b4289ffa2aa281003e2b0b117747da67593eb6d6fd6564f88351b7593da

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e267bcc02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
db0b1156487f684eed9b5e2c91e5c9fd79ca1bc191a5eea01d422ef4a5e9b437

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e260fc202e4&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b2ad6306a9b60dabd28e33d3d4c623276076c9341c162561c2abd23d12461aaa

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e2535a302e2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e24135f7c7b26e267e3186ce8163f78e9a5bfc95a8715e649b9f1fc186b82dc6

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96956701777748ce2a4e25945002e3&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
af8f0560cfb3454b16571917355e9d4c7314f4bc0a8d866851c3efa5a72db629

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e267bcc02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
beef9a37e3f19f8cd09b62edbb5b98f94a8f8feb50d5ba5823061f21224c268a

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.241.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-241-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:35 GMT
accept-ch
sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
a1d8022da4a5d9d93dc21f779bb4ac8f8e2f2b2ba9c7c4b9a08d4c7f122b8c1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:35 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
31
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
pb
ad.360yield.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.186.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-186-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:35 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
translator
hbopenbid.pubmatic.com/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5521874c37ed12464dedc6b69a7cf449bcce25ed0c93bf64ee2908ad9abb65e3

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6401dd6a5003b1d2015c92d9e3de73642c3b353833829ad13bbdfb5eaf4ef78b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:35 GMT
AN-X-Request-Uuid
5381e7a8-ada1-4d4d-97e7-80cee68dff65
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
249
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9899.adYql6zqAK10tk4IaspC367JarPMA1zVLtO6V4gg8QjW2MFuoZvIfyOemoMDVwFa.xuvnHW89p335wb5mVKLNxtW2k68%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9899.dWaXrpkYsXHJ2AXn1UtIJ567LQPyY_CChc6v81bz3PK2RFjLAsE8Oj5KLJekRaf_6ezZIoilC8dcuM7XMHtU1E77OQRsKZLTo5r6u8ZMvio%2C.2IOb_HmBqlwBetb0Kk6LTj1S33M%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9899.dWaXrpkYsXHJ2AXn1UtIJ567LQPyY_CChc6v81bz3PK2RFjLAsE8Oj5KLJekRaf_6ezZIoilC8dcuM7XMHtU1E77OQRsKZLTo5r6u8ZMvio%2C.2IOb_HmBqlwBetb0Kk6LTj1S33M%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9899.dWaXrpkYsXHJ2AXn1UtIJ567LQPyY_CChc6v81bz3PK2RFjLAsE8Oj5KLJekRaf_6ezZIoilC8dcuM7XMHtU1E77OQRsKZLTo5r6u8ZMvio%2C.2IOb_HmBqlwBetb0Kk6LTj1S33M%2C
date
Mon, 30 Jan 2023 09:55:35 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 15:40:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63c93a4b-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 30 Jan 2023 10:55:35 GMT
spt
tg1.aniview.com/api/adserver/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=fa92ea788ace22f87e72f5ce650c1f91&AV_PLACEMENTID=6373750d98fb531abee85ae5
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
ec723a0e6ead648aa6e71f9c4b3742c6f5ccfdae32201483ccc27c1eb44fde66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKfE3p4GEocBCiRmODVjODQwYi05NGQ2LTQwNGYtYjYwYi01NzAyMDJmNjIwMzAQgMaC9OXi/AIaBgiXqN6eBiIMMzcuNTguNTguMjQ3KNbGAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkZmJhYTkzN2ItZjc2NC00NDRjLTg0YWItMWViNGM0ZGRlNDNlGIMwIhgIAhIUY2RzMjIzLmZyOC5od2Nkbi5uZXQ=.Jnr4YUYEBjazPuLsnNWOi1yLfD9TKvPQWMFKO2NO4ZA=
x-hw
1675072535.dop164.fr8.t,1675072535.cds280.fr8.hn,1675072535.cds223.fr8.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
content-length
6147
pubads_impl_2023012501.js
securepubads.g.doubleclick.net/gpt/ 		386 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f368aa8ed1ff20a7f45f67285eb393b6b164a71826955217eaac1aa54c31980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 07:21:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133524
x-xss-protection
0
last-modified
Wed, 25 Jan 2023 09:36:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jan 2024 07:21:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		849 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.file.io
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c7d82278a8071ddf81a2b724897239f3bca0da1558ee394110c2fa3685a1d66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
363
x-xss-protection
0
expires
Mon, 30 Jan 2023 09:55:35 GMT
get
feed.avplayer.com/backend/ 		4 KB
968 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/get?cmsType=playlist&id=636a37af05e5617b262a5a52&AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6822 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy / PHP/8.1.13
Resource Hash
28594bbf0b03e8fcfdb222e167617ea75fd944a8bffdefd86356b0833658e235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
x-powered-by
PHP/8.1.13
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-envoy-upstream-service-time
20
content-length
710
expires
Mon, 30 Jan 2023 10:55:35 GMT
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKfE3p4GEocBCiRjNTg2MjU4Zi1jZGY0LTRjZjktOWE2ZC01Mjg4N2I0MDllODAQkNjW+Kvg/AIaBgiXqN6eBiIMMzcuNTguNTguMjQ3KMjYAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMDBlZWEwNjgtMzcyMi00ZjYxLTkwMjYtMzJhZjRiODRlNjY0GI7fAyIYCAISFGNkczI0OS5mcjguaHdjZG4ubmV0.czSpExx1rokCTNnCs2c8OW+ZLAwlLMd+EEESHMSesbE=
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
etag
"1646327924"
vary
X-Goog-Allowed-Resources
x-hw
1675072535.dop211.fr8.t,1675072535.cds156.fr8.hn,1675072535.cds249.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
61326
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&cb=1675072535230&r=www.file.io&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d65=IntentIQ&d66=7&e=playerLoaded&cpid=636a37af05e5617b262a5a52&str=viewable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.110.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-110-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691f4017675f6edaa09248f6e02a0&pos=8a96907201777748ca014e272ea102a2&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
26e634f65b75da69fdda18faae1c3cbca9e4e9b9b6249386c716bd22e509eebc

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
80
prebid
ib.adnxs.com/ut/v3/ 		139 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c9a88f9b9cc40fdb1097ff2a759fb2175927c6cf67bd1e885da000d8969799ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:35 GMT
AN-X-Request-Uuid
3a7e7571-b71b-47b1-9061-d1c115ddc0d6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:34 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.241.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-241-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:35 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.186.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-186-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:35 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=221045085483387&correlator=4260211222789615&eid=31071825%2C31071971%2C31071603&output=ldjh&gdfp_req=1&vrg=2023012501&ptt=17&impl=fifs&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=394511061&didk=996279706&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1675072535254&lmt=1669217203&dlt=1675072534007&idt=1204&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1166269738.1675072534&ga_sid=1675072535&ga_hid=2127343964&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4323924254159e56d02d83c053a8173c40086d0665c4c274f9fa302c8f4559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
618
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012501&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c03c1b18c1718f5cc9f186a87574a6692eb056295bbb55db492f2ee1b3967c46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11241
x-xss-protection
0
container.html
e50cebfacb1b4bc0f18497a6f10fb44d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8D4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e50cebfacb1b4bc0f18497a6f10fb44d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 09:55:35 GMT
expires
Tue, 30 Jan 2024 09:55:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2023012501.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023012501.js?cb=31071971
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b429a2cc9ff16c152674cf66e0fc48e5e356fd8e9ef154c31e5cdf890c51238a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 17:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13740
x-xss-protection
0
last-modified
Wed, 25 Jan 2023 09:36:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Jan 2024 17:17:34 GMT
1
mc.yandex.com/watch/90916604/
Redirect Chain
  • https://mc.yandex.com/watch/90916604?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A...
  • https://mc.yandex.com/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%...
435 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A918%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A481686359899%3Ahid%3A312873563%3Az%3A0%3Ai%3A20230130095535%3Aet%3A1675072535%3Ac%3A1%3Arn%3A656230736%3Arqn%3A1%3Au%3A167507253515543915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A27%2C22%2C26%2C14%2C805%2C0%2C%2C28%2C0%2C1286%2C1286%2C0%2C923%3Aco%3A0%3Acpf%3A1%3Ans%3A1675072533124%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675072535%3At%3ADeleted%20%7C%20file.io&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
fc02fcb07ebfd4d72bffee96134897bccab2ed814c7105a7519a5c2de4e1aa7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 30-Jan-2023 09:55:35 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Mon, 30-Jan-2023 09:55:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:35 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 30-Jan-2023 09:55:35 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/90916604/1?wmode=7&page-url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A918%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A481686359899%3Ahid%3A312873563%3Az%3A0%3Ai%3A20230130095535%3Aet%3A1675072535%3Ac%3A1%3Arn%3A656230736%3Arqn%3A1%3Au%3A167507253515543915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A27%2C22%2C26%2C14%2C805%2C0%2C%2C28%2C0%2C1286%2C1286%2C0%2C923%3Aco%3A0%3Acpf%3A1%3Ans%3A1675072533124%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675072535%3At%3ADeleted%20%7C%20file.io&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://www.file.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 30-Jan-2023 09:55:35 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.file.io
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		540 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=221045085483387&correlator=4250677057853452&eid=31071825%2C31071971%2C31071603&output=ldjh&gdfp_req=1&vrg=2023012501&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_6373734998fb531abee85aca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=2&adks=395328344&didk=1786973171&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D6373734998fb531abee85aca-1003%26hb_iv%3D1%26sv%3D1%26re_ve%3Dfadd46ec-v7.17.0_fo%26pg_ld_id%3D15123943c644b68d38d9bf086317a4d6%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D6373734998fb531abee85aca%26co%3DRU%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-09%252015%253A41%253A49%26ta_si%3D160x600%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dda4c4f1d0fe250eaf8a9365bef52f696%26st_ty%3Dvert%26bf_br%3D18200000%26af_im%3D18200000&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1675072535384&lmt=1669217203&dlt=1675072534007&idt=1204&adxs=45&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&frm=20&vis=1&psz=160x270&msz=160x250&fws=4&ohw=160&ga_vid=1166269738.1675072534&ga_sid=1675072535&ga_hid=2127343964&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b168560168b9aef52b885fa8740f55db537de961cc6ac00462e1576d25b95bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		539 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=221045085483387&correlator=1311115906217853&eid=31071825%2C31071971%2C31071603&output=ldjh&gdfp_req=1&vrg=2023012501&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370d898fb531abee85aab&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C970x90%7C970x250&ifi=3&adks=3195751161&didk=1404112648&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D637370d898fb531abee85aab-1000%26hb_iv%3D1%26sv%3D1%26re_ve%3Dfadd46ec-v7.17.0_fo%26pg_ld_id%3D15123943c644b68d38d9bf086317a4d6%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370d898fb531abee85aab%26co%3DRU%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-09%252015%253A41%253A49%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dda4c4f1d0fe250eaf8a9365bef52f696%26bf_br%3D18200000%26af_im%3D18200000&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1675072535405&lmt=1669217203&dlt=1675072534007&idt=1204&adxs=436&adys=993&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=0&ohw=0&ga_vid=1166269738.1675072534&ga_sid=1675072535&ga_hid=2127343964&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d84f631154065af94f16866b7434f9a00a54ca2711c237a9e648253ce23e76ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		539 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=221045085483387&correlator=4242584625447925&eid=31071825%2C31071971%2C31071603&output=ldjh&gdfp_req=1&vrg=2023012501&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370bb889c301e8e7ad53d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C970x90%7C970x250&ifi=4&adks=1730059992&didk=632355589&sfv=1-0-40&prev_scp=hb_pb%3D0.02%26hb_adid%3D637370bb889c301e8e7ad53d-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3Dfadd46ec-v7.17.0_fo%26pg_ld_id%3D15123943c644b68d38d9bf086317a4d6%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370bb889c301e8e7ad53d%26co%3DRU%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-09%252015%253A41%253A49%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.6%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3Dda4c4f1d0fe250eaf8a9365bef52f696%26bf_br%3D18200000%26af_im%3D18200000&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1675072535407&lmt=1669217203&dlt=1675072534007&idt=1204&adxs=436&adys=263&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&frm=20&vis=1&psz=970x-1&msz=728x-1&fws=0&ohw=0&ga_vid=1166269738.1675072534&ga_sid=1675072535&ga_hid=2127343964&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec9db248d8e4622ec4c1a7fccbe721f8f8afc922a0ed873a2f2a15cbef344733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		251 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
ctrack
track1.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=100&e=cpll&cb=1675072535440
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.246.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-246-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 09:55:35 GMT
video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 		43 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=6374f8665f2f007d23421195&AV_TEMPID=62f50abe103ae32adf5785c8&cid=6374ee512c8ca8606841c0a8&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
x-guploader-uploadid
ADPycdsY2ZMY_sr1M8gBQM5FLk6sT5Zxc8gdDY6iTpORW1uUYzhnnji7_GEC6Eldkupy-4P81jcMmILLIaEZNMEO70j8ne3iUp8_
x-goog-storage-class
STANDARD
Content-Range
bytes 0-13496023/13496024
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
13496024
x-sp-metadata
HS256.CKfE3p4GEocBCiRlMTJiYjgwYy1mMmQ3LTRmNjItYWU5Ni0yZGYyNDU5YTU0OTUQuNb12vfT/AIaBgiXqN6eBiIMMzcuNTguNTguMjQ3KMjYAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGi0IARIkZGRmNmNlMGItMjQ5NS00MTNiLThlNzItMzE5ODlmNjE2MGRjGNjdtwYiGAgCEhRjZHMyNTUuZnI4Lmh3Y2RuLm5ldA==.mA6fghWs9oWm6yztcVhuDc+4fH4+Hmx58s+ExJJnCOw=
last-modified
Tue, 19 Apr 2022 15:55:06 GMT
server
UploadServer
etag
"5988954ac663c7a7640a82f507517315"
x-goog-generation
1650383706252946
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1675072535.dop211.fr8.t,1675072535.cds156.fr8.hn,1675072535.cds255.fr8.c
x-goog-stored-content-length
13496024
accept-ranges
bytes
AVmanager.js
player.aniview.com/script/6.1/ Frame 411C 		439 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
2e4a182f95bcce3716c6a9580fa8bd94a35c256172550cb7f39a4a27e4d5505d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKfE3p4GEocBCiQzNzc4ZTIyZi01OGFlLTQ0NTAtODgyZS1jYTRkYjMwNzM5NGMQyIKixK/g/AIaBgiXqN6eBiIMMzcuNTguNTguMjQ3KNbGAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNDEwOTI5YTgtNWIzZC00Y2Y3LTk3YTktNTY5OTc1Y2RjMTA1GJOuByIYCAISFGNkczI3NS5mcjguaHdjZG4ubmV0.Hrcv5aqQfFjrHnF1Nnovw0g8UXGqFeSNkzw7NGoabRI=
last-modified
Sun, 29 Jan 2023 13:25:47 GMT
etag
"1674998747"
x-hw
1675072535.dop164.fr8.t,1675072535.cds280.fr8.hn,1675072535.cds275.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
120595
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		30 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=fa92ea788ace22f87e72f5ce650c1f91&AV_PLACEMENTID=6373750d98fb531abee85ae5&AV_VIDEOURL=https%3A%2F%2Fcontent1.avplayer.com%2F6006a32f94a1ea4fe84a39a6%2Fvideos%2F625edad12c2bbd0fa201f6f6%2F625edb3e2d0dea26100d8f63%2Fvideo.mp4%3FAV_TAGID&AV_TEMPID=62f50abe103ae32adf5785c8&cid=6374ee512c8ca8606841c0a8&pid=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&AV_CHANNELID=6374ee512c8ca8606841c0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.file.io&AV_DADPOS=1&AV_TAG=6374f8665f2f007d23421195&AV_TEMPLATE=62f50abe103ae32adf5785c8&d36=6.2.77&responsive=1&sver=4&avtoken=535601&omv=1.0.1&AV_D65=IntentIQ&clsid=6f2e73ac-7975-4862-bb4d-33ab104d0fad&rando=44&AV_WIDTH=440&AV_HEIGHT=247&AV_DNT=0&cb=1675072535603&wfc=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.141.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-141-180.compute-1.amazonaws.com
Software
/
Resource Hash
4fde17f51a8bc827005be42da22c2d825454440af4fe99fcf5dc03f06f4c80a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.file.io
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 18 Jan 2023 20:08:56 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.file.io&sn=&ic=0&tgt=0&app=&wi=440&he=247&test=&d36=6.2.77&apppkg=&fv=1&proto=https&d65=IntentIQ&clsid=6f2e73ac-7975-4862-bb4d-33ab104d0fad&rando=44&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&e=inventory&vi=100&cb=1675072535602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.110.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-110-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2579 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 09:21:00 GMT
expires
Tue, 30 Jan 2024 09:21:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 38B1 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ffe79e95ec3459895b737c8734438de45f61c84e8ad001fff0547a6aa470bfd2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8OHyg8dnm827JW5B9YLd1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-8OHyg8dnm827JW5B9YLd1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 09:55:35 GMT
expires
Mon, 30 Jan 2023 09:55:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9899.EFF2HaTGU1BGmT3CGAAa5RzIgfx8n9QCFNid3IOuDQeiy4dyv2YbP3kzuQggcdvv.Iu9xEUIdHRu8doyaQfq43mNo8sw%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9899.hXbCyq1X91gTFfmI9nIrpLAeKkrvFImPeHXMe6MxZ4DocNqNcPdiN7qNJJYebsRRDeubD8JhO4Rmvfu8OUI6Nyb0o7Xv5bSub4E1eMJcgxU%2C.5BLySFOm2V9GJhwajU...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9899.hXbCyq1X91gTFfmI9nIrpLAeKkrvFImPeHXMe6MxZ4DocNqNcPdiN7qNJJYebsRRDeubD8JhO4Rmvfu8OUI6Nyb0o7Xv5bSub4E1eMJcgxU%2C.5BLySFOm2V9GJhwajUeWS7urjRI%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9899.hXbCyq1X91gTFfmI9nIrpLAeKkrvFImPeHXMe6MxZ4DocNqNcPdiN7qNJJYebsRRDeubD8JhO4Rmvfu8OUI6Nyb0o7Xv5bSub4E1eMJcgxU%2C.5BLySFOm2V9GJhwajUeWS7urjRI%2C
date
Mon, 30 Jan 2023 09:55:35 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
pagead2.googlesyndication.com/bg/ Frame 2579 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 05:37:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
15495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Jan 2024 05:37:20 GMT
video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 		66 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=6374f8665f2f007d23421195&AV_TEMPID=62f50abe103ae32adf5785c8&cid=6374ee512c8ca8606841c0a8&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=13402112-

