urlscan.io logo urlscan.io
SecurityTrails logo

www.file.io Open in urlscan Pro
13.224.189.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://file.io/BiEhsiVZvPqt
Effective URL: https://www.file.io/deleted
Submission: On October 04 via manual from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 113 IPs in 13 countries across 106 domains to perform 464 HTTP transactions. The main IP is 13.224.189.97, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 25th 2023. Valid for: a year.
This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.231.5.229 14618 (AMAZON-AES)
41 13.224.189.97 16509 (AMAZON-02)
3 151.139.128.10 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 52.222.208.154 16509 (AMAZON-02)
2 2600:9000:212... 16509 (AMAZON-02)
1 65.9.95.30 16509 (AMAZON-02)
1 3 2620:116:800d... 16509 (AMAZON-02)
4 184.30.211.26 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:212... 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 65.9.93.173 16509 (AMAZON-02)
5 34.120.111.33 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 18.200.130.91 16509 (AMAZON-02)
1 3 54.229.130.135 16509 (AMAZON-02)
5 185.64.189.112 62713 (AS-PUBMATIC)
6 185.86.139.85 201081 (SMARTADSE...)
2 18.185.181.121 16509 (AMAZON-02)
2 69.166.1.32 27630 (AS-XFERNET)
1 3 145.40.97.67 54825 (PACKET)
3 8 37.252.172.123 29990 (ASN-APPNEX)
22 104.18.43.178 13335 (CLOUDFLAR...)
1 185.255.84.150 200271 (IGUANE-)
4 35.157.200.21 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
44 2a00:1450:400... 15169 (GOOGLE)
2 12 52.94.222.140 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
10 69.16.175.42 20446 (STACKPATH...)
9 44.198.90.67 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 162.19.138.83 16276 (OVH)
6 8 18.184.148.2 16509 (AMAZON-02)
2 51.89.9.253 16276 (OVH)
6 7 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
6 23.35.229.251 16625 (AKAMAI-AS)
4 6 185.86.139.101 201081 (SMARTADSE...)
1 1 185.255.84.152 200271 (IGUANE-)
2 4 76.223.111.18 16509 (AMAZON-02)
6 162.19.138.120 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a02:26f0:e60... 20940 (AKAMAI-ASN1)
12 20 69.173.144.165 26667 (RUBICONPR...)
15 19 142.250.185.66 15169 (GOOGLE)
2 2 91.210.226.72 48314 (IP-PROJECTS)
2 2 89.163.240.122 24961 (MYLOC-AS ...)
12 3.33.220.150 16509 (AMAZON-02)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 44.218.84.96 14618 (AMAZON-AES)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 3 209.54.182.161 16509 (AMAZON-02)
8 8 52.211.174.80 16509 (AMAZON-02)
6 7 3.75.62.37 16509 (AMAZON-02)
1 23.48.23.29 20940 (AKAMAI-ASN1)
1 2600:9000:225... 16509 (AMAZON-02)
17 2a00:1450:400... 15169 (GOOGLE)
8 23.213.164.238 16625 (AKAMAI-AS)
2 185.64.190.89 62713 (AS-PUBMATIC)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 52.206.108.195 14618 (AMAZON-AES)
2 2 178.250.7.11 44788 (ASN-CRITE...)
2 2 52.45.228.151 14618 (AMAZON-AES)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 185.86.139.59 201081 (SMARTADSE...)
3 5.196.111.65 16276 (OVH)
5 216.58.206.34 15169 (GOOGLE)
1 2 35.186.194.101 15169 (GOOGLE)
1 23.213.165.82 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
8 185.64.190.78 62713 (AS-PUBMATIC)
11 185.64.191.210 62713 (AS-PUBMATIC)
12 198.47.127.205 62713 (AS-PUBMATIC)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
3 4 37.157.6.237 198622 (ADFORM)
6 185.64.190.81 62713 (AS-PUBMATIC)
8 14 193.108.153.23 20940 (AKAMAI-ASN1)
7 44.217.2.23 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 63.251.14.14 14744 (INTERNAP-...)
1 1 23.212.211.47 16625 (AKAMAI-AS)
1 35.244.159.8 15169 (GOOGLE)
1 1 54.237.21.81 14618 (AMAZON-AES)
1 216.52.2.86 32475 (SINGLEHOP...)
3 35.156.50.67 16509 (AMAZON-02)
3 69.173.144.137 26667 (RUBICONPR...)
3 2a02:2638:3::7 44788 (ASN-CRITE...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 184.30.20.22 16625 (AKAMAI-AS)
4 18.197.170.218 16509 (AMAZON-02)
2 3 151.101.130.49 54113 (FASTLY)
5 7 52.202.131.94 14618 (AMAZON-AES)
1 1 3.69.181.172 16509 (AMAZON-02)
2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 2600:1901:0:8... 15169 (GOOGLE)
2 151.101.129.108 54113 (FASTLY)
1 35.244.174.68 15169 (GOOGLE)
3 3 193.0.160.130 54312 (ROCKETFUEL)
6 69.166.1.66 27630 (AS-XFERNET)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 3 208.93.169.131 46244 (WEBMD-IDC...)
2 2 3.120.6.97 16509 (AMAZON-02)
1 1 52.2.79.180 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 37.157.3.26 198622 (ADFORM)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 34.249.114.3 16509 (AMAZON-02)
1 3.76.141.3 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 51.68.39.188 16276 (OVH)
1 1 35.214.190.171 15169 (GOOGLE)
2 3 54.217.255.105 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
2 2 98.98.134.242 21859 (ZEN-ECN)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 82.145.213.8 39832 (NO-OPERA)
2 63.251.232.170 32475 (SINGLEHOP...)
2 35.186.193.173 15169 (GOOGLE)
3 3 213.155.156.182 1299 (TWELVE99 ...)
2 195.5.165.20 44968 (IPROM-AS)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.234.75.193 14618 (AMAZON-AES)
1 1 141.94.242.226 16276 (OVH)
2 2 141.94.171.213 16276 (OVH)
1 23.88.86.2 24940 (HETZNER-AS)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 141.94.171.212 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
464 113
1    34.231.5.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-5-229.compute-1.amazonaws.com
file.io
41    13.224.189.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-97.fra2.r.cloudfront.net
www.file.io
3    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
hb.vntsm.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::6816:2f8e (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
9    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2600:9000:2127:e000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    65.9.95.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-30.prg50.r.cloudfront.net
config.aps.amazon-adsystem.com
3    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
4    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2127:7400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
2    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
1    2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    65.9.93.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-93-173.prg50.r.cloudfront.net
aax.amazon-adsystem.com
5    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
api.edkt.io
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    18.200.130.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-130-91.eu-west-1.compute.amazonaws.com
track.venatusmedia.com
3    54.229.130.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-130-135.eu-west-1.compute.amazonaws.com
ad.360yield.com
ad2.360yield.com
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    185.86.139.85 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    18.185.181.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-181-121.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    69.166.1.32 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
8    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
22    104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
4    35.157.200.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-200-21.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
44    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
12    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
11    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3365f209bbab38f41fd52e8a3343fb85.safeframe.googlesyndication.com
tpc.googlesyndication.com
10    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
tg1.aniview.com
feed.avplayer.com
player.avplayer.com
play.aniview.com
content1.avplayer.com
9    44.198.90.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-90-67.compute-1.amazonaws.com
track1.aniview.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
8    18.184.148.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-148-2.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
6    23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
6    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a02:26f0:e600:584::2c79 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
20    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
19    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
2    91.210.226.72 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
2    89.163.240.122 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm45.as.net
cm.adsafety.net
12    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    2a02:26f0:7100::1720:eee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
1    44.218.84.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-84-96.compute-1.amazonaws.com
go1.aniview.com
3    2a05:d018:d29:3605:de3d:8205:f74c:2062 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
8    52.211.174.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-174-80.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
7    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.48.23.29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-29.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    2600:9000:2251:f600:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
17    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    52.206.108.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-108-195.compute-1.amazonaws.com
sync.ipredictive.com
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    52.45.228.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-228-151.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    2a02:26f0:480:15::213:7e50 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.sascdn.com
1    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
itx4.smartadserver.com
3    5.196.111.65 (Le Grau-du-Roi, France)