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
x-guploader-uploadid
ADPycdsY2ZMY_sr1M8gBQM5FLk6sT5Zxc8gdDY6iTpORW1uUYzhnnji7_GEC6Eldkupy-4P81jcMmILLIaEZNMEO70j8ne3iUp8_
x-goog-storage-class
STANDARD
Content-Range
bytes 13402112-13496023/13496024
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
93912
x-sp-metadata
HS256.CKfE3p4GEocBCiRiYTY2NTlhMS1jYWY2LTRmNzgtYTVhYS1kOWQwMjAzNGEwNmUQuNb12vfT/AIaBgiXqN6eBiIMMzcuNTguNTguMjQ3KMjYAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGi0IARIkOWYxMTU1MGQtNmVlZi00MzlkLWJlMjItZTc1NjZmMGQ5MDQ4GNjdtwYiGAgCEhRjZHMyNTUuZnI4Lmh3Y2RuLm5ldA==.vx/HHKBY/0Y9LQZgqGP+7xfX8jgb+npwCmHac8QgHzs=
last-modified
Tue, 19 Apr 2022 15:55:06 GMT
server
UploadServer
etag
"5988954ac663c7a7640a82f507517315"
x-goog-generation
1650383706252946
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1675072535.dop211.fr8.t,1675072535.cds156.fr8.hn,1675072535.cds255.fr8.c
x-goog-stored-content-length
13496024
accept-ranges
bytes
video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 		0
0
video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 		28 KB
28 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=6374f8665f2f007d23421195&AV_TEMPID=62f50abe103ae32adf5785c8&cid=6374ee512c8ca8606841c0a8&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash
c0e5b4c77b8497040fa489ad67dfd0d9b86e22d7b634234fcd1df58a03195a7c

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=13467648-

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
x-guploader-uploadid
ADPycdsY2ZMY_sr1M8gBQM5FLk6sT5Zxc8gdDY6iTpORW1uUYzhnnji7_GEC6Eldkupy-4P81jcMmILLIaEZNMEO70j8ne3iUp8_
x-goog-storage-class
STANDARD
Content-Range
bytes 13467648-13496023/13496024
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
28376
x-sp-metadata
HS256.CKfE3p4GEocBCiQ1NjFjOTdhMi00Yzk4LTRmN2EtOWVkYy02NmI5MzhjZjZkNmUQuNb12vfT/AIaBgiXqN6eBiIMMzcuNTguNTguMjQ3KMjYAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGi0IARIkZGE3MDg4YTktYmM1YS00ZTMxLThhMTItNDdhODYwYTUyMTg2GNjdtwYiGAgCEhRjZHMyNTUuZnI4Lmh3Y2RuLm5ldA==.kjdpbcjVlxjIskW2VZasS8yDTwh8FvGwaKapsiiaIuY=
last-modified
Tue, 19 Apr 2022 15:55:06 GMT
server
UploadServer
etag
"5988954ac663c7a7640a82f507517315"
x-goog-generation
1650383706252946
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1675072535.dop211.fr8.t,1675072535.cds156.fr8.hn,1675072535.cds255.fr8.c
x-goog-stored-content-length
13496024
accept-ranges
bytes
video.mp4
content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=6374f8665f2f007d23421195&AV_TEMPID=62f50abe103ae32adf5785c8&cid=6374ee512c8ca8606841c0a8&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=32768-

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
x-guploader-uploadid
ADPycdsY2ZMY_sr1M8gBQM5FLk6sT5Zxc8gdDY6iTpORW1uUYzhnnji7_GEC6Eldkupy-4P81jcMmILLIaEZNMEO70j8ne3iUp8_
x-goog-storage-class
STANDARD
Content-Range
bytes 32768-13496023/13496024
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
13463256
x-sp-metadata
HS256.CKfE3p4GEocBCiQxYjA4ZDc1Yy1jYmU2LTQwYzAtOWZkYi0yM2Y2MjJlNzFiYjgQuNb12vfT/AIaBgiXqN6eBiIMMzcuNTguNTguMjQ3KMjYAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGi0IARIkYmUwZmZhN2UtMmY2ZS00YmNmLTg4N2ItYmQ3NzYyMTU5MzlkGNjdtwYiGAgCEhRjZHMyNTUuZnI4Lmh3Y2RuLm5ldA==.7rFF+glaKfXVdTYWf06fnUPhfdtmi51HUIXJ1YgjJrc=
last-modified
Tue, 19 Apr 2022 15:55:06 GMT
server
UploadServer
etag
"5988954ac663c7a7640a82f507517315"
x-goog-generation
1650383706252946
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=JIY8pw==, md5=WYiVSsZjx6dkCoL1B1FzFQ==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1675072535.dop211.fr8.t,1675072535.cds156.fr8.hn,1675072535.cds255.fr8.c
x-goog-stored-content-length
13496024
accept-ranges
bytes
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
ctrack
track1.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&pid=5f2063121d82c82557194737&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&wi=440&he=248&test=&vi=100&e=cply&cb=1675072535762
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.246.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-246-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
adfetch
googleads.g.doubleclick.net/pagead/ Frame 74FF 		81 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
288db5036ac603d7fce1f3427d1e84733982a15cc47cb9249f2c75f4b1e45887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
32734
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 09:55:35 GMT
expires
Mon, 30 Jan 2023 09:55:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame F091 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:43:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
749
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3003
x-xss-protection
0
server
cafe
etag
2660866305706646737
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 30 Jan 2023 10:43:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F091 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-C-qg2YNk4sdPOSR0q_zxrSGuHLj1nNFV_hxalEA47AVj1BPHhSpgiKhbL4H_UX0R2Tfhd4jAw4UZWveM7arg55wCuS1A&pr=6:0.012743
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
970x250.jpg
cdn1.vntsm.com/TimeBucks/ Frame 212D 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.vntsm.com/TimeBucks/970x250.jpg
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
37b63ae3b2798d7f8c1fce2428a2d23d6617dcace9573557b3a29150782cb1b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
x-amz-version-id
gOWqkMId3XJssx08MD6sOj5yZz2TyvGC
cdn-edgestorageid
1054
x-amz-request-id
3YA5P6FKPXNQN1DS
cdn-cachedat
11/15/2022 10:39:13
cdn-pullzone
392884
content-length
118819
x-amz-id-2
aCsjX68rByS3wD8sA6D+vgtXdy334aTrBx39hBGDrVaBCb/KRi1IJ0y20Hvep5Xkb++J29iK02Y=
last-modified
Tue, 19 Apr 2022 12:29:37 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"d56739bc20c2b00f886be6c4ec40fa19"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-credentials
true
cache-control
public, max-age=604800
cdn-requestid
928cf36350987f49b664744621c09e58
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
track_enc
track.venatusmedia.com/dual/ 		16 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.12.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-12-122.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:36 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
generate_204
tpc.googlesyndication.com/ Frame 2579 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KbRutw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 146A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.112.191 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-112-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28767
content-encoding
gzip
content-length
13968
content-type
text/html
date
Mon, 30 Jan 2023 09:55:36 GMT
expires
Mon, 30 Jan 2023 17:55:03 GMT
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame 3676 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=159234&siteId=703967&adId=2886235&imprId=491CC990-AE53-4843-921D-C3DBA2C9BEC4&cksum=7445F230F8D131AD&adType=10&adServerId=243&kefact=0.011765&kaxefact=0.011765&kadNetFrequecy=0&kadwidth=970&kadheight=250&kadsizeid=32&kltstamp=1675072535&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.012743&dcId=3&tldId=0&passback=0&svr=BID22622U&adsver=_16601138&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=F5TXYxOFBADTS_J6bDRRLhAvDWAZlfE-9kNyLILcU-pI89SG&ekaxefact=F5TXYyiFBACOdqy3bLcesehc5jpv82L5OjZz2xSipifJ1dFg&ekpbmtpfact=F5TXYzmFBABrU8VjSrZ0XGd9IwukP9EeGOHKxqv5nhuxwMbO&enpp=F5TXY0uFBABjx5XGWbs0ueTMRJEHDAfwL_m8baB0GSAbxi9Q&pfi=1&domId=16921222812304876096&dc=AMS&pubBuyId=14924&crID=643234436528&lpu=cotosen.com&ucrid=3136003832240301077&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=2&wDspId=80&wbId=7&wrId=0&wAdvID=1355857&wDspCampId=132250330206&isRTB=1&rtbId=C0C160C7-5C29-4A5A-91BF-CBAE5A6B3E2C&ver=2&dateHr=2023013009&oid=491CC990-AE53-4843-921D-C3DBA2C9BEC4&cntryId=58&domain=file.io&sec=1&pAuSt=2&wops=0&sURL=file.io&BrID=5
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 30 Jan 2023 09:55:35 GMT
expires
0
pragma
no-cache
14498682416524610526
tpc.googlesyndication.com/simgad/ Frame 74FF 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14498682416524610526?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlM-yLQEb3SKPd4SZa_AfXF7uJI5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fd1c46f56830d4a0ccfc36425d7d477cc2ffd0afc53d52fa60371ebea307dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 15:21:54 GMT
x-content-type-options
nosniff
age
326022
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96052
x-xss-protection
0
last-modified
Thu, 29 Dec 2022 14:22:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 26 Jan 2024 15:21:54 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 74FF 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 20:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
48270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10810
x-xss-protection
0
server
cafe
etag
8766511519597269738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 20:31:06 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 74FF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcc84ca2069873bf863e0b36e587fd75731d689301e628c13156550f61689722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:06:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
46160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1305
x-xss-protection
0
server
cafe
etag
12828169674928258300
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 21:06:16 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 74FF 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eef6e8f2135553b6ba83a46919cb260534818b61b493b4b2e7e87e35a93078fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 20:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
48270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10272
x-xss-protection
0
server
cafe
etag
11468148672078775617
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 20:31:06 GMT
l
www.google.com/ads/measurement/ Frame 74FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGyNrz8Al-lMczGJ6uvfVQ7sfidpG-k_iWqKPtsSM7AAHEtRfv6VLjJ3p24ob_zQ4Z7S_CqgZ5p5yPeM8HUG_lKmNP7w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74FF 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 09:55:36 GMT
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 74FF 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04b87102f0b7cc4f673cbe953d23fa244d5a57603c128d89e8b699dadf85a211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 00:24:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
34270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18064
x-xss-protection
0
server
cafe
etag
11640667607391808528
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 00:24:26 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 74FF 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cf6bhF5TXY7HtC8Pv7gOHyJCwBoK49b1uz8-pwfsQptbs17guEAEgy4nWI2CVAqABv8vmhQLIAQKoAwHIA8kEqgTSAU_QBr4qN1y8VnYsyD0DZk9e3SLCOVQMPYTb9oIfa06IUfct4IL1iY6-FkfKCBOIEprERYjY23iTHMVtsxzA1SaZqW9rigTOJTRTmM0XrHV-rv8o_71EIuMFIEUE1qfSicCYTUAicJ-OjGiObYRf4EwSeMA3uBePoJE_Vp5KkqCp5WhKY_4yHCDHSy6nOnyGX6X2k49usUlMOOz8UV2GHwaCSs9lX9oD5rDI1m1YO3Z7ouQBz-XuMBpJGYK6KExbLXpZSmSFFvNtK8uDgNvap908o8AE3sjv1ewDkgUECAQYAZIFBAgFGASgBgKAB_-8gbMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHSCBEIgOGAEBABGAAyAqoCOgKAQPIIDWJpZGRlci03MDM5NjeACgTICwHYEwzQFQGAFwGyFwgKBggAEgAYAA&sigh=5oT7V-CaGXY&uach_m=[UACH]&pr=6:0.012743&cid=CAQSKQDUE5ymrv8Q38szEIDtFw7MDIyPOc3kRA_hIyd5USlks2UsAYn6qp-RGAEgCg&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 30 Jan 2023 09:55:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9513 		143 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 09:29:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 74FF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32856279123c68f5f0314a669a9305e9a7227b96f45b311fe8caf6e632cfaecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 38B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012501&jk=221045085483387&rc=
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9513
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 09:55:36 GMT
expires
Mon, 30 Jan 2023 09:55:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 09:55:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 146A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44471227&p=159234&s=703967&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4e7718a15765c2c4f0ceda30c89b855b11268cc8e88068b7ccfa3687c0224b93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 30 Jan 2023 09:55:35 GMT
content-length
1935
content-type
text/html; charset=UTF-8
cookiesyncendpoint
sync.aniview.com/ Frame 37E1
Redirect Chain
  • https://csync.loopme.me/?pubid=11398&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D56%26pid%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=56&pid=5f2063121d82c82557194737&key=d75bf244-1693-4d3a-b25e-9d7235d48250&gdpr_consent=null&g...
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=56&pid=5f2063121d82c82557194737&key=d75bf244-1693-4d3a-b25e-9d7235d48250&gdpr_consent=null&gdpr=1
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-226-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT

Redirect headers

content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=56&pid=5f2063121d82c82557194737&key=d75bf244-1693-4d3a-b25e-9d7235d48250&gdpr_consent=null&gdpr=1
server
_
sync
ssbsync.smartadserver.com/api/ Frame F7F5 		0
45 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT
cookiesyncendpoint
sync.aniview.com/ Frame ABAF
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=1&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ca4d4d6aa61fd63ee832d9dfac19eb&_fw_gdpr=1&_fw_gdpr_consent=
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ca4d4d6aa61fd63ee832d9dfac19eb&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-226-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 30 Jan 2023 09:55:36 GMT
Expires
Mon, 30 Jan 2023 09:55:36 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ca4d4d6aa61fd63ee832d9dfac19eb&_fw_gdpr=1&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1675072536444034-381
auto-user-sync
ads.stickyadstv.com/ Frame F83B 		43 B
621 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-136.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 30 Jan 2023 09:55:36 GMT
Expires
Mon, 30 Jan 2023 09:55:36 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1675072536452010-539
rmpssp
sync.1rx.io/usersync2/ 		0
0
services
sync.technoratimedia.com/ Frame D207 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1675072536156-954188294057-001153-000-008805&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:d7b5:8a93:2d80:f113 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.file.io/
age
0
date
Mon, 30 Jan 2023 09:55:36 GMT
server
nginx
via
1.1 varnish
x-varnish
28498268
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ABC4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D1%26key%3D
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.112.191 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-112-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161804
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 30 Jan 2023 09:55:36 GMT
expires
Wed, 01 Feb 2023 06:52:20 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame D72B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D18%26key%3D%24UID
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 09:55:36 GMT
X-Sovrn-Pod
ad_ap3ams1
occ
ups.analytics.yahoo.com/ups/58543/ Frame 245E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Mon, 30 Jan 2023 09:55:36 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
usync.html
eus.rubiconproject.com/ Frame C443
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.87.175.132 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-175-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Jan 2023 09:55:36 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
cm
u.openx.net/w/1.0/ Frame 0473 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D23%26key%3D
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Mon, 30 Jan 2023 09:55:36 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 124A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
cookiesyncendpoint
sync.aniview.com/ Frame 6F5A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D10%2...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=10&pid=59c9148628a0612da3689288&key=kV9onFqB4koD&ev=1&us_privacy=1---&pid=562704
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=10&pid=59c9148628a0612da3689288&key=kV9onFqB4koD&ev=1&us_privacy=1---&pid=562704
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-226-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-5ffd6ccc57-fgl7r
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=10&pid=59c9148628a0612da3689288&key=kV9onFqB4koD&ev=1&us_privacy=1---&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
cookiesyncendpoint
sync.aniview.com/ Frame 8673
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D105%26pid%3D59c9148...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=105&pid=59c9148628a0612da3689288&key=0b98d6e4-fce6-4efd-8d7c-0a038ef78f90&gdpr=1&gdpr_consen...
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=105&pid=59c9148628a0612da3689288&key=0b98d6e4-fce6-4efd-8d7c-0a038ef78f90&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-226-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Mon, 30 Jan 2023 09:55:35 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=105&pid=59c9148628a0612da3689288&key=0b98d6e4-fce6-4efd-8d7c-0a038ef78f90&gdpr=1&gdpr_consent=&us_privacy=
server
envoy
x-envoy-upstream-service-time
1
avpb7.12.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 411C 		174 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
d1d0bcc4ebfb3f326f655d27586ea79f39448ca371dfd90815f187e4d716f2e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKjE3p4GEocBCiRiNTUxYzQ2Yy04NjA2LTQzOWItOTExYS0xNzhhZDg3NmY0YTUQyIKixK/g/AIaBgiYqN6eBiIMMzcuNTguNTguMjQ3KNbGAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYzQ5ZDg0YmMtYjc0OS00YzI4LTliY2EtYjViMDBkNTI1YTc1GPS0AyIYCAISFGNkczI4OS5mcjguaHdjZG4ubmV0.nucwgdvbiub+1ZEkVx1Dx09H5mmPqc0uihGBJXeL210=
last-modified
Sun, 29 Jan 2023 13:25:48 GMT
etag
"1674998748"
x-hw
1675072536.dop164.fr8.t,1675072536.cds280.fr8.hn,1675072536.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
55924
avpb7.12.0a5.js
player.aniview.com/script/6.1/libs/prebid/ Frame 411C 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a5.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
cac67af0d29938a7154913246d0c213da39b0cea16f6d152d9ad72628d7a0519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKjE3p4GEocBCiQyN2Q4MTZkMi1kZjgwLTQ4YmYtODUwZi1iNGQ4Y2RhNmViNmYQyIKixK/g/AIaBgiYqN6eBiIMMzcuNTguNTguMjQ3KNbGAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOTZmZTBjZDgtNjg4Yy00M2JkLWFjYjAtZDk2YmYzYzkwNTEwGN2ZASIYCAISFGNkczIzNC5mcjguaHdjZG4ubmV0.KBEMfCd7ljehFYiq9RzUQbpZGk251E69V1uCbmM+Rzc=
last-modified
Sun, 29 Jan 2023 13:25:48 GMT
etag
"1674998748"
x-hw
1675072536.dop164.fr8.t,1675072536.cds280.fr8.hn,1675072536.cds234.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
19677
avpb7.12.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 411C 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a0.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
e0b10948c8f8424409e72354023bb956d7a6d000840271dae5bcc642c73906d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKjE3p4GEocBCiQ1M2I0ODViNi0wYWNjLTQ0YjAtOTM4NC03ZWZjMzZjYWI4ZmMQyIKixK/g/AIaBgiYqN6eBiIMMzcuNTguNTguMjQ3KNbGAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNmQzODdjNWUtZmY0Zi00MjU2LWE0MTAtNDZiNWVhZDkwOTcwGLO6ASIYCAISFGNkczEzOS5mcjguaHdjZG4ubmV0.EwrFALMe8T++WjGbej1s/tiOx8/IrgBgZf79ZISiIA4=
last-modified
Sun, 29 Jan 2023 13:25:48 GMT
etag
"1674998748"
x-hw
1675072536.dop164.fr8.t,1675072536.cds280.fr8.hn,1675072536.cds139.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
23859
avpb7.12.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 411C 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
fb2a3185b8a550b167ef6b3a84e7820b82de0f0d51acd770e62cf0e83c655f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKjE3p4GEocBCiQ1NmMwYTU2OS1mODMzLTRjODItOGRjMi1iNWQ1Yzg2ZDIwNDkQyIKixK/g/AIaBgiYqN6eBiIMMzcuNTguNTguMjQ3KNbGAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkZTZmNzI4ZDEtZjU3NC00ZjA0LWIwMmUtZWFiN2RiMWU4YjJjGI+gASIYCAISFGNkczIzNC5mcjguaHdjZG4ubmV0.Skvzyxle/XeUeWkDRNQ8VGEQDhRdtEL+hrpY+LnBYXc=
last-modified
Sun, 29 Jan 2023 13:25:48 GMT
etag
"1674998748"
x-hw
1675072536.dop164.fr8.t,1675072536.cds280.fr8.hn,1675072536.cds234.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
20495
avpb7.12.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame 411C 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a2.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
e18cb430d37779613b30d164a96b6f76a1a2d58887a732f1fd7df440805cf2ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKjE3p4GEocBCiRkNjZmOWFkNC0xODg3LTRjYWEtYTZhMi02NTE4NTc4YTE3M2EQyIKixK/g/AIaBgiYqN6eBiIMMzcuNTguNTguMjQ3KNbGAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkZTM4ZWEwMDAtYzNkZC00ZjhlLThhZGEtYjQ2ZTM1ZWYyYjU1GPieASIYCAISFGNkczAwMS5mcjguaHdjZG4ubmV0.nQ2Nm6wKbuQ9eeYkxBdpqLF/+7f/LmwfgmYg3CurhC4=
last-modified
Sun, 29 Jan 2023 13:25:48 GMT
etag
"1674998748"
x-hw
1675072536.dop164.fr8.t,1675072536.cds280.fr8.hn,1675072536.cds001.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
20344
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.24&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=5072536292
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
189
expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
685 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.134.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-134-215.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
https://www.file.io
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1675072536156-954188294057-001153-000-008805&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.128.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-128-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.128.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-128-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=35316&t=1675072536&cip=37.58.58.247&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=33d113346bf7359825e1da329e49d456&d63=33d113346bf7359825e1da329e49d456&aafaid=&proto=https&uid=1675072536156-954188294057-001153-000-008805&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.77&cb=27645098193&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=37.58.58.247&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1675072536294&asid=633ae81e14ba3a033d3a0fd6%2C637b7eaa93283f4fba7e40c8%2C5ff5868b4c1613054b3b5ee4%2C60215ad06fe78c75dd21c834%2C5ff87336239c6c7fd600e1b5%2C63ca668fc59e20cf6801d2f2&ofpr=%2C%2C0.49%2C0.49%2C0.49%2C0.49&fpo=%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.110.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-110-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=35316&t=1675072536&cip=37.58.58.247&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=33d113346bf7359825e1da329e49d456&d63=33d113346bf7359825e1da329e49d456&aafaid=&proto=https&uid=1675072536156-954188294057-001153-000-008805&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.77&cb=27645098193&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=37.58.58.247&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1675072536294&asid=60eecdaf35e63b08e5029ce4%2C63a1c97d9fc0bb7a1703e25c%2C6245a97f138a392b6f34aeb8%2C624c0a0dc3ddce30871b2de4%2C60bdce680f40fe0656405224&ofpr=2.5%2C2.24%2C%2C0.72%2C&fpo=%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.110.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-110-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
pagead2.googlesyndication.com/bg/ Frame D763 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3794998591&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=37.58.58.0&output=html&unviewed_position_start=1&url=https://www.file.io/deleted/&sub_client=bidder-703967&hl=en&u_h=1200&u_w=1600&aceid=MNsOtAB8HLQAMNTmAL9-NAFegDQBS4I0ASODNAFZgzQB1IM0AfSDNAH-gzQB_4M0AQKENAEKhDQBOIQ0ATmENAFXhDQBjIQ0AY6ENAGWhDQBnIQ0AZ2ENAGihDQBo4Q0Aa2ENAG2hDQBuYQ0AcmENAHThDQB2oQ0Ad2ENAHehDQB34Q0AeeENAHohDQBEm1BAUtzQQFTc0EBH4QHAmn7iAIk_IgCKfyIAidCqgIoQqoCfWKqAhJoqgIsfaoCW5GqAoCbqgKBm6oCgpuqApKdqgIapqoCOqiqAqKoqgJFvaoCn8SqAn_NqgJT2aoCyOKqAqDlqgL66aoCD_GqAtfxqgKx86oC8_WqAlv4qgIl-6oCQvuqAsMMqwKwEKsCWROrAmMcqwIEHqsCnh6rAqkfqwI8I6sCvSWrAg4mqwJUKKsCXSirArsqqwL7K6sCYi-rAucvqwJVMKsCoDCrAiozqwIxNKsCSDSrApw0qwIvNasC0TWrAhU2qwK1OasCZDqrAg08qwIjPKsCTTyrAqY8qwJxPasCXz6rAvY-qwIlP6sCMUCrAjdBqwJAQasCUUGrAo9BqwLlQ6sCikSrAptEqwIWRasCeUWrAjxGqwKZRqsC90arAkFHqwKnR6sCFEirAq5JqwLgSasCl0urArBLqwLRS6sCbkyrAnVNqwJTTqsCX06rAiNQqwITUasCN1GrAp1SqwLYUqsCm3QkBNmyxQUG2n8I-kLcCdr82A7Sq_sS1Ln7ElbK-xLM0fsS1uH7EjPi-xIh7PsSm_L7Ev0A_BICCfwSqgn8EuQJ_BI9CvwSwgr8EtMK_BIJC_wSPQv8EtIL_BLoC_wSW5_qFEOi6hSayxwY1s61LuMt-kI&awbid_c=AKAmf-DbWaL19CBAB03XDIvMz2iIp-9tjbQ0egNY7zwf9LpR9xg3td89soHcCQ9z7eNL1lcxDqyTEq8E5w4PP4qomG_a7jGpwe5HpfanFbHO7GiTpelVrXiFV7k9o2wIK3szBI-c98wY-qsRjqItj1VryrP8iNWO_lbC7Yugaq6ZLmAA12KdgYs&awbid_d=AKAmf-BXUzYqeadOBIu-AGhIwiKzA0z66Mlnh5WCYlRSQy2awce46yRwyNVUoXTymAyZ74QZI6Om3Be93qFmR0Gd5vsNBKCEafAX6ZGDDda2Nc0oO9Q1XzT9KOkpGD417y98Utw_xaCTpI9n_iR-Vysfgabl1OYYL_4NwgdxjmpGL07iIbYtL4BxBcNLp3_i6v5lOxeL-Ilx3GjdnGpTDqx7e9o33gqS26of7G4Ierg2lV-tVrVzWxm_W0XWNcnl751bkdGdHOtZXRQJKweXjtjX7cbxM7VgQSHIcTJbIqy3sGBs-D-utOaoP7DwapjGklUS4Gx053zxKc75XrZlLyhcalL4qS5It7gEI3b9m71TLW9UZ-SJoTWdwYxtxY7XXKDblfWhvWkL6p14xS9CSc7FjtJDmYmYk3Q7IouuoGknj4GCbbZTOFNxWqi179jJ7FgzOevOAEs6R1bnM_8yb6x2gCUsT6m6XbZbcY2uxC3G8QkiFY0dC0NHBbHSdvQVjMI6U9Y1P2KWkUqgx7uZr7VfT6--ER7QQ83MiIqMUgEmlCE5oCYcg8xLKlW2dviz9ZaL4xDLXCjgQIwkk5Wa2XVinuSmr4311XATN8gVA_ssEWOKJzKH2lmPQauM1s-aSUYztJ6pnsZjn0Sa4Zlw7Vlw2XKhEW29-bwIT37iU-nySUnMIILaYPs&cid=CAQSGwDUE5ymamYyDUy5pijdwdqw5Fu7lcj7Wc1OcxgBIAo&exk=907211995&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&a_pr=6:0.012743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 05:37:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
15496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Jan 2024 05:37:20 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8F4E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0ae163d7-9419-4700-ba5e-1ce21f3ec24b&gdpr=0&gdpr_consent=
42 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0ae163d7-9419-4700-ba5e-1ce21f3ec24b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 30 Jan 2023 09:55:36 GMT
Expires
Mon, 30 Jan 2023 09:55:35 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 404 ce67235 master zrh-pixel-x29 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0ae163d7-9419-4700-ba5e-1ce21f3ec24b&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 4B63
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4645871933401885513
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4645871933401885513
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4645871933401885513
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame F0D1 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 09:55:36 GMT
expires
Mon, 30 Jan 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
524387
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame BB89
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x2YgOchhdTbcYnNox2BpbJcxcTvcZnA4xm2SrmdT
42 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x2YgOchhdTbcYnNox2BpbJcxcTvcZnA4xm2SrmdT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=x2YgOchhdTbcYnNox2BpbJcxcTvcZnA4xm2SrmdT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame EF7E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 30 Jan 2023 09:55:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FPHP7M1Q738ZZP46ZBXT