ASN16276 (OVH, FR)
PTR: ip65.ip-5-196-111.eu
www14.smartadserver.com
5    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
googleads4.g.doubleclick.net
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
ad.sxp.smartclip.net
1    23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com
ad.yieldlab.net
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
11    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
12    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
4    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
6    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
14    193.108.153.23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-23.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
7    44.217.2.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-2-23.compute-1.amazonaws.com
sync.aniview.com
1    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    63.251.14.14 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
PTR: 14.14.251.63.unassigned.ord.singlehop.net
ap.lijit.com
1    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    54.237.21.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-21-81.compute-1.amazonaws.com
ssp.disqus.com
1    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    35.156.50.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-50-67.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
3    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
3    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
4    18.197.170.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-170-218.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
7    52.202.131.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-131-94.compute-1.amazonaws.com
a.audrte.com
1    3.69.181.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-172.eu-central-1.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    3.120.6.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-6-97.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    52.2.79.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-79-180.compute-1.amazonaws.com
nep.advangelists.com
2    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
pubmatic-match.dotomi.com
3    34.249.114.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-114-3.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    3.76.141.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-141-3.eu-central-1.compute.amazonaws.com
crb.kargo.com
1    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    51.68.39.188 (Paris, France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
1    35.214.190.171 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 171.190.214.35.bc.googleusercontent.com
csync.loopme.me
3    54.217.255.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-255-105.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    63.251.232.170 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
3    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    3.234.75.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-75-193.compute-1.amazonaws.com
track1.avplayer.com
1    141.94.242.226 (France)