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 30 Jan 2023 09:55:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0H7N4540KEK802J12Y5Y
Pug
image2.pubmatic.com/AdServer/ Frame 146A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkFEODA3NzgtNEY5Ri00N0M0LUEzQTktNEU4RjVBNkQ4NTMx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 146A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOqmO81e_TQjfcc1FsQh4hI&google_cver=1
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOqmO81e_TQjfcc1FsQh4hI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOqmO81e_TQjfcc1FsQh4hI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 146A 		43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 29 Jan 2023 09:55:36 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 146A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6936813945336792066
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6936813945336792066
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6936813945336792066
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 146A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
600
age
0
content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT
server
ATS/9.1.10.25
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.186.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-186-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:36 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.23.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-23-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
efe2ad676e290b1cdbbb28a8ccac7459c7c9b18d61cd15ecc141a1ebb8970853

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
x-prebid
pbs-java/1.109.0
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
307068
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/307068?src_sys=prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 30 Jan 2023 09:55:36 GMT
X-SpotX-Timing-SpotMarket-Primary
0.006786
X-SpotX-Timing-Transform
0.000357
X-SpotX-Timing-SpotMarket
0.006786
X-SpotX-Timing-Page-Require
0.000442
X-fe
064
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.003974
X-SpotX-Timing-Page-Cookie
0.000033
X-SpotX-Timing-Page
0.012943
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000323
Last-Modified
Mon, 30 Jan 2023 09:55:36 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.file.io
X-SpotX-Timing-Page-Exception
0.000001
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000015
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.001012
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:35 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c56962a3224e277153ee311a8017c0446ffb272d9f68bb0893700a3d9218fd70

Request headers

Referer
https://www.file.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
84
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cookiesyncendpoint
sync.aniview.com/ Frame 7B4D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=200&ke...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.226.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-226-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 30 Jan 2023 09:55:36 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805
pragma
no-cache
usync.js
eus.rubiconproject.com/ Frame C443 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.87.175.132 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-175-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2d88d82511ab89592c0b15bed99021980ed270478012110d399050d4a16aac25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 09:55:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jan 2023 04:58:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68598
Connection
keep-alive
Content-Length
10036
Expires
Tue, 31 Jan 2023 04:58:54 GMT
khaos.jpg
token.rubiconproject.com/ Frame C443 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
08fc1f390a6968c5983b6715b2a92536
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012501&jk=221045085483387&bg=!cXKlcjbNAAZSrDxfcqw7ACkAdvg8WvrBP9KY52bwTtpC8HMIg2MgR1T1oe4sFqExIezDnxMGT_-vIQIAAABTUgAAAAFoAQeZApambWZF69wul6OWxMd7iqDSiNeGMv1QEny6aLAym0yiT6iIVueNnX0etpzqWZOyh3m6pQFhuQV4KHShw17qwyyM1qn1DTHrQSQc0gDF3ep6bh3PIngY4wjnFmgJfd9aiz-sKbHW7Dvh12YUA33mY9e76TxtfnDXa0KXFi8ZYXsXOp_5AGZIT6xLz24c0qLjhtjiJGj0WN8WfgHeaMEDEiDTKR42Md_rXB7e1Lanlqh3UT49LBjKWREjD2YNHz0alUnmoHzqz6-xGj7won2DP5wM8cA3MSvMN6dnRs_FXWyIbhwEbQ3hjUx-VYnIs52xzA8DMKOz8zKxdG8buJHixxlXw0m_k5_q9NFYE_DPwLBCiv3HPBoKyFKu7xn5v9DbE044v-rAJsQAQNYkppYuP8lQgWiDEli0gOG5-ax-0yJEyUk1RlJoj6U2z5KHDlVJqHE-PROyIQhCqp5NG-yx5i_LcOxgFFgC1qhF6h_k5_Zva0k41wHvpCShPHN5LwUcMSM3HTaXQxeUs3ipSIzktsfIqoMUFihPKVdy1lKxNHzFRQJGwF31Qc5H9JC10YPnyn92_5KvmTURLdptABELUI8GA98sToO-nB8y8wDyRDV1XRQnMCI_3WaSUOu8FgFxivabCDc0jECkpPLvjbkSXU6lQ_ayBJxatQdRwuqQlJAYnTwz2LZGHV3ksIqyXB4hVgFyRVAILuZJqSleLZQQJUo4_200iEy3q2Kg3yOU9aYt4Yi0lr32KdjYLaqs48IT2LFlBfawBphNdmdZLQlC-jKs0AM3_62rkrc3dT4w4F2V_mtzRFv3AGRTyXcEYQELL7NQHPygwgR2SjvMIk2RccP_f-N6nVYp02GgB2ldYiEn-bX6gq4QAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
227 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.24&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=5072536576
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
189
expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.134.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-134-215.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
https://www.file.io
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=35316&t=1675072536&cip=37.58.58.247&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=33d113346bf7359825e1da329e49d456&d63=33d113346bf7359825e1da329e49d456&aafaid=&proto=https&uid=1675072536156-954188294057-001153-000-008805&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.77&cb=27645098193&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=37.58.58.247&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1675072536578&asid=633ae81e14ba3a033d3a0fd6%2C637b7eaa93283f4fba7e40c8%2C60215ad06fe78c75dd21c834%2C5ff5868b4c1613054b3b5ee4%2C63ca668fc59e20cf6801d2f2%2C5ff87336239c6c7fd600e1b5%2C5ff6ed8d06e9773265718a49&ofpr=%2C%2C0.49%2C0.49%2C0.49%2C0.49%2C0.49&fpo=%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.110.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-110-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=35316&t=1675072536&cip=37.58.58.247&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=33d113346bf7359825e1da329e49d456&d63=33d113346bf7359825e1da329e49d456&aafaid=&proto=https&uid=1675072536156-954188294057-001153-000-008805&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.77&cb=27645098193&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=37.58.58.247&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1675072536578&asid=6245a97f138a392b6f34aeb8%2C63a1c97d9fc0bb7a1703e25c%2C624c0a0dc3ddce30871b2de4&ofpr=%2C2.24%2C0.72&fpo=%2C%2C&ri=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.110.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-110-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:35 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
307068
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/307068?src_sys=prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 30 Jan 2023 09:55:36 GMT
X-SpotX-Timing-SpotMarket-Primary
0.006456
X-SpotX-Timing-Transform
0.000292
X-SpotX-Timing-SpotMarket
0.006456
X-SpotX-Timing-Page-Require
0.000305
X-fe
139
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.002990
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.011202
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000251
Last-Modified
Mon, 30 Jan 2023 09:55:36 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.file.io
X-SpotX-Timing-Page-Exception
0.000000
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000872
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.186.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-186-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:36 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.23.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-23-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1d3c9f410a52c208629d43a8ac807e29a7c24af63016e5f218fc2353401c0a76

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
x-prebid
pbs-java/1.109.0
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
74a6eea50d9d4170808b5ad80ab205cb48bce5db1ef3be4e72ca45ea209d9bc8

Request headers

Referer
https://www.file.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
600
age
0
content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT
server
ATS/9.1.10.25
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C443 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LDIMXT2I-U-938I
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame C443 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8GSAQR7T95YKG63QR96N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame C443 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame C443
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEYAh2yFSLDQO0Af4mo5Guw&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEYAh2yFSLDQO0Af4mo5Guw&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEYAh2yFSLDQO0Af4mo5Guw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C443
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eZbP2SLvQvGEqhWqUOOHgQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eZbP2SLvQvGEqhWqUOOHgQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eZbP2SLvQvGEqhWqUOOHgQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XK5HGF7DJDENWFX41703
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eZbP2SLvQvGEqhWqUOOHgQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame C443
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDIMXT2I-U-938I
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDIMXT2I-U-938I
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E8CCC4BF1AE44466AD65CA1EE43F191E Ref B: FRAEDGE2011 Ref C: 2023-01-30T09:55:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXzeDeJD5uU/iW6t8/tlQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDIMXT2I-U-938I
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
08fc1f390a6968c5983b6715b2a92536
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C443
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTczMmZkNjk5ZGU1ZmU3ODE5ZmM1NjJjODc5MzIyN2Y3MWU0MmEwZA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTczMmZkNjk5ZGU1ZmU3ODE5ZmM1NjJjODc5MzIyN2Y3MWU0MmEwZA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTczMmZkNjk5ZGU1ZmU3ODE5ZmM1NjJjODc5MzIyN2Y3MWU0MmEwZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C443
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJTVhUMkktVS05MzhJ
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJTVhUMkktVS05MzhJ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJTVhUMkktVS05MzhJ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C443
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/b2eprWATLykpgYl6VdGBNg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UkruMm9E2oLXC4ukxionvf_Vvhp2zf69ILCQqg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UkruMm9E2oLXC4ukxionvf_Vvhp2zf69ILCQqg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 30 Jan 2023 09:55:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UkruMm9E2oLXC4ukxionvf_Vvhp2zf69ILCQqg--~A
content-length
0
adServe.do
web.ssp.yahoo.com/admax/ 		240 B
227 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969110017f7f93bfa398cf71120060&pos=8a9698cd017f7fdf73d9e01dc188000d&secure=1&euconsent=&gdpr=1&us_privacy=1---&d(id24)=&ht=247&wd=440&reserve=2.24&req(url)=www.file.io&schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,!aniview.com,5f2063121d82c82557194737,1,,,&cbb=5072536727
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
189
expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.134.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-134-215.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
https://www.file.io
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=35316&t=1675072536&cip=37.58.58.247&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=33d113346bf7359825e1da329e49d456&d63=33d113346bf7359825e1da329e49d456&aafaid=&proto=https&uid=1675072536156-954188294057-001153-000-008805&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.77&cb=27645098193&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=37.58.58.247&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1675072536728&asid=633ae81e14ba3a033d3a0fd6%2C637b7eaa93283f4fba7e40c8%2C60215ad06fe78c75dd21c834%2C63ca668fc59e20cf6801d2f2%2C5ff87336239c6c7fd600e1b5%2C5ff5868b4c1613054b3b5ee4%2C5ff6ed8d06e9773265718a49&ofpr=%2C%2C0.49%2C0.49%2C0.49%2C0.49%2C0.49&fpo=%2C%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.110.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-110-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=35316&t=1675072536&cip=37.58.58.247&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=33d113346bf7359825e1da329e49d456&d63=33d113346bf7359825e1da329e49d456&aafaid=&proto=https&uid=1675072536156-954188294057-001153-000-008805&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.77&cb=27645098193&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=37.58.58.247&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1675072536728&asid=6245a97f138a392b6f34aeb8%2C63a1c97d9fc0bb7a1703e25c%2C624c0a0dc3ddce30871b2de4&ofpr=%2C2.24%2C0.72&fpo=%2C%2C&ri=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.110.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-110-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.23.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-23-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e9fd988104e4ebf553b7586262df3f0cf443220ae2ac22034cca06906076dd90