ASN16276 (OVH, FR)
PTR: bixel-3.cloudy.ovh
green.erne.co
2    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel-eu.onaudience.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
52 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840
ads.pubmatic.com — Cisco Umbrella Rank: 837
st.pubmatic.com — Cisco Umbrella Rank: 1525
image6.pubmatic.com — Cisco Umbrella Rank: 1171
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
image2.pubmatic.com — Cisco Umbrella Rank: 1547
image4.pubmatic.com — Cisco Umbrella Rank: 1978
simage4.pubmatic.com — Cisco Umbrella Rank: 1746
115 KB
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
3365f209bbab38f41fd52e8a3343fb85.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
315 KB
42 file.io
file.io — Cisco Umbrella Rank: 442756
www.file.io
1 MB
41 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433
300 KB
35 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3048
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 5915
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1314
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1711
50 KB
25 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 12724
track1.aniview.com — Cisco Umbrella Rank: 2842
player.aniview.com — Cisco Umbrella Rank: 2710
play.aniview.com — Cisco Umbrella Rank: 23531
go1.aniview.com — Cisco Umbrella Rank: 7540
sync.aniview.com — Cisco Umbrella Rank: 2660
322 KB
22 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 6936
30 KB
21 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 404
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945
aax.amazon-adsystem.com — Cisco Umbrella Rank: 541
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
81 KB
17 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
407 KB
16 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2163
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
itx4.smartadserver.com — Cisco Umbrella Rank: 13562
www14.smartadserver.com — Cisco Umbrella Rank: 37455
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011
41 KB
14 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
10 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
2 KB
10 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
4 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
secure.adnxs.com — Cisco Umbrella Rank: 806
acdn.adnxs.com — Cisco Umbrella Rank: 960
41 KB
9 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 20639
player.avplayer.com — Cisco Umbrella Rank: 15509
content1.avplayer.com — Cisco Umbrella Rank: 22805
track1.avplayer.com — Cisco Umbrella Rank: 18287
375 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
4 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
2 KB
8 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1680
match.sharethrough.com — Cisco Umbrella Rank: 876
3 KB
8 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 3687
sync.go.sonobi.com — Cisco Umbrella Rank: 1592
7 KB
7 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
4 KB
7 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 910
bidder.criteo.com — Cisco Umbrella Rank: 949
gum.criteo.com — Cisco Umbrella Rank: 640
2 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1223
id5-sync.com — Cisco Umbrella Rank: 687
32 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
dmp.adform.net — Cisco Umbrella Rank: 4243
cm.adform.net — Cisco Umbrella Rank: 1654
3 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com — Cisco Umbrella Rank: 713
9 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
294 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
3 KB
5 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 29535
api.edkt.io — Cisco Umbrella Rank: 25390
9 KB
5 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4264
prebid-match.dotomi.com — Cisco Umbrella Rank: 3475
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593
2 KB
4 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 28413
645 B
4 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2364
a.ad.gt — Cisco Umbrella Rank: 2797
5 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1662
104 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 4098
spl.zeotap.com — Cisco Umbrella Rank: 3966
1 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18527
pixel.onaudience.com — Cisco Umbrella Rank: 3680
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
1 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
782 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
1 KB
3 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 6648
2 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 957
3 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1417
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
951 B
3 openx.net
u.openx.net — Cisco Umbrella Rank: 1024
rtb.openx.net — Cisco Umbrella Rank: 1029
838 B
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1313
811 B
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
367 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 1002
ad2.360yield.com — Cisco Umbrella Rank: 15090
697 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1803
pixel.quantserve.com — Cisco Umbrella Rank: 1594
cms.quantserve.com — Cisco Umbrella Rank: 1260
10 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2225
www.google.com — Cisco Umbrella Rank: 11
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 32963
296 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2139
1 KB
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8195
554 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 7500
653 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2200
563 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
499 B
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1476
14 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1698
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 821
701 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
contextual.media.net — Cisco Umbrella Rank: 1062
9 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012
ce.lijit.com — Cisco Umbrella Rank: 1486
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
2 smartclip.net
ad.sxp.smartclip.net — Cisco Umbrella Rank: 6764
871 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 802
1 KB
2 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 3626
apps.sascdn.com — Cisco Umbrella Rank: 8449
14 KB
2 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 16085
3 KB
2 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 19826
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 8843
483 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
952 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
1021 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
visitor.omnitagjs.com — Cisco Umbrella Rank: 1162
993 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2260
26 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2175
104 B
2 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2808
46 KB
2 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3498
45 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
151 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 5800
463 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 11001
1 erne.co
green.erne.co — Cisco Umbrella Rank: 27364
412 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1499
226 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 4515
566 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
524 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 2259
292 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 5554
185 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 481
690 B
1 rlcdn.com
api.rlcdn.com Failed
idsync.rlcdn.com — Cisco Umbrella Rank: 719
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2332
247 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4376
595 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2272
600 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2443
403 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4449
400 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1542
500 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2560
502 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 2263
480 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
648 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
1 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2416
10 KB
1 google.ch
www.google.ch — Cisco Umbrella Rank: 18208