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
x-prebid
pbs-java/1.109.0
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
307068
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/307068?src_sys=prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 30 Jan 2023 09:55:36 GMT
X-SpotX-Timing-SpotMarket-Primary
0.004876
X-SpotX-Timing-Transform
0.000279
X-SpotX-Timing-SpotMarket
0.004876
X-SpotX-Timing-Page-Require
0.000345
X-fe
087
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.003565
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.010351
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000268
Last-Modified
Mon, 30 Jan 2023 09:55:36 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.file.io
X-SpotX-Timing-Page-Exception
0.000000
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000011
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000983
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1f7d1013b0f425c1e214104299653258e0e220ebf9d6afe9c949062f245631b1

Request headers

Referer
https://www.file.io/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 30 Jan 2023 09:55:36 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
84
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.186.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-186-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:36 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
600
age
0
content-length
0
date
Mon, 30 Jan 2023 09:55:36 GMT
server
ATS/9.1.10.25
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
379b728a2adf1606b2fbcb23861cc2daeb7f95fba9bdbc49162fcd4716253581

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:37 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 01 Mar 2023 09:55:37 GMT
usync.html
eus.rubiconproject.com/ Frame B159 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.87.175.132 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-175-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Jan 2023 09:55:37 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B1EF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.112.191 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-112-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161803
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 30 Jan 2023 09:55:37 GMT
expires
Wed, 01 Feb 2023 06:52:20 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6434 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.112.191 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-112-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161803
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 30 Jan 2023 09:55:37 GMT
expires
Wed, 01 Feb 2023 06:52:20 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C4A6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.112.191 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-112-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161803
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 30 Jan 2023 09:55:37 GMT
expires
Wed, 01 Feb 2023 06:52:20 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame B159 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.87.175.132 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-175-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2d88d82511ab89592c0b15bed99021980ed270478012110d399050d4a16aac25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 09:55:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jan 2023 04:58:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68597
Connection
keep-alive
Content-Length
10036
Expires
Tue, 31 Jan 2023 04:58:54 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
7082ee3172433ac226c8eac865683c8c1861dd01e7fab4bf9c034b82a605abf5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
258.json
id5-sync.com/g/v2/ 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
9ca6765abac5f29b7e77219a3a7fff9109abbda13ecad8711cc895d89ba8e2ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
page-data.json
www.file.io/page-data/developers/ 		0
650 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 05:28:47 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
RD1FHM3S3FE7T6FD
x-amz-cf-pop
FRA53-C1
age
16011
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
c4P0YXPAiRVPjygr1Qq3G30Hhlwv0bcr57www0wtR1rPskUhDLuakUih338MSXmrfzJHr+mYuaQ=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
P4rhZISkhHUHk6kb3-nwgZzq5vv_2xCGgnvYBAzjWHYn_j4KZurj5w==
page-data.json
www.file.io/page-data/index/ 		0
638 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 05:57:19 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
TPWABNKCSQ722BGP
x-amz-cf-pop
FRA53-C1
age
14299
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
eLxuw6KgYuVPV4usKYcSbH3OMDUR/ULkW9e5XZwgro/Hc/5k3Q55soRl2od5tvxcn3VcoQMwgQw=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
_4FQVmIeKtEEq9BVTcZwuVm0aJstdmgFSdF877jJ8oBinjj5qdkgJQ==
page-data.json
www.file.io/page-data/login/ 		0
618 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 07:14:49 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
YYWS1C9YSXJBNJYR
x-amz-cf-pop
FRA53-C1
age
9648
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
yh16L4WLJ2v4z2gVn4wcJP7iSM9E+8QXnbgOxodKv8qqhafhrEHNy6yMAPjNjdaZ0RhfiFPDWpc=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
4Bz4I2gu6Qm_0AmZQ0uQ5WtYmns41xuVaC4LStmfi6ZLRiIdtnmfMw==
page-data.json
www.file.io/page-data/about/ 		0
631 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 08:24:38 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
BFKG8PQHMK0SHBFF
x-amz-cf-pop
FRA53-C1
age
5460
x-cache
Hit from cloudfront
content-length
147
x-amz-id-2
ad5OmyD60W/N4BPpFIzMhGpkSE+gQIHBacr5nqYBupGyX9cGoriRjAwxdxQUK04DIPDkAnhYB5k=
last-modified
Wed, 23 Nov 2022 15:26:44 GMT
server
AmazonS3
etag
"cfb91ae7cd0473e276a9361907a683fc"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
eqNLUgyPdLHPTM4qDPLW1L-N_bJ28cW28uFgnwvHjyJFn0x2ZmBm1g==
activeview
pagead2.googlesyndication.com/pcs/ Frame 74FF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstM2sISxRuk9JtXKJ2f04cdJqJR_FIpTOdvUjgSryd7lUBFScTrKe4OwRkCiaXnwgm0fSTW8ZlLQLId0bb4a7QQf1jZO6ckUUu1OGjydIiz0tdw4X7bHZt5zjaO2Tdgswpc1aHVbw&sai=AMfl-YT4txqNbsl5CZ4SvyESQi0bEba-JLdiJDO_h3gWiFqyMkOv7fvQL0I6YTh38kqJHaWFVeK5GsBIHTcCwEM9d8wOwwrLaEHv8xZd_w&sig=Cg0ArKJSzPl0req0olV-EAE&cid=CAQSKQDUE5ymrv8Q38szEIDtFw7MDIyPOc3kRA_hIyd5USlks2UsAYn6qp-RGAEgCg&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3794998591&rs=5&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675072535799&rpt=456&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
page-data.json
www.file.io/page-data/about/ 		147 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 08:24:38 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
BFKG8PQHMK0SHBFF
x-amz-cf-pop
FRA53-C1
age
5460
x-cache
Hit from cloudfront
content-length
147
x-amz-id-2
ad5OmyD60W/N4BPpFIzMhGpkSE+gQIHBacr5nqYBupGyX9cGoriRjAwxdxQUK04DIPDkAnhYB5k=
last-modified
Wed, 23 Nov 2022 15:26:44 GMT
server
AmazonS3
etag
"cfb91ae7cd0473e276a9361907a683fc"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
7hLOJHRX0TOarUbcAMgW7QJFYz3CKZFuinHTdjEQ_M_w3_H6dgYS0A==
page-data.json
www.file.io/page-data/developers/ 		163 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 05:28:47 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
RD1FHM3S3FE7T6FD
x-amz-cf-pop
FRA53-C1
age
16011
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
c4P0YXPAiRVPjygr1Qq3G30Hhlwv0bcr57www0wtR1rPskUhDLuakUih338MSXmrfzJHr+mYuaQ=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
M5qPNuD9hLl8Ue1zzYCD5zJ196cX-ninXNJ2rT4W6tgaOMuJoB5ikQ==
page-data.json
www.file.io/page-data/index/ 		154 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 05:57:19 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
TPWABNKCSQ722BGP
x-amz-cf-pop
FRA53-C1
age
14299
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
eLxuw6KgYuVPV4usKYcSbH3OMDUR/ULkW9e5XZwgro/Hc/5k3Q55soRl2od5tvxcn3VcoQMwgQw=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
R_20eK3J_YUEysaQal57zgGCyd0GSKdjE0Y0Ce_ECA5yG98cMlrpCQ==
page-data.json
www.file.io/page-data/login/ 		135 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 07:14:49 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
YYWS1C9YSXJBNJYR
x-amz-cf-pop
FRA53-C1
age
9648
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
yh16L4WLJ2v4z2gVn4wcJP7iSM9E+8QXnbgOxodKv8qqhafhrEHNy6yMAPjNjdaZ0RhfiFPDWpc=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
ByjFiMYhy7KFKU3KsMSnoaJGpt4xoNB_sihooXA8iWY3V01YW_d4vw==
component---src-pages-developers-index-js-88530fefdd6fa17762c6.js
www.file.io/ 		0
170 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-developers-index-js-88530fefdd6fa17762c6.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 01:14:58 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
SX3CPSYDTGZ0K3PY
x-amz-cf-pop
FRA53-C1
etag
W/"80a59b6f64d0402abb9842573879e8fb"
age
981639
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
Z-hDyvxr-cANKEZOqDL2PM9HvWL0iHHIX3yco65XvVaTUiGTLc6BJg==
x-amz-id-2
pf+yTZfP3Aj/Zsi/Apgj+ByQqkQ5Ww5Gle+QCfQISO4UHoR4R/TtFfst5FgR/sjW5R/l4pUq4vg=
component---src-pages-index-js-6f342476ad3d7376370b.js
www.file.io/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-index-js-6f342476ad3d7376370b.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 00:24:25 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
5HRVJR6RN3GQRH41
x-amz-cf-pop
FRA53-C1
etag
W/"a815a80bb57be2461e02b661e195f1f8"
age
1330273
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
DgyQ_fu9eIINE_phy4p6V_J2HzimYcxrENiHSQ3be0p4tghOYd9vKA==
x-amz-id-2
0rYiQJ55Lqz7L91hnQSFB3WcAdHrPPFWkw+Fm5p4FL4Be/DKZ7zJBqvlqfy2Vnww4j0O8TMh4QU=
component---src-pages-about-js-e796be312b3f5a0e66a9.js
www.file.io/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-about-js-e796be312b3f5a0e66a9.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:53:43 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:40 GMT
server
AmazonS3
x-amz-request-id
YMZE879JSN72EW6K
x-amz-cf-pop
FRA53-C1
etag
W/"9bb0618c91746ad73fe92abe83c168d2"
age
464515
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
-j7Iy_CcDcHXE83RUU2gZz0AhV6FAKZq7hb4sEz9KB78D59dGo1iRQ==
x-amz-id-2
Wqeasc1HmdP3RZrkW/URiVaK6WkLtrWJsc7u8rVP4g7GdrqqHPKUN40+nS5sDHofqwQL9oNGzFbZxjTj3ULf8Q==
component---src-pages-login-js-4334d2f9cc13bc6425f6.js
www.file.io/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-login-js-4334d2f9cc13bc6425f6.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 01:20:15 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:41 GMT
server
AmazonS3
x-amz-request-id
6PFA3DVX6F2FPVJQ
x-amz-cf-pop
FRA53-C1
etag
W/"5846b26616c0b2bb2d33c186d91ddb78"
age
808523
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
U-PP6tulswkfLxUaLVfvEDWp5ZJRdxEtwt4LpWMAFsimxidF4y0SFQ==
x-amz-id-2
16q2N077OIZKt0nOwf0u480bk1ex1hNmcb2Tx3VghU/JCi2ptAOlD5F+Qol6LWMo/wIh5M8a4Eo=
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 30 Jan 2023 09:55:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
397518
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:37 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=1rOiYHxrL0lBTUVURmptcjZORmFGQTBMNU5Xd0pFOHFUVDVHTWd4QmdQVUZ3cFFDTnZqdG94UHM2ZVBGcEl4TzNNbzFlc2NxenNQUFdRcEcvV3Y2UTR0bXhBZ29zWW1iTFVNL2Z2TlVlTWtBZ21Ob1hRMHlzTWpaRy9nU2...
340 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1rOiYHxrL0lBTUVURmptcjZORmFGQTBMNU5Xd0pFOHFUVDVHTWd4QmdQVUZ3cFFDTnZqdG94UHM2ZVBGcEl4TzNNbzFlc2NxenNQUFdRcEcvV3Y2UTR0bXhBZ29zWW1iTFVNL2Z2TlVlTWtBZ21Ob1hRMHlzTWpaRy9nU2podlJvRFphRG83eW54bjJhVXhKRE80QkI2S0huV0JVMmZDM3JSVURvMVNodERwRDFOMEhMczFhTnVoNW9QVlprcTh3NkZzTlNKYjRqMFFvcFJ2RzFzeXJ2WXl2TndkeHNQZTVJL2FRR3FaN01YbHJ1dm1NPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
219b7d784a6be7b4481d33ac15b61800b12fa51042b04dca3fada2a0c1b08479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1258820
expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=1rOiYHxrL0lBTUVURmptcjZORmFGQTBMNU5Xd0pFOHFUVDVHTWd4QmdQVUZ3cFFDTnZqdG94UHM2ZVBGcEl4TzNNbzFlc2NxenNQUFdRcEcvV3Y2UTR0bXhBZ29zWW1iTFVNL2Z2TlVlTWtBZ21Ob1hRMHlzTWpaRy9nU2podlJvRFphRG83eW54bjJhVXhKRE80QkI2S0huV0JVMmZDM3JSVURvMVNodERwRDFOMEhMczFhTnVoNW9QVlprcTh3NkZzTlNKYjRqMFFvcFJ2RzFzeXJ2WXl2TndkeHNQZTVJL2FRR3FaN01YbHJ1dm1NPXw&cppv=2
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
611736
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
66eada1eb9787a8a6a32b834e2afd163608936438d4c7c854aa02e3879aef403