408 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1963
955 B
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 37563
663 B
0 inmobi.com Failed
sync.inmobi.com Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 bnmla.com Failed
match.bnmla.com Failed
464 106
Domain Requested by
41 www.file.io www.file.io
cadmus.script.ac
hb.vntsm.com
static.cloudflareinsights.com
39 pagead2.googlesyndication.com cadmus.script.ac
hb.vntsm.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
www.file.io
s0.2mdn.net
22 elb.the-ozone-project.com hb.vntsm.com
cadmus.script.ac
elb.the-ozone-project.com
www.file.io
ads.stickyadstv.com
ads.pubmatic.com
static.cloudflareinsights.com
onetag-sys.com
19 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
17 s0.2mdn.net www.file.io
s0.2mdn.net
14 ads.stickyadstv.com 8 redirects www.file.io
player.aniview.com
elb.the-ozone-project.com
12 image2.pubmatic.com ads.pubmatic.com
www.file.io
elb.the-ozone-project.com
12 pixel.rubiconproject.com 6 redirects
12 match.adsrvr.org googleads.g.doubleclick.net
aax-eu.amazon-adsystem.com
www.file.io
player.aniview.com
hb.vntsm.com
ads.stickyadstv.com
ads.pubmatic.com
12 aax-eu.amazon-adsystem.com 2 redirects cadmus.script.ac
aax-eu.amazon-adsystem.com
ads.pubmatic.com
11 simage2.pubmatic.com ads.pubmatic.com
www.file.io
elb.the-ozone-project.com
10 tpc.googlesyndication.com cadmus.script.ac
www.file.io
s0.2mdn.net
9 track1.aniview.com player.aniview.com
9 securepubads.g.doubleclick.net hb.vntsm.com
securepubads.g.doubleclick.net
www.file.io
8 image6.pubmatic.com ads.pubmatic.com
8 ads.pubmatic.com www.file.io
cadmus.script.ac
elb.the-ozone-project.com
8 match.prod.bidr.io 8 redirects
8 token.rubiconproject.com 6 redirects eus.rubiconproject.com
8 x.bidswitch.net 6 redirects
7 a.audrte.com 5 redirects elb.the-ozone-project.com
7 sync.aniview.com www.file.io
ads.pubmatic.com
7 ups.analytics.yahoo.com 6 redirects www.file.io
6 sync.go.sonobi.com
6 player.aniview.com www.file.io
6 googleads.g.doubleclick.net cadmus.script.ac
6 id5-sync.com hb.vntsm.com
player.aniview.com
6 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
www.file.io
6 ib.adnxs.com 1 redirects hb.vntsm.com
acdn.adnxs.com
6 prg.smartadserver.com hb.vntsm.com
player.aniview.com
5 simage4.pubmatic.com ads.pubmatic.com
5 googleads4.g.doubleclick.net www.file.io
5 www.googletagservices.com cadmus.script.ac
www.file.io
5 sync.1rx.io 5 redirects
5 hbopenbid.pubmatic.com hb.vntsm.com
player.aniview.com
4 match.sharethrough.com
4 rtb-csync.smartadserver.com 3 redirects
4 content1.avplayer.com
4 eb2.3lift.com 2 redirects cadmus.script.ac
4 btlr.sharethrough.com hb.vntsm.com
4 track.venatusmedia.com hb.vntsm.com
4 secure.cdn.fastclick.net www.file.io
secure.cdn.fastclick.net
cadmus.script.ac
3 d5p.de17a.com 3 redirects
3 sync.crwdcntrl.net 2 redirects elb.the-ozone-project.com
3 ads.avct.cloud 3 redirects
3 bh.contextweb.com 3 redirects
3 p.rfihub.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 bidder.criteo.com player.aniview.com
3 prebid-server.rubiconproject.com player.aniview.com
3 optimized-by.rubiconproject.com www.file.io
3 c1.adform.net 2 redirects ads.pubmatic.com
3 www14.smartadserver.com www.file.io
3 s.amazon-adsystem.com 1 redirects
3 pr-bh.ybp.yahoo.com 2 redirects elb.the-ozone-project.com
3 lb.eu-1-id5-sync.com hb.vntsm.com
player.aniview.com
3 player.avplayer.com cadmus.script.ac
hb.vntsm.com
3 prebid.a-mo.net 1 redirects hb.vntsm.com
3 cdn.edkt.io cadmus.script.ac
cdn.edkt.io
3 id.hadron.ad.gt hb.vntsm.com
3 c.amazon-adsystem.com hb.vntsm.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.file.io
3 hb.vntsm.com www.file.io
hb.vntsm.com
2 uipglob.semasio.net 1 redirects
2 mwzeom.zeotap.com
2 pixel-eu.onaudience.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 core.iprom.net ads.pubmatic.com
2 ipac.ctnsnet.com ads.pubmatic.com
2 cm.adgrx.com ads.pubmatic.com
2 t.adx.opera.com 2 redirects
2 rtb.openx.net 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects elb.the-ozone-project.com
2 prebid-match.dotomi.com 2 redirects
2 cm.adform.net 2 redirects
2 static.cloudflareinsights.com elb.the-ozone-project.com
www.file.io
2 rtb.mfadsrvr.com 2 redirects
2 creativecdn.com 2 redirects
2 acdn.adnxs.com cadmus.script.ac
2 gum.criteo.com hb.vntsm.com
2 api.edkt.io cadmus.script.ac
2 secure.adnxs.com 2 redirects
2 um.simpli.fi 1 redirects www.file.io
2 fonts.googleapis.com s0.2mdn.net
www.file.io
2 ad.sxp.smartclip.net 1 redirects googleads.g.doubleclick.net
2 sync.srv.stackadapt.com 2 redirects
2 dis.criteo.com 2 redirects
2 pixel.tapad.com 1 redirects
2 st.pubmatic.com www.file.io
2 cm.adsafety.net 2 redirects
2 ads.smartstream.tv 2 redirects
2 ssbsync.smartadserver.com 1 redirects www.file.io
2 ad.turn.com 2 redirects
2 onetag-sys.com aax-eu.amazon-adsystem.com
www.file.io
2 apex.go.sonobi.com hb.vntsm.com
2 tlx.3lift.com hb.vntsm.com
2 ad.360yield.com hb.vntsm.com
2 script.4dex.io cadmus.script.ac
2 aax.amazon-adsystem.com hb.vntsm.com
2 i.clean.gg hb.vntsm.com
2 cadmus.script.ac hb.vntsm.com
cadmus.script.ac
2 cmp.quantcast.com hb.vntsm.com
cmp.quantcast.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.googletagmanager.com www.file.io
www.googletagmanager.com
1 ads.playground.xyz 1 redirects
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 track1.avplayer.com player.avplayer.com
1 s.tribalfusion.com ads.pubmatic.com
1 ad2.360yield.com 1 redirects
1 usermatch.targeting.unrulymedia.com elb.the-ozone-project.com
1 csync.loopme.me 1 redirects
1 dsp.nrich.ai 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 crb.kargo.com
1 nep.advangelists.com 1 redirects
1 c.bing.com
1 idsync.rlcdn.com
1 lexicon.33across.com hb.vntsm.com
1 1f2e7.v.fwmrm.net 1 redirects
1 dmp.adform.net 1 redirects
1 contextual.media.net www.file.io
1 pixel-us-east.rubiconproject.com 1 redirects
1 prebid.media.net player.aniview.com
1 ce.lijit.com www.file.io
1 ssp.disqus.com 1 redirects
1 u.openx.net www.file.io
1 secure-assets.rubiconproject.com 1 redirects
1 ap.lijit.com www.file.io
1 sync.technoratimedia.com 1 redirects
1 image4.pubmatic.com www.file.io
1 cms.quantserve.com 1 redirects
1 ad.yieldlab.net googleads.g.doubleclick.net
1 itx4.smartadserver.com cadmus.script.ac
1 apps.sascdn.com cadmus.script.ac
1 sync.ipredictive.com 1 redirects
1 live.primis.tech
1 hb.yahoo.net
1 px.ads.linkedin.com
1 go1.aniview.com hb.vntsm.com
1 ced-ns.sascdn.com www.file.io
1 pixel-eu.rubiconproject.com 1 redirects
1 play.aniview.com
1 visitor.omnitagjs.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 www.google.com cadmus.script.ac
1 feed.avplayer.com hb.vntsm.com
1 tg1.aniview.com cadmus.script.ac
1 3365f209bbab38f41fd52e8a3343fb85.safeframe.googlesyndication.com cadmus.script.ac
1 a.ad.gt cadmus.script.ac
1 hb-api.omnitagjs.com hb.vntsm.com
1 proc.ad.cpe.dotomi.com hb.vntsm.com
1 pixel.quantserve.com
1 rules.quantcount.com secure.quantserve.com
1 cdn.id5-sync.com www.file.io
1 cdn.hadronid.net www.file.io
1 secure.quantserve.com cmp.quantcast.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.google.ch www.file.io
1 ad-delivery.net hb.vntsm.com
1 hb.vntsm.io hb.vntsm.com
1 file.io 1 redirects
0 sync.inmobi.com Failed www.file.io
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 match.bnmla.com Failed
0 api.rlcdn.com Failed hb.vntsm.com
464 172
Subject Issuer Validity Valid
*.file.io
Amazon RSA 2048 M01		 2023-01-25 -
2024-02-23		 a year crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-10 -
2024-04-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-07 -
2024-08-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
cmp.quantcast.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-08-07 -
2023-11-05		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
api.edkt.io
GTS CA 1D4		 2023-09-27 -
2023-12-26		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.venatusmedia.com
Amazon RSA 2048 M02		 2023-01-24 -
2024-02-22		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
the-ozone-project.com
E1		 2023-08-28 -
2023-11-26		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.aniview.com
GeoTrust TLS RSA CA G1		 2023-07-15 -
2024-08-14		 a year crt.sh
*.avplayer.com
GeoTrust TLS RSA CA G1		 2023-08-14 -
2024-09-13		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-10-01 -
2023-12-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.prod.euc1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-13 -
2023-12-12		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 103 frames:

Primary Page: https://www.file.io/deleted
Frame ID: CB777DC450928D4F39EAFA99786E4C04
Requests: 167 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 05CD85C4B409FAA1F15F19BC5E722765
Requests: 1 HTTP requests in this frame

Frame: https://cdn.edkt.io/check/prober.html
Frame ID: 61E914514E6F7D62D0ADA7DAC092AEA5
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&dcc=t
Frame ID: F15287B85FEAB15903ACD10D14CE0FD1
Requests: 1 HTTP requests in this frame

Frame: https://3365f209bbab38f41fd52e8a3343fb85.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BF54E148FCD433DD3B1089AC2781E5B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC57817AC113CDEF08E2B2409B50D429
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BAFA4DFCB29FA155C28CF6B9178FC10
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: EB9DAB90D81D88ED98AC21B77606B48F
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Frame ID: AF14B358C7D3376C6D4FE7A2111D6EF5
Requests: 20 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2762954008211025756&gdpr=0&gdpr_consent=
Frame ID: 75CB2C6C2058FB8DDDC857029238358C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=37f3182e36c7a31e16455edc85f8b3d6
Frame ID: D804DC981A615728C1749CF8F4888B20
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4419242845649292636937
Frame ID: A6AB59CA03A23EDBD624E5215936057C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvz3gHIQp32YigVMzh7tU5Bop8qg6uMdMeDDi1xjt84cizPcF1RQ9QB5afI540qPtWfTdA99TXqJNzvwp9yVSvcmcE0VSqbOkOrctCLo61tb7FxuTV0L9z_L4wwNWyPQKRWEQbtCOvfy03JIDfmnu34oGFlR16B7UjLgk2BGzVwyXpbYsYO4SNde1KJM5gVeJjgW6q9CR_3rY2XbYPJqXHDhh4Krp4IDyEDEA8RigA3fDEB5QiWsNTy84l4sXLAHtSwuFn4HL0OTQlZbjBvmUyLqgferAUXYdzFZGEEEuIM7SVF9ufViFKMBm2G7FOB11-_PfSgQirkjo8J287ClLLPV0WQbj97zxGcP3NyC277ZyFqTl9qx3xZPRUg8zj0pvAVlA&sai=AMfl-YQ79J3Uo1bzvo4VJqbjzCFC2aGQBlF5GNOL9MMMJZOLW0E24m2MVlywRw_rpUZ4UyxZL8lnjk48oLZgq2aIWgypmy8gpEoL5662SpuoY0wFg7hfVvct7cTz0W6pCCx40YARmA26NLHUQp0SewyZQ3RYZlXLFBTssHghJD3gU3YP&sig=Cg0ArKJSzBHnzt2ce8HTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3A6DB183CC10A604BBC46AE7C290DF40
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVpwk26EBIWVOiwdHSUp6KjjBPwnnx2MiG6ap3uHaA-_DOAWXUWLjNBTn5DiLid0hEnCVd6H84xIdFs2Gq46KsT-R548g
Frame ID: B8AAA7013DC42719DC8F6572C993D986
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 357F7777AC19F9886FB610CB24074AB4
Requests: 15 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Frame ID: 9C1DEA1B8135AB6D1028997D60A3CE8F
Requests: 30 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT6Ao5g5DxdsdCj3cH0bj1waDeK-QWhOwVyxshIFWCgcC7D2MmFi71ZcZwpUXBWvFjiohA6M5VleoBj39S1FHhev9B-UKuZHPT_sn0xI7SQ83-YpbUsoMm8UBiTPQoaOdtidmFjTohmlgNG89AJjiX4j59AfkrfqKuPYKRaIctBQRyEuI8W0M2PNEAjFK_xTXlkqOVUEW0w3aYQeRcW2-PjQFlkOkvm1r7LIhRJxgUSAB5jpRsG0bfWmE9Z_qweoB3CU692OnD3lsTYPb1DGBhuF7vLGrw_H58mrBVliUJsCPJpUgy_9iFUBjwK0e96pl46zmfAKIq6bypqMPyaZUWwMttEqGj8XwnGff-vMoSUwUMMjjYzD-sfWxcOA3dBShZ9g&sai=AMfl-YS2Mxp1JAxNVXMvL3_3XKEjSZr8d9WM6j2_ei-m5Ayou-CCJQaa10KPR1-VOYtMjUz9n6hiGOEojBjruFJmTh4wly1K1H_LbqZr8J5dGGuhcoFTlftdAYFbMPR4afyzRi6ICa0s0GgNfLyVH9niOMbSwhOfeiYFdzwmvJVowXc&sig=Cg0ArKJSzOVvYaNlrur-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 172A35EA3EB19CFC048188C5341155E2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVoOdoJTlWZodT5_V2Nilumk7VjGwt5V8xIOE80X9-TiZo-tub6jMhBJFQ2fWY9j0ab94mYOFZzEO3OHkDGAPs1PGTaXw
Frame ID: A5E6603BAD9862A597ADDA925838AA8B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B560A9549621823DFAF85AC5D1306E06
Requests: 14 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.4.js
Frame ID: 2A7E86403A71F83895EF90029AD39816
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 166154B2ADBDF1DCDC1F2DBCDF51BC01
Requests: 12 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=159234&siteId=703967&adId=2886235&imprId=7CECFE55-E1EA-4C8D-8C41-61519461B548&cksum=25D148AA8FF293B6&adType=10&adServerId=243&kefact=0.309737&kaxefact=0.309737&kadNetFrequecy=0&kadwidth=970&kadheight=250&kadsizeid=32&kltstamp=1696430391&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.322721&dcId=3&tldId=0&passback=0&svr=BIDAMS0155&adsver=_2043887087&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=N3kdZbBCAQB6Gnjvd8BjqsvjcsFthBjANTolpd-1sstdbYBV&ekaxefact=N3kdZcBCAQAZ5n3Ld_27xHBHDY416Ere_JnOAnNUpLwuJ9Ui&ekpbmtpfact=N3kdZc5CAQDDyPvEVjf3cyicPqCAqrYRhNvFB5g47awit1Ne&enpp=N3kdZdxCAQCvfr0QpwRyuzm_RJjbbZnaHlHJI2pDxturONxd&pfi=1&domId=16921222812304876096&dc=AMS&pubBuyId=16886&crID=464111101&lpu=interdiscount.ch&ucrid=403696863063589945&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=1683864&wDspId=80&wbId=0&wrId=3958685&wAdvID=100097&wDspCampId=19432207831&isRTB=1&rtbId=5AD60249-1CE3-41B6-BB2D-2F2DD694694CB&ver=10&dateHr=2023100414&usrgen=0&usryob=0&oid=7CECFE55-E1EA-4C8D-8C41-61519461B548&cntryId=45&domain=file.io&sec=1&pAuSt=2&wops=0&sURL=file.io&BrID=5
Frame ID: 45AD51627C135F63F5687DCD01A03820
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 90B28EED974C2297732660C73F079871
Requests: 4 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=159234&siteId=703967&adId=2886235&imprId=F6DE616B-4B40-4228-891C-B12F34B32F03&cksum=91929411CD45D957&adType=10&adServerId=243&kefact=0.324174&kaxefact=0.324174&kadNetFrequecy=0&kadwidth=970&kadheight=250&kadsizeid=32&kltstamp=1696430391&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.338060&dcId=3&tldId=0&passback=0&svr=BIDAMS0096&adsver=_2043887087&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=N3kdZVgQAgD1oKgaFNlYl5FXjO278iLFHDCz5hPiKOa7PltR&ekaxefact=N3kdZWkQAgDsbX0J1naWs1wndVByXSiYRt-bsk_9A8ZzeOv4&ekpbmtpfact=N3kdZXsQAgCThM8eC5Q49FjqsVPLThrM3MhyblJKgTWOD9NM&enpp=N3kdZYYQAgBeg203K2YJnVpU6vZleJwk-QROYbSuLPKqaqq9&pfi=1&domId=16921222812304876096&dc=AMS&pubBuyId=16886&crID=464111101&lpu=interdiscount.ch&ucrid=403696863063589945&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=1683864&wDspId=80&wbId=3&wrId=3958685&wAdvID=100097&wDspCampId=19432207831&isRTB=1&rtbId=36489816-B44C-48EA-8661-646536659A15B&ver=10&dateHr=2023100414&usrgen=0&usryob=0&oid=F6DE616B-4B40-4228-891C-B12F34B32F03&cntryId=45&domain=file.io&sec=1&pAuSt=2&wops=0&sURL=file.io&BrID=5
Frame ID: 334B5C17CAB5079980F06BC77EE87F6C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 14FC4627391A4223AD440718DD44AB00
Requests: 3 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%222b83a9c0-2745-4918-acf4-937f68f021bd%22%2c%22adomain%22%3a%22microspot.ch%22%2c%22page%22%3a%221143513%22%2c%22format%22%3a%2282113%22%2c%22crid%22%3a%22503623041%22%2c%22dsp%22%3a%2276%22%2c%22buyer%22%3a%2262057%22%2c%22cid%22%3a%2220351945701%22%2c%22adid%22%3a%22503623041%22%2c%22hash%22%3a%227495224449846664028%22%7d