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 09:55:38 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 01 Mar 2023 09:55:38 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C8A0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.112.191 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-112-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161802
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 30 Jan 2023 09:55:38 GMT
expires
Wed, 01 Feb 2023 06:52:20 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 5A4B 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:38 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 446E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
11434
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 30 Jan 2023 09:55:38 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
15, 70796
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230113-FRA
X-Timer
S1675072538.162914,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EE68 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.112.191 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-112-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161802
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 30 Jan 2023 09:55:38 GMT
expires
Wed, 01 Feb 2023 06:52:20 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 566F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
11433
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 30 Jan 2023 09:55:38 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
15, 69987
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230028-FRA
X-Timer
S1675072538.162858,VS0,VE0
sync
eb2.3lift.com/ Frame 34C3 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:38 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame AD7B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
11433
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 30 Jan 2023 09:55:38 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
7, 182350
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220040-HHN
X-Timer
S1675072538.164127,VS0,VE0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
b89a5d20567fc2c1380a29f31ab247d50f3924b91dd620e2a7141f9115bf6cf3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
258.json
id5-sync.com/g/v2/ 		216 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
7390f30f66dee8a21b8af260f15b68b3b7e22032a1efa6cf898b218c388d4930
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Mon, 30 Jan 2023 09:55:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
bounce
ib.adnxs.com/ Frame 446E
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:38 GMT
AN-X-Request-Uuid
8b7c2329-e615-4a16-9a4b-5ff2904e867a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:38 GMT
AN-X-Request-Uuid
633362f5-44b4-41c9-9194-62ec5747f614
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 566F
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:38 GMT
AN-X-Request-Uuid
8e9c3991-c573-418e-b3f6-33e1a3d286c5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:38 GMT
AN-X-Request-Uuid
77927ade-9950-4204-95c4-74aedee5a759
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame AD7B
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:38 GMT
AN-X-Request-Uuid
acfdfaa7-a59e-4022-ac15-27e16e2be0ea
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:38 GMT
AN-X-Request-Uuid
903b8854-b334-4605-8146-570f23b331d9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1rOiYHxrL0lBTUVURmptcjZORmFGQTBMNU5Xd0pFOHFUVDVHTWd4QmdQVUZ3cFFDTnZqdG94UHM2ZVBGcEl4TzNNbzFlc2NxenNQUFdRcEcvV3Y2UTR0bXhBZ29zWW1iTFVNL2Z2TlVlTWtBZ21Ob1hRMHlzTWpaRy9nU2podlJvRFphRG83eW54bjJhVXhKRE80QkI2S0huV0JVMmZDM3JSVURvMVNodERwRDFOMEhMczFhTnVoNW9QVlprcTh3NkZzTlNKYjRqMFFvcFJ2RzFzeXJ2WXl2TndkeHNQZTVJL2FRR3FaN01YbHJ1dm1NPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 30 Jan 2023 09:55:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
424803
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame 146A 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 446E 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:39 GMT
AN-X-Request-Uuid
b6230f7b-b44a-4b08-9f19-32f270c14c18
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 566F 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:39 GMT
AN-X-Request-Uuid
ca7e7c60-3646-42ef-bce5-dde7b694c168
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AD7B 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 09:55:39 GMT
AN-X-Request-Uuid
de1d9474-9268-4204-ac6d-0f5cf1448b3f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame ABC4 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88235775&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675072536156-954188294057-001153-000-008805%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:39 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame B1EF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53723978&p=161335&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e69948ac90ac5e01a7aa02e61c55bbfe60228cdc4772c2847b4c7886f5e73044

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 30 Jan 2023 09:55:38 GMT
content-length
2025
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 6434 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16041890&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9569cf5dd17b1221fee65a4e501815e090e31d793388c2e092a248b870378ca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame C4A6 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97786250&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9569cf5dd17b1221fee65a4e501815e090e31d793388c2e092a248b870378ca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 798A 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:40 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6C76
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
5c21f586-5738-4583-bcae-fdf5e6af05c9
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Jan 2023 09:55:40 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame D965
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777738135692&gdpr=0&gdpr_consent=
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777738135692&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 30 Jan 2023 09:55:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777738135692&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 349B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JcActfvVRi150g-nemy_wiU6Ovc
42 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JcActfvVRi150g-nemy_wiU6Ovc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Jan 2023 09:55:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JcActfvVRi150g-nemy_wiU6Ovc
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 2C80
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9eUHAADRUs6ygAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
160
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 30 Jan 2023 09:55:40 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
618
x-served-by
cache-fra-eddf8230104-FRA
x-timer
S1675072540.285107,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 30 Jan 2023 09:55:40 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9eUHAADRUs6ygAF
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230104-FRA
x-timer
S1675072540.184871,VS0,VE93
Pug
image2.pubmatic.com/AdServer/ Frame D7B9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHbWYwN0hyeWdBQUI4Ymt1RUg5Zw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFaK07HrygAACBcxlwnTQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7418194950593606653&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFaK07HrygAACBcxlwnTQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7418194950593606653%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7418194950593606653&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFaK07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 30 Jan 2023 09:55:40 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B1EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=atgHeE-fR8SjqU6PWm2FMQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
173.223.112.191 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-112-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:40 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=161800
accept-ranges
bytes
content-length
5554
expires
Wed, 01 Feb 2023 06:52:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f386cb86445fe071/gdpr=0/ Frame B1EF
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f386cb86445fe071/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f386cb86445fe071/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Protocol
H2
Server
34.252.135.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-135-184.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.55
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f386cb86445fe071/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame B1EF
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date
Mon, 30 Jan 2023 09:55:40 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
simage2.pubmatic.com/AdServer/ Frame B1EF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=75bf4a3c-8054-40c6-b92b-3f8dae56a524&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 30 Jan 2023 09:55:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B1EF 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:ebfb:2347:dbfe:4c27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame B1EF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
date
Mon, 30 Jan 2023 09:55:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame B1EF 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B1EF 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6434
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=atgHeE-fR8SjqU6PWm2FMQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
173.223.112.191 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-112-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:40 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=161800
accept-ranges
bytes
content-length
5554
expires
Wed, 01 Feb 2023 06:52:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 1301 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:40 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=307f84046bf1db67/gdpr=0/ Frame 6434
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=307f84046bf1db67/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=307f84046bf1db67/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Protocol
H2
Server
34.252.135.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-135-184.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.28.138
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=307f84046bf1db67/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 6434
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date
Mon, 30 Jan 2023 09:55:40 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
simage2.pubmatic.com/AdServer/ Frame 0FE7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
55ff703a-0b9c-4c4a-bff7-a9a26f857b71
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Jan 2023 09:55:40 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6434
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084923545697175&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 30 Jan 2023 09:55:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame F13F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777737545875&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777737545875&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 30 Jan 2023 09:55:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777737545875&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6434 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:ebfb:2347:dbfe:4c27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 6434
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
date
Mon, 30 Jan 2023 09:55:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 6434 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1EDF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9af3QhaYTkFY7nEz9KTZjCU6Ovc
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9af3QhaYTkFY7nEz9KTZjCU6Ovc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Jan 2023 09:55:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9af3QhaYTkFY7nEz9KTZjCU6Ovc
Pug
simage2.pubmatic.com/AdServer/ Frame 8AD9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9eUHAADQ8s6zAAF&gdpr=1&gdpr_consent=&_test=Y9eUHAADQ8s6zAAF
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9eUHAADQ8s6zAAF&gdpr=1&gdpr_consent=&_test=Y9eUHAADQ8s6zAAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 30 Jan 2023 09:55:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9eUHAADQ8s6zAAF&gdpr=1&gdpr_consent=&_test=Y9eUHAADQ8s6zAAF
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230104-FRA
x-timer
S1675072540.285359,VS0,VE0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6434 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 30 Jan 2023 09:55:40 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 134C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFSLXhrN0hyeWdBQUJfMGY3TEFiZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFaK07HrygAACBcxlwnTQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5893617397444277031&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFaK07HrygAACBcxlwnTQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5893617397444277031%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5893617397444277031&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFaK07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 30 Jan 2023 09:55:40 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
cookiesync
core.iprom.net/ Frame 39C8 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 30 Jan 2023 09:55:40 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-5d681bc70eaa@version_1.534
X-core-time
0ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 668E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
791955514b97bba3-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
791955502926bba3-FRA
content-type
text/html
date
Mon, 30 Jan 2023 09:55:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
406
generic
match.adsrvr.org/track/cmf/ Frame 44B3
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675072540188
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=158198538
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=158198538
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:40 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 30 Jan 2023 09:55:40 GMT
etag
RX3807751a59dc47c38d8263acce7c9534003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=158198538
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
pub
matching.truffle.bid/sync/ Frame 4514 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 30 Jan 2023 09:55:40 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame C09D
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 30 Jan 2023 09:55:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cm
ipac.ctnsnet.com/int/ Frame 9D48 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
gdpr_consent=
sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/ Frame B33A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
49 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhTYbaUTWbYMWRgWT%2526gdpr%253D0%2526gdpr_consent%253D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.135.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-135-184.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:40 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.0.34

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhTYbaUTWbYMWRgWT%2526gdpr%253D0%2526gdpr_consent%253D
Pug
simage2.pubmatic.com/AdServer/ Frame 6434
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:17ca8222-a5d8-4e7a-9fd0-5bc7d00bf5eb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:17ca8222-a5d8-4e7a-9fd0-5bc7d00bf5eb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:17ca8222-a5d8-4e7a-9fd0-5bc7d00bf5eb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 30 Jan 2023 09:55:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 6434
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8369655134954053058&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8369655134954053058&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8369655134954053058&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 6434
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2065234573506573244
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2065234573506573244
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 30 Jan 2023 09:55:40 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f0abdb67-53d7-4488-ac35-732ed4a524d1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2065234573506573244
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C4A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=atgHeE-fR8SjqU6PWm2FMQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
173.223.112.191 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-112-191.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:40 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=161800
accept-ranges
bytes
content-length
5554
expires
Wed, 01 Feb 2023 06:52:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 41B3 		35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:40 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
generic
match.adsrvr.org/track/cmf/ Frame C4A6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9583fadb25f29c6dee891e224e4d8cc6&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Jan 2023 09:55:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame C4A6
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date
Mon, 30 Jan 2023 09:55:40 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
simage2.pubmatic.com/AdServer/ Frame 0E03
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
e335b440-8c79-4ce5-847e-d608830e3cf2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Jan 2023 09:55:40 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2065234573506573244&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame C4A6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685625986601802&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=762e955c-6d54-4709-958f-dd0bd571caff&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 30 Jan 2023 09:55:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame E95A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777737152662&gdpr=0&gdpr_consent=
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777737152662&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 30 Jan 2023 09:55:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194381777737152662&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C4A6 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:ebfb:2347:dbfe:4c27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame C4A6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7Ztld2xE2uULUmGD0ZPbDXR9XCbC1I8-~A&gdpr=0
date
Mon, 30 Jan 2023 09:55:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame C4A6 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 75C7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-TRS6gr4SEF7zVEL1GjvWCU6Ovc
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-TRS6gr4SEF7zVEL1GjvWCU6Ovc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Jan 2023 09:55:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-TRS6gr4SEF7zVEL1GjvWCU6Ovc
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 3A98
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9eUHAADItcg5wAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
160
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 30 Jan 2023 09:55:40 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
617
x-served-by
cache-fra-eddf8230104-FRA
x-timer
S1675072540.285026,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 30 Jan 2023 09:55:40 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9eUHAADItcg5wAb
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230104-FRA
x-timer
S1675072540.184940,VS0,VE92
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C4A6 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3B01
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGYUswN0hyeWdBQUNCY3hsd25UUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFaK07HrygAACBcxlwnTQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1876881905400050493&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFaK07HrygAACBcxlwnTQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1876881905400050493%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1876881905400050493&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFaK07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 30 Jan 2023 09:55:40 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFaK07HrygAACBcxlwnTQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C4A6
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b7d8fdfd-624d-45e0-9eb5-d94c642ae01d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b7d8fdfd-624d-45e0-9eb5-d94c642ae01d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b7d8fdfd-624d-45e0-9eb5-d94c642ae01d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 30 Jan 2023 09:55:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame C4A6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2460650948867251650&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2460650948867251650&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2460650948867251650&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cookiesync
core.iprom.net/ Frame 5F7E 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 30 Jan 2023 09:55:40 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-81ecde95134f@version_1.534
X-core-time
0ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 0046
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
393 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
791955514b9abba3-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
791955502928bba3-FRA
content-type
text/html
date
Mon, 30 Jan 2023 09:55:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
174
Pug
simage2.pubmatic.com/AdServer/ Frame C4A6
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2065234573506573244
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2065234573506573244
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 30 Jan 2023 09:55:40 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.58.247; 37.58.58.247; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
34bede11-0219-4465-b1ca-bd7c65359f5d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2065234573506573244
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 4361
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1675072540188
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5727440244
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5727440244
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:40 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 30 Jan 2023 09:55:40 GMT
etag
RX3807751a59dc47c38d8263acce7c9534003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5727440244
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
pub
matching.truffle.bid/sync/ Frame 1B7B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 30 Jan 2023 09:55:40 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame D84E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 30 Jan 2023 09:55:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cm
ipac.ctnsnet.com/int/ Frame 2BD8 		43 B
204 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
gdpr_consent=
sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/ Frame 0C0F
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhTYbaUTWbYMWRgWT%2526gdpr%253D0%2526gdpr_consent%253D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.135.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-135-184.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:40 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.7.129