Frame ID: 283D4713DD13F041B09FD251013249E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNXZGdmWfw-UtC9X-GUCVVHkyZ8I-f6_ezDgbFGQtKH5cJom1gRIzQrHNk7tWMCoMf2otKFQLa7N_i-cLUH4X10XjLqshhsIchxgjN-bFzjb0cDvBwU
Frame ID: F82629A641A471CB7D1DEECA7AB020D9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7276051DE66F2F81C40AC9A51D17CE39
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B27A20EEB89C5C908F0B877BFC51F6CC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
Frame ID: CB4B2E78CC9276AC1F4BA3CE085A1D2D
Requests: 17 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Frame ID: 41A52A83E1D31F1EA081B012CF9B9830
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: E016E5E290BB4B41AB9F10E0337E1F83
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=844E5247-9E5D-4BC5-A15C-1075184A440C&redir=true&gdpr=0&gdpr_consent=
Frame ID: 08A461BD5417AD65724AD4E679E833CA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7770374247560168041&gdpr=0&gdpr_consent=
Frame ID: 4543C32618B8460C6BF123E7295EF5CC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yit9kssnf8DRf3WUmSphxs8mL8fRfHnGzioRLONg
Frame ID: 2FBC42DE8409713A826FFFEBB0EE70E6
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Frame ID: FBF291FC9F0E19FF0080290D753C00BC
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=c478328da529e2ba086a7e1c54fc1&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: C08FE9FB41C1D1F9187A5A83959E61A7
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: C4B3D68DD1C1622E739F6F74FDD027AF
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=200&key=OPTOUT
Frame ID: 39DBFECD1055DA67452C5F46B5D609E9
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=3&key=GDPR
Frame ID: B09D8C362FB203DFBB3BE41DC5C7F4C2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D1%26key%3D
Frame ID: D7B2F2E7A9F8D6101DCAA874D102A03F
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D18%26key%3D%24UID
Frame ID: 5ADDFFFACF4669A7B5F4B22880C8C8C7
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=
Frame ID: DEBE030FEB56726BAA58873495C88790
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: DF7B2F374F2B6D39EEF39254DB945837
Requests: 4 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D23%26key%3D
Frame ID: A213C2492F978863C477686938BECF2C
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Frame ID: E4D04C42F4F6C02E86E9DF0789E567E8
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=279534&3pid=ua-35d8db48-ab35-3e70-a712-4c699231070f&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0zNWQ4ZGI0OC1hYjM1LTNlNzAtYTcxMi00YzY5OTIzMTA3MGYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk2NDMwMzkyODg0LTk5NTkzMjY4OTM2OS0wMDE3NzktMDE1LTAwNzE0OCZiaWRkZXJuYW1lPTUyJmtleT11YS0zNWQ4ZGI0OC1hYjM1LTNlNzAtYTcxMi00YzY5OTIzMTA3MGYyAgwgOAE=
Frame ID: 6C051646B0DD3B191B2C69C3F7E7EF42
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=55&key=7770374247560168041
Frame ID: 6F11D07733F2368E40A67E2BA0F5E69D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0CCEF0C470404F2F071745E15969A377
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Frame ID: D3E0404D608948CBA57C2E2DA3F23D73
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU322PTV&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 86EC3BD30A814246BC8B1B28A22A8572
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&us_privacy=1---
Frame ID: AD8B8B0E5FC69B95E1135D59F98E034B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 4044C2B276F4E487E89CEABE6BE1C246
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 474CCF06C667671FF45C64A7DD6F35BE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B7B5D7399DC11A56D655C587843E9773
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Frame ID: 76F72839F1B58342378B46B93E217A35
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Frame ID: 398B6BC9D0AC590E0919E5881119E798
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F8E81B25479235322517B4D84C771E57
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 60079BCA27C6F564DEFD6B216C7FCEDB
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Frame ID: 31092C64249C3E663E2D34041199CDD3
Requests: 7 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/cookie_sync
Frame ID: 42F552FFF2E491A2A8004AD399271ADC
Requests: 12 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 502255C19D34CE171C53BF568BBB77BB
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: B3E0E610ABBAC5400F605A220EF61E98
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Frame ID: 82B326E37B12DD502BEBDE3C46036DC7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: A63FBE234AB057F9CE1ED2E6D23F313B
Requests: 11 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 677893533BC2C40D31C09BE950FB6DB2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286113066477353110&gdpr=0&gdpr_consent=
Frame ID: 08B8E28670EDFF53EC918A3203859FD6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 1E5B055658A9055F5F328C7B8CB59E4A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gXXf2Fl8XqJBI9dANIBNMMPOaYQ&gdpr=0&gdpr_consent=
Frame ID: 9E0E3245A5534B13CBBB211C68B3FB0B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 16A88EEA360F777DB8F975DDCB419587
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 323F4B9EA459E3A802A8082FC00F266D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACQbU7KOvIAABkFBugagw&gdpr=0&gdpr_consent=
Frame ID: 083DDA3D7BA37DA9F756B035DCA57280
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=844E5247-9E5D-4BC5-A15C-1075184A440C
Frame ID: 8228EC911A6F2E02E14416E7DFB94067
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Frame ID: 03736B52320EDE775BF13FA8ECA69650
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Frame ID: FBA07A84EFCE79B5EB08D230572BBAD3
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26%24UID
Frame ID: 817F68911A52E1E9201AB24F2907026A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: 62BA69592C94B50B75B016766A96A85A
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1975632a7e0c4dada2b9356fbf50e3fc
Frame ID: 3B37E7504BA1B31F9C7DF4E669FA2FDE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 2F950B0F05EDD4488D33D981B0543142
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 8E2C441F4C25953F8035C44BEF5649BC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730125016522
Frame ID: 9EBCDDB58560F0FECFC22312F18ACB51
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9192942573442099881
Frame ID: 28C5A546EBCAFCEFF451FC16D0C621E3
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 8B7D73B5E454D20BBE7ECA4D8D87F195
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 99F76ED390CC7BC59EA99F40FE9EF7BD
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 19417053EE6C7FC1CEEE320DBC7C2800
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 18936E0727AB747CAE16A721F71985CA
Requests: 1 HTTP requests in this frame