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhTYbaUTWbYMWRgWT%2526gdpr%253D0%2526gdpr_consent%253D
page-data.json
www.file.io/page-data/plans/ 		0
622 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:23:07 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
JB0N26782ND855P7
x-amz-cf-pop
FRA53-C1
age
1954
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
MdcH5Kdu4NROizX29BB3TnmrhWXznoJft8P0eDOQbjIvhSTL9oCo26ii4Iw9a5NvPqpoMqy4hj0=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
idFeMwMAiP1-xZFYU4Urvhw7NS2BralpXWNErvjzafGbLB407wUmBw==
page-data.json
www.file.io/page-data/signup/ 		0
623 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 08:24:41 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
BFKRKDGVSWP66EFP
x-amz-cf-pop
FRA53-C1
age
5460
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
fl6P6wQuRy6a7uPQ89+YbkLBZTbDtFWPFQ0/ERNaPG6U4WdxKJ0+xo6d687OPELJv/40NZyrH5Q=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
V9M-lGXvcLy2z8GAzjh26h-A3w1jR-b_GfsqKrHOt1JiZEyYCRRFbA==
page-data.json
www.file.io/page-data/plans/ 		141 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:23:07 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
JB0N26782ND855P7
x-amz-cf-pop
FRA53-C1
age
1954
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
MdcH5Kdu4NROizX29BB3TnmrhWXznoJft8P0eDOQbjIvhSTL9oCo26ii4Iw9a5NvPqpoMqy4hj0=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
X5m3NgRrmpbVhNg-izqtPVNANoT5URTfAfSiAViMAuxHzXe5-1t8qw==
page-data.json
www.file.io/page-data/signup/ 		137 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 08:24:41 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
x-amz-request-id
BFKRKDGVSWP66EFP
x-amz-cf-pop
FRA53-C1
age
5460
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
fl6P6wQuRy6a7uPQ89+YbkLBZTbDtFWPFQ0/ERNaPG6U4WdxKJ0+xo6d687OPELJv/40NZyrH5Q=
last-modified
Wed, 23 Nov 2022 15:26:45 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
dN5QGNWWPgfDMAp1ZCL8IYMbqaTMqQJptQaFGi2EfeBnjO1RIv_33w==
component---src-pages-plans-index-js-4d7d70651af058699199.js
www.file.io/ 		0
938 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-plans-index-js-4d7d70651af058699199.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 07:05:45 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:42 GMT
server
AmazonS3
x-amz-request-id
MDNZ78PAKYGN2GDM
x-amz-cf-pop
FRA53-C1
etag
"66b96715a5faba1158fa14385302dc0f"
age
1997395
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
473
x-amz-id-2
aNRIPmIacfykqz2eIP9irJ40cLCc0hfGPItPqYJcS9tjpAXOtQYFems2MoLFO1aoRuuZgIdEDNQ=
x-amz-cf-id
Om7scAJa3vMaEtvro1_1R_drWrFv2YebObbCM2CDzeMOx4bb5MWyGw==
component---src-pages-signup-js-6276362a910cd31f83ca.js
www.file.io/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-signup-js-6276362a910cd31f83ca.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 00:24:38 GMT
content-encoding
br
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 15:26:42 GMT
server
AmazonS3
x-amz-request-id
HRQG5ADC535VYYV0
x-amz-cf-pop
FRA53-C1
etag
W/"f532f8654ef9d6e2ccba95d194e45cc2"
age
207063
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
DFP04hs0dLjMpEp3l_o-WaP53GlG-8KXJYXY_6mZAKdqQvM0WfFV9Q==
x-amz-id-2
MGGzM4n1U0LXaBrkI/s8cUCGEjof//TugQVdnFbY+NWHxfasaZFXt4uQXZdLoMCOSwEqPSvhpS0=
track
track1.aniview.com/ Frame 411C 		0
93 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.file.io&rs=www.file.io&sid=35316&t=1675072536&cip=37.58.58.247&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=33d113346bf7359825e1da329e49d456&d63=33d113346bf7359825e1da329e49d456&aafaid=&proto=https&uid=1675072536156-954188294057-001153-000-008805&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.77&cb=27645098193&d39=&d65=IntentIQ&d66=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=37.58.58.247&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=625edad12c2bbd0fa201f6f6&AV_WIDTH=440&AV_HEIGHT=247
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.110.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-110-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 30 Jan 2023 09:55:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C8A0 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40603281&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
727cd2a72d4f463aec87baea258430cb55318e66124728567745be1531ea89bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 30 Jan 2023 09:55:40 GMT
content-length
1031
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame EE68 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96429272&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
727cd2a72d4f463aec87baea258430cb55318e66124728567745be1531ea89bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 30 Jan 2023 09:55:41 GMT
content-length
1031
content-type
text/html; charset=UTF-8
bridge
cm.adgrx.com/ Frame FE06 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:41 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 1B13 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 29F8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FFB15589DDA4460381CC818D6EA0AC11&gdpr=0&gdpr_consent=
1 B
58 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FFB15589DDA4460381CC818D6EA0AC11&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 30 Jan 2023 09:55:41 GMT
expires
Sun, 29 Jan 2023 09:55:41 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FFB15589DDA4460381CC818D6EA0AC11&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
info2
uipglob.semasio.net/pubmatic/1/ Frame C8A0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:43 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:43 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame C8A0 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
79195556f9b19b71-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame C8A0
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.203.53.149 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 09:55:41 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 30 Jan 2023 09:55:41 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
ids
idsync.frontend.weborama.fr/ Frame C8A0
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4086358715
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:41 GMT
via
1.1 google
last-modified
Mon, 30 Jan 2023 09:55:41 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
date
Mon, 30 Jan 2023 09:55:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
info2
uipglob.semasio.net/pubmatic/1/ Frame EE68
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:43 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:43 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame EE68 		95 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:55:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
79195556f9b29b71-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame EE68
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.203.53.149 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 09:55:41 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 30 Jan 2023 09:55:41 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
ids
idsync.frontend.weborama.fr/ Frame EE68
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1049187492
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 09:55:41 GMT
via
1.1 google
last-modified
Mon, 30 Jan 2023 09:55:41 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
date
Mon, 30 Jan 2023 09:55:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
bridge
cm.adgrx.com/ Frame 4E2B 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 30 Jan 2023 09:55:41 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 40FC 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7943
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FFB15589DDA4460381CC818D6EA0AC11&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FFB15589DDA4460381CC818D6EA0AC11&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 09:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 30 Jan 2023 09:55:41 GMT
expires
Sun, 29 Jan 2023 09:55:41 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FFB15589DDA4460381CC818D6EA0AC11&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
content1.avplayer.com
URL
https://content1.avplayer.com/6006a32f94a1ea4fe84a39a6/videos/625edad12c2bbd0fa201f6f6/625edb3e2d0dea26100d8f63/video.mp4?AV_TAGID=6374f8665f2f007d23421195&AV_TEMPID=62f50abe103ae32adf5785c8&cid=6374ee512c8ca8606841c0a8&pid=5f2063121d82c82557194737&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=636a37af05e5617b262a5a52&videoId=625edad12c2bbd0fa201f6f6
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=200&key=[RX_UUID]
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=2173
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontentvisibilityautostatechange string| GoogleAnalyticsObject function| ga string| pagePath string| ___webpackCompilationHash object| ___chunkMapping object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| gatsby_scroll_offset number| gatsby_scroll_duration object| __vm_add object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| __VM function| ym object| googletag object| Ya object| yaCounter90916604 object| aniviewRenderer object| ggeac object| google_js_reporting_queue object| sas object| apntag object| _ADAGIO undefined| google_measure_js_timing object| google_reactive_ads_global_state object| aniplayerPos object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| com function| _avcp object| GoogleGcLKhOms object| storageAni object| google_image_requests

100 Cookies

Domain/Path Name / Value
.file.io/ Name: _ga
Value: GA1.2.1166269738.1675072534
.file.io/ Name: _gid
Value: GA1.2.352518577.1675072534
.file.io/ Name: _gat
Value: 1
www.file.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.file.io/ Name: _ym_uid
Value: 167507253515543915
.file.io/ Name: _ym_d
Value: 1675072535
.file.io/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1855672569fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 255760980fake
.yahoo.com/ Name: A3
Value: d=AQABBBeU12MCEHl0O347RWeW_wFr8jin8QEFEgEBAQHl2GPhYwAAAAAA_eMAAA&S=AQAAAs9B8VM7n1gz8c3SFo-5kRE
mc.yandex.com/ Name: yabs-sid
Value: 162456771675072535
.yandex.com/ Name: i
Value: tBq4a1QrSP7pupXcL6AgDqmeZl03DZ5SKhYereUnm3MilHfFuTitoGlnF5syvpo9+nm2c01nv1keARkyugrBzrRVwZQ=
.yandex.com/ Name: yandexuid
Value: 6801282421675072535
.yandex.com/ Name: yuidss
Value: 6801282421675072535
.yandex.com/ Name: ymex
Value: 1706608535.yc.1675072535#1706608535.yrts.1675072535#1706608535.yrtsi.1675072535
.file.io/ Name: __gads
Value: ID=54f8675ea644f354:T=1675072535:S=ALNI_MY0q0vrhhg369ziDvxLk71p6TWqSA
.file.io/ Name: __gpi
Value: UID=00000bace6dc8cb8:T=1675072535:RT=1675072535:S=ALNI_MZpZH9OuCFKhtCyu8HJn40-n9-0Og
.doubleclick.net/ Name: IDE
Value: AHWqTUmWSHwG93ES7IYRlVVGoTFZp5Egcj3JA0-rLs7d5FVIqo5lNlgrrEntSuda0Z4
.doubleclick.net/ Name: DSID
Value: NO_DATA
.aniview.com/ Name: aniC
Value:
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6AD80778-4F9F-47C4-A3A9-4E8F5A6D8531
.prebid.a-mo.net/ Name: __amc
Value: 3_1675072535_1675072536
.mathtag.com/ Name: uuid
Value: 0ae163d7-9419-4700-ba5e-1ce21f3ec24b
.simpli.fi/ Name: suid
Value: FFB15589DDA4460381CC818D6EA0AC11
.de17a.com/ Name: guid
Value: 1.4645871933401885513
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6936813945336792066
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:0ae163d7-9419-4700-ba5e-1ce21f3ec24b&KRTB&16736-uid:0ae163d7-9419-4700-ba5e-1ce21f3ec24b&KRTB&23019-uid:0ae163d7-9419-4700-ba5e-1ce21f3ec24b&KRTB&23114-uid:0ae163d7-9419-4700-ba5e-1ce21f3ec24b
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6936813945336792066&KRTB&23263-6936813945336792066
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.quantserve.com/ Name: d
Value: EP4BCwGWKPijAA
.quantserve.com/ Name: mc
Value: 63d79418-77f65-bfd55-34678
.ads.stickyadstv.com/ Name: UID
Value: ca4d4d6aa61fd63ee832d9dfac19eb
.rubiconproject.com/ Name: khaos
Value: LDIMXT2I-U-938I
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1p4TNCogc7rw6X1sjXRzPXV9LsQ47YKwx0YT+1CaHOq6cm+U5Ds+UY4HEYI5ehIrWxl8kqfVs3aNzpQ7vzkXQ/
.spotxchange.com/ Name: audience
Value: 3ea0dcaf-a084-11ed-afc2-141922060006
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4645871933401885513
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEOqmO81e_TQjfcc1FsQh4hI&KRTB&22987-CAESEOqmO81e_TQjfcc1FsQh4hI&KRTB&23025-CAESEOqmO81e_TQjfcc1FsQh4hI&KRTB&23386-CAESEOqmO81e_TQjfcc1FsQh4hI
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-x2YgOchhdTbcYnNox2BpbJcxcTvcZnA4xm2SrmdT&KRTB&19420-x2YgOchhdTbcYnNox2BpbJcxcTvcZnA4xm2SrmdT&KRTB&22979-x2YgOchhdTbcYnNox2BpbJcxcTvcZnA4xm2SrmdT&KRTB&23403-x2YgOchhdTbcYnNox2BpbJcxcTvcZnA4xm2SrmdT
.technoratimedia.com/ Name: tads_uid
Value: GDPR
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 339e510c16f2d3fe
.amazon-adsystem.com/ Name: ad-id
Value: A6XjMZf8X0i_uWTYoj7T9bs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b2824924-194b-4570-8611-5286131be040"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzUwNzI1MzY7MjswMjHEKXMj4JnNfTiQiO69MNOuvuYir47RTDyLKwv3emcdpQ==
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2793:u=1:x=1:i=1675072536:t=1675158936:v=2:sig=AQGKwJN3kZX-vQuR57BaJFjze49aG0WC"
www.file.io/ Name: _lr_retry_request
Value: true
www.file.io/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: uuid2
Value: 2065234573506573244
.file.io/ Name: cto_bundle
Value: YfAmB19BdGMlMkJjbnZpVVN5UUMybkFJRjdaZVpMSmR5R3VGSDhEQjNtbVlVQmxIclJDYnA2WG5pUWlnJTJGSnViSFNOajRNbXNvTTZyNks1dGlpbkdFSlBCJTJGUHRkMCUyRjJoa2NDTVpRVkROMzY5YzRkdzhnJTNE
.file.io/ Name: cto_bidid
Value: lE5VtV91Z2Fxa0ZnRzJTb2tCT0lQdSUyQjlHZDVtNWY5aWs4M2ZsM3k3WFA3NlhTRDhQYTZhWGxmN3BsY21GYiUyQjdBV1BKREhMQUwlMkJEMGR6ZCUyQkJMSE9Zems0Wmh3JTNEJTNE
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1676246400%3A201_197_219_221
.pubmatic.com/ Name: pi
Value: 159234:4
.pubmatic.com/ Name: SyncRTB3
Value: 1676332800%3A35%7C1675641600%3A223_2_15%7C1675900800%3A63%7C1677628800%3A203%7C1676246400%3A214_21_233_238_220_54_22_176_7_161_204_99_243_71_166_81_88_8_251_3_234_56_13_55
.bidswitch.net/ Name: c
Value: 1675072540
.bidswitch.net/ Name: tuuid_lu
Value: 1675072540
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~29pl
.bidswitch.net/ Name: tuuid
Value: 762e955c-6d54-4709-958f-dd0bd571caff
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2065234573506573244&KRTB&23339-2065234573506573244
.pubmatic.com/ Name: SPugT
Value: 1675072539
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: cookie
Value: b731067413f49a47
.onaudience.com/ Name: done_redirects161
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: c55f8d79-6f1e-4441-8586-a114f4c88b0f
.fiftyt.com/ Name: cs
Value: MTY3NTA3MjU0MHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fO4IICJFNrqsU-fOGbX62PEaccAmUnDfltEaAKnajfIG
.adfarm1.adition.com/ Name: UserID1
Value: 7194381777737152662
.adsby.bidtheatre.com/ Name: __kuid
Value: b7d8fdfd-624d-45e0-9eb5-d94c642ae01d.444286540
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3807751a-59dc-47c3-8d82-63acce7c9534-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
ads.playground.xyz/ Name: connect.sid
Value: s%3AuuTzitLctVtz2vuSNAb_zCZT5y80rAum.hurpL9nPLHvd8pdIKpfDmAjd6n9K9SzNJU3brMr50Mg
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7194381777737152662&KRTB&23278-7194381777737152662&KRTB&23369-7194381777737152662
.turn.com/ Name: uid
Value: 2460650948867251650
.ctnsnet.com/ Name: cid_bf96c84890d94f68b8015da399ea0d0c
Value: 1
.ctnsnet.com/ Name: cid_7f4b4d4665b84dadb90fead7b24f4e88
Value: 1
.fiftyt.com/ Name: fppm
Value: 20230130095540
.fiftyt.com/ Name: fifid
Value: 99c4eddc-5c06-4788-7195-c7e0898098a3
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2460650948867251650&KRTB&23150-2460650948867251650
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y9eUHAADQ8s6zAAF
.onaudience.com/ Name: done_redirects200
Value: 1
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AAFaK07HrygAACBcxlwnTQ
.scoota.co/ Name: tuuid
Value: 75bf4a3c-8054-40c6-b92b-3f8dae56a524
.scoota.co/ Name: c
Value: 1675072540
.scoota.co/ Name: tuuid_lu
Value: 1675072540
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-762e955c-6d54-4709-958f-dd0bd571caff
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5qYG5kamJgYmoAAAcjTgkQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMrW0MDMzMLQwMBLiM9QtTC42iU-J0s2OMAkFAPC1h3IlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMrW0MDMzMLQwMBLiM9QtTC42iU-J0s2OMAkFAPC1h3IlAAAA
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAFaK07HrygAACBcxlwnTQ
.smartadserver.com/ Name: pid
Value: 5893617397444277031
.onaudience.com/ Name: done_redirects147
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: a4nseFSZdIiiSTnMSYlNinSI4fZaFg1q2ND8VSZdHZasO80nrkXCIRSEpQGaYt9cKOcuhXLvXlRkDW4mvnZcFoU5D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f93452ea-0af8-4841-7bcd-510bd468ef58.IbB%2BQeht%2BrJvaToN3zC4L6JRlixugMAYkdkvLyQOZhk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-TRS6gr4SEF7zVEL1GjvWCU6Ovc.3Wmj6SxcHOHnSwQkBqIqliRlM4y%2FXCnl%2Fo3SpBeVuY0
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335--TRS6gr4SEF7zVEL1GjvWCU6Ovc&KRTB&23334--TRS6gr4SEF7zVEL1GjvWCU6Ovc&KRTB&23417--TRS6gr4SEF7zVEL1GjvWCU6Ovc&KRTB&23426--TRS6gr4SEF7zVEL1GjvWCU6Ovc
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFaK07HrygAACBcxlwnTQ
.pubmatic.com/ Name: PugT
Value: 1675072540

10 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9899.dWaXrpkYsXHJ2AXn1UtIJ567LQPyY_CChc6v81bz3PK2RFjLAsE8Oj5KLJekRaf_6ezZIoilC8dcuM7XMHtU1E77OQRsKZLTo5r6u8ZMvio%2C.2IOb_HmBqlwBetb0Kk6LTj1S33M%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://www.file.io/deleted/
Message:
Access to XMLHttpRequest at 'https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=200&key=[RX_UUID]' from origin 'https://www.file.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https://sync.aniview.com/cookiesyncendpoint?auid=1675072536156-954188294057-001153-000-008805&biddername=200&key=[RX_UUID]
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEYAh2yFSLDQO0Af4mo5Guw&google_cver=1
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
javascript error URL: https://www.file.io/deleted/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://www.file.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=2173
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=307f84046bf1db67/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhTYbaUTWbYMWRgWT%2526gdpr%253D0%2526gdpr_consent%253D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f386cb86445fe071/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhTYbaUTWbYMWRgWT%2526gdpr%253D0%2526gdpr_consent%253D
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
aud.pubmatic.com
bh.contextweb.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
cdn1.vntsm.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
content1.avplayer.com
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d1oykxszdrgjgl.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
e50cebfacb1b4bc0f18497a6f10fb44d.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
feed.avplayer.com
file.io
go1.aniview.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hb.vntsm.com
hb.vntsm.io
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
lb.eu-1-id5-sync.com
lexicon.33across.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mc.yandex.com
mc.yandex.ru
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
optimized-by.rubiconproject.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.tribalfusion.com
script.4dex.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
st.pubmatic.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg1.aniview.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
track1.aniview.com
track1.avplayer.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
web.ssp.yahoo.com
www.file.io
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
cm-supply-web.gammaplatform.com
content1.avplayer.com
sync.1rx.io
104.87.175.132
104.96.145.246
107.23.246.142
138.199.36.10
141.94.161.158
141.94.171.212
141.94.171.214
141.95.98.65
142.250.201.194
143.204.215.24
147.75.85.234
151.101.194.49
151.101.65.108
159.65.197.210
162.19.138.116
162.55.120.196
173.223.112.191
178.250.0.157
178.250.0.163
18.156.0.31
18.156.195.47
18.194.241.108
18.195.128.19
185.255.84.150
185.29.132.241
185.64.189.110
185.64.189.112
185.64.189.221
185.64.190.78
185.64.190.80
185.64.190.87
185.83.142.19
185.86.137.131
185.86.138.16
185.86.139.94
185.89.211.84
185.94.180.124
193.0.160.128
195.5.165.20
198.148.27.139
198.47.127.20
2.18.79.136
2001:678:cb4:bbbb::11
213.155.156.180
213.19.147.45
2400:52e0:1e00::1078:1
2600:1901:0:8344::
2600:9000:2057:fe00:0:1651:6140:21
2603:c020:400d:3000:d7b5:8a93:2d80:f113
2606:4700:10::ac43:2483
2606:4700:10::ac43:db6
2606:4700:20::681a:246
2606:4700:20::ac43:4bf1
2606:4700::6812:18ad
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:830::200e
2a00:1450:400d:803::2001
2a00:1450:400d:80c::2004
2a00:1450:400d:80e::2002
2a00:1450:4025:401::9b
2a02:2638::1c
2a02:26f0:3500:c::5c7b:6822
2a02:6b8::1:119
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:ebfb:2347:dbfe:4c27
3.64.134.215
3.68.23.185
34.102.253.54
34.111.129.221
34.111.131.239
34.252.135.184
34.95.69.49
34.98.64.218
35.186.193.173
35.201.96.126
35.204.158.49
35.214.223.115
35.71.131.137
37.157.3.30
44.205.120.122
44.209.110.138
51.89.9.252
52.0.141.180
52.202.226.14
52.203.53.149
52.209.54.253
52.28.203.152
52.31.12.122
52.31.186.144
52.46.155.104
54.229.240.67
54.239.38.253
54.78.254.47
54.80.246.179
63.251.232.170
69.16.175.10
69.16.175.42
69.173.144.138
72.251.249.9
76.223.111.18
77.243.60.138
8.43.72.98
85.114.159.93
98.98.134.243
04b87102f0b7cc4f673cbe953d23fa244d5a57603c128d89e8b699dadf85a211
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19358326caaeb1ae753c10b461bdd9a6ea351654ed4608a643f2e85ff4a77959
1d3c9f410a52c208629d43a8ac807e29a7c24af63016e5f218fc2353401c0a76
1d3f046c7bfd5e811eb5f1427f39da44c93c378c535ae46f48067c88b7e1efc7
1dbfeb07cd50a1857b9576b5415f8a4c6ef010279666f39448fa0aa125d433b7
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
1f7d1013b0f425c1e214104299653258e0e220ebf9d6afe9c949062f245631b1
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
219b7d784a6be7b4481d33ac15b61800b12fa51042b04dca3fada2a0c1b08479
26e634f65b75da69fdda18faae1c3cbca9e4e9b9b6249386c716bd22e509eebc
28594bbf0b03e8fcfdb222e167617ea75fd944a8bffdefd86356b0833658e235
288db5036ac603d7fce1f3427d1e84733982a15cc47cb9249f2c75f4b1e45887
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d88d82511ab89592c0b15bed99021980ed270478012110d399050d4a16aac25
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4a182f95bcce3716c6a9580fa8bd94a35c256172550cb7f39a4a27e4d5505d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32856279123c68f5f0314a669a9305e9a7227b96f45b311fe8caf6e632cfaecf
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
379b728a2adf1606b2fbcb23861cc2daeb7f95fba9bdbc49162fcd4716253581
37b63ae3b2798d7f8c1fce2428a2d23d6617dcace9573557b3a29150782cb1b0
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eae67948d40ba7e48ffcdc4f534d48bcae6f98e5d1fc77afa1c7e931462772f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474d6a7493f88db6d3e1ba313270bcd9d561b94f91d30dcffacfd7fa065440c6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7718a15765c2c4f0ceda30c89b855b11268cc8e88068b7ccfa3687c0224b93
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
4fd1c46f56830d4a0ccfc36425d7d477cc2ffd0afc53d52fa60371ebea307dc5
4fde17f51a8bc827005be42da22c2d825454440af4fe99fcf5dc03f06f4c80a2
5467779bb4c774feb582e4066d9bc4d4f7798fed06a721ef5ab2e527ac4dcfbe
5485f7c109c1e517093f2b972c6cae2deebbb0e998691d0f3143ccaa2c705a63
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5521874c37ed12464dedc6b69a7cf449bcce25ed0c93bf64ee2908ad9abb65e3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c7d82278a8071ddf81a2b724897239f3bca0da1558ee394110c2fa3685a1d66
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
6401dd6a5003b1d2015c92d9e3de73642c3b353833829ad13bbdfb5eaf4ef78b
66eada1eb9787a8a6a32b834e2afd163608936438d4c7c854aa02e3879aef403
6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5
6874ae9768713bc153ca59dbb900d5b69e3169878b19a386aa53468beac8e531
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f368aa8ed1ff20a7f45f67285eb393b6b164a71826955217eaac1aa54c31980
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
7082ee3172433ac226c8eac865683c8c1861dd01e7fab4bf9c034b82a605abf5
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
727cd2a72d4f463aec87baea258430cb55318e66124728567745be1531ea89bf
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
738f71066bfaee46ca77395f9b9bc7ef41fc7bc037c58c6cf2c845c3c16f66f2
7390f30f66dee8a21b8af260f15b68b3b7e22032a1efa6cf898b218c388d4930
749bfb9120cf715ec4345dac709b503c78d1c3d97ad212547e1defc8a055643f
74a6eea50d9d4170808b5ad80ab205cb48bce5db1ef3be4e72ca45ea209d9bc8
7a26780461fa5b189686ca3891aeed135a2c599eecb4d1c80a6b0f3b2e91bf55
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
8b168560168b9aef52b885fa8740f55db537de961cc6ac00462e1576d25b95bc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e64ece70e36a6959f180c175b0bfee4d46960579cb7e56d19fdeb4839d4c9d1
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
9569cf5dd17b1221fee65a4e501815e090e31d793388c2e092a248b870378ca2
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ca6765abac5f29b7e77219a3a7fff9109abbda13ecad8711cc895d89ba8e2ec
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
9e265ad847e27c8625bcfa4a9b7dc5c25a2e6b81fb88b0a18d9e3342ddb1f884
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1d8022da4a5d9d93dc21f779bb4ac8f8e2f2b2ba9c7c4b9a08d4c7f122b8c1c
a1dc61a1ec299faace8c3bdc4de4993df47b4ac8e513c15cb0da57ecd8eb4681
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a3e48b35ef959083f745588a50a32c176af4bac3c37d106babb70d4f4215559a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54cc829e9e54c97f61adab5c35ac3225b179b11a792a91f49022d1db7b9b9aa
aa92025db7d6e619e6251e77dd26f5266bd18bdb3cd110b06b4ac6250762dc92
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8f0560cfb3454b16571917355e9d4c7314f4bc0a8d866851c3efa5a72db629
b2ad6306a9b60dabd28e33d3d4c623276076c9341c162561c2abd23d12461aaa
b429a2cc9ff16c152674cf66e0fc48e5e356fd8e9ef154c31e5cdf890c51238a
b89a5d20567fc2c1380a29f31ab247d50f3924b91dd620e2a7141f9115bf6cf3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb386b4289ffa2aa281003e2b0b117747da67593eb6d6fd6564f88351b7593da
beef9a37e3f19f8cd09b62edbb5b98f94a8f8feb50d5ba5823061f21224c268a
c03c1b18c1718f5cc9f186a87574a6692eb056295bbb55db492f2ee1b3967c46
c0e5b4c77b8497040fa489ad67dfd0d9b86e22d7b634234fcd1df58a03195a7c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c56962a3224e277153ee311a8017c0446ffb272d9f68bb0893700a3d9218fd70
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9a88f9b9cc40fdb1097ff2a759fb2175927c6cf67bd1e885da000d8969799ee
cac67af0d29938a7154913246d0c213da39b0cea16f6d152d9ad72628d7a0519
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
ceb24d9bf634b034bc20d2321e7c4cf29d2b82572754612308e02bfa7a43a79f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
d1d0bcc4ebfb3f326f655d27586ea79f39448ca371dfd90815f187e4d716f2e9
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d7644bc819a01d32c6850d97e70779351138612c2cb63af9a95cc048441170a7
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
d84f631154065af94f16866b7434f9a00a54ca2711c237a9e648253ce23e76ba
d8cb7fbdd1d95c5e5945676dab0a6572eea9ac679815e863e3c1a25abe149769
db0b1156487f684eed9b5e2c91e5c9fd79ca1bc191a5eea01d422ef4a5e9b437
dcc84ca2069873bf863e0b36e587fd75731d689301e628c13156550f61689722
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e0b10948c8f8424409e72354023bb956d7a6d000840271dae5bcc642c73906d3
e18cb430d37779613b30d164a96b6f76a1a2d58887a732f1fd7df440805cf2ba
e24135f7c7b26e267e3186ce8163f78e9a5bfc95a8715e649b9f1fc186b82dc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4323924254159e56d02d83c053a8173c40086d0665c4c274f9fa302c8f4559b
e69948ac90ac5e01a7aa02e61c55bbfe60228cdc4772c2847b4c7886f5e73044
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e9fd988104e4ebf553b7586262df3f0cf443220ae2ac22034cca06906076dd90
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec350dbc6117aa7cbe6795c6dc5697e26a6e936ba871a2266a1422f52e131a7a
ec723a0e6ead648aa6e71f9c4b3742c6f5ccfdae32201483ccc27c1eb44fde66
ec9db248d8e4622ec4c1a7fccbe721f8f8afc922a0ed873a2f2a15cbef344733
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eef6e8f2135553b6ba83a46919cb260534818b61b493b4b2e7e87e35a93078fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe2ad676e290b1cdbbb28a8ccac7459c7c9b18d61cd15ecc141a1ebb8970853
f6adc8d1333d3210036fb1f70540db20bce7b2540a199635eda879d05002e8c9
f78b804125d36b1a1c502fc0bc1aae64f96ade1ee9a773ba5def5b80804094ce
fb2a3185b8a550b167ef6b3a84e7820b82de0f0d51acd770e62cf0e83c655f57
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc02fcb07ebfd4d72bffee96134897bccab2ed814c7105a7519a5c2de4e1aa7c
ffe79e95ec3459895b737c8734438de45f61c84e8ad001fff0547a6aa470bfd2