Frame: https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 36168F2FA1A10013B55769ED4D842185
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent=
Frame ID: 85B9F4A7C9DCD4AA6A84B8E6427E0614
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRaXjWVVVjnWYUagU&gdpr=0&gdpr_consent=
Frame ID: 57C149F81E4716507A71037933E1AEFE
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 08B5BFFBB117FF8DB5C3841D2F547227
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2640DB98C3844147BF9B3D3B71701BB7&gdpr=0&gdpr_consent=
Frame ID: B5B2B42F754A492F166C65F9FA64CD5D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8584673287
Frame ID: 4EC16E2C062A1253B784F513326725F6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1975632a7e0c4dada2b9356fbf50e3fc
Frame ID: 8093C1220FFA4D377726D31B0097CACD
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5E76E80A64124A9CFAC85D3AEA3AC651
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 4AFB253062B04A13980F92F260F6BECD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730125016522
Frame ID: F85E3064F8E657C807E2DD381BBFC29F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9192942573442099881
Frame ID: 7A72B84C5C0C570320BE5263CD93B068
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 938CB2A359C43B9C13F05D22FC773866
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 299B30AA14621881F5A06CCE052A4C62
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E28380E35D18CFFDFBE1B8991D0FE03C
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 04079BE5D2B4C326610A34DBDD8B6963
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=844E5247-9E5D-4BC5-A15C-1075184A440C
Frame ID: D083AB74669EF2A89ECBC047475AC3A9
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=1&key=844E5247-9E5D-4BC5-A15C-1075184A440C
Frame ID: B34C44A3A3531C2A66285BDDEF28810A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Deleted | file.io

Page URL History Show full URLs

  1. https://file.io/BiEhsiVZvPqt HTTP 302
    https://www.file.io/deleted Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

464
Requests

85 %
HTTPS

27 %
IPv6

106
Domains

172
Subdomains

113
IPs

13
Countries

4332 kB
Transfer

15778 kB
Size

178
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://file.io/BiEhsiVZvPqt HTTP 302
    https://www.file.io/deleted Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&dcc=t
Request Chain 104
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=4675a75b-4262-489b-9956-4e00d71e4528
Request Chain 106
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1696430391776 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7233123317 HTTP 302
  • https://sync.1rx.io/usersync/turn/3736268900511119604?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a5bc009a-264f-4517-8f25-feca7a950cd5-003?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-a5bc009a-264f-4517-8f25-feca7a950cd5-003 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-a5bc009a-264f-4517-8f25-feca7a950cd5-003
Request Chain 108
  • https://ssbsync.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2762954008211025756&gdpr=0&gdpr_consent=
Request Chain 109
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D&gdpr=0 HTTP 307
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=37f3182e36c7a31e16455edc85f8b3d6
Request Chain 110
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4419242845649292636937
Request Chain 128
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEJ4IFlYRAUHYDberY0bYrsA&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEJ4IFlYRAUHYDberY0bYrsA&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=acaa4a2dd248a4f1d618b926cb5d9c51&uid=acaa4a2dd248a4f1d618b926cb5d9c51&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 142
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0&khaos=LNBUUS3F-L-G04A HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LNBUUS3F-L-G04A&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEJ4IFlYRAUHYDberY0bYrsA&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEJ4IFlYRAUHYDberY0bYrsA&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=acaa4a2dd248a4f1d618b926cb5d9c51&uid=acaa4a2dd248a4f1d618b926cb5d9c51&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 155
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/0aDDizipwqIvzRXYojVL6A?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OmGQusdE2oJOVWBMEJv8EUo3rfITzy.u4wwdxw--~A
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHu9k60QPWX_NXGjTKuDuf4&google_cver=1
Request Chain 158
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNBUUS3F-L-G04A&gdpr=0
Request Chain 159
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5CVVVTM0YtTC1HMDRB&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOd8z-B6LNG13i0ytoRwu0k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5CVVVTM0YtTC1HMDRB&google_push=&gdpr=0
Request Chain 160
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_UMwQjDBRxiHbo_YwLO48w&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_UMwQjDBRxiHbo_YwLO48w&gdpr=0
Request Chain 161
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y5Hmv_ICSSOBaga9ra6-sA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y5Hmv_ICSSOBaga9ra6-sA&gdpr=0
Request Chain 162
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWEyMTJiZmMyYzQ3YzBlNGQ0Y2NiMDZmNTk2MmY5NDhjYmYzMGJlZg&gdpr=0
Request Chain 163
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACQbU7KOvIAABkFBugagw&expires=30&gdpr=0
Request Chain 164
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNBUUS3F-L-G04A&redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNBUUS3F-L-G04A&redir=true&gdpr=0&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNBUUS3F-L-G04A&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WU5GVHNGRTJ1RUVXUDVqNl9FVXR0MVpaajFEXzBoY35B&gdpr=0&ovsid=LNBUUS3F-L-G04A&dpid=58160
Request Chain 165
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNBUUS3F-L-G04A&gdpr=0
Request Chain 166
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNBUUS3F-L-G04A&gdpr=0
Request Chain 173
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNBUUS3F-L-G04A&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNBUUS3F-L-G04A&gdpr=0
Request Chain 174
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=a5d22f64-9edc-41be-a923-f3b46ae971b3&expires=30&gdpr=0
Request Chain 175
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=6c2f42a1-1374-41df-9180-a1c84fec9c21&gdpr=0
Request Chain 176
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=gXXf2Fl8XqJBI9dANIBNMMPOaYQ
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEN2YaOO-hUq90ql2eL64sOI&gdpr=0&google_cver=1 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEN2YaOO-hUq90ql2eL64sOI&gdpr=0&google_cver=1&ang_testid=1
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEH3P9DDxkVwS-Pq0B2aa8Tg&google_cver=1&gdpr=0
Request Chain 226
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 228
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7770374247560168041&gdpr=0&gdpr_consent=
Request Chain 229
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yit9kssnf8DRf3WUmSphxs8mL8fRfHnGzioRLONg
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODQ0RTUyNDctOUU1RC00QkM1LUExNUMtMTA3NTE4NEE0NDBD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPQ-Ka-DlLLLPhL5ATQo0-0&google_cver=1
Request Chain 233
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=227586578612158718
Request Chain 235
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=844E5247-9E5D-4BC5-A15C-1075184A440C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y_eO6rpE2uU8BbsrCgxWJl7wGAh3aSY-~A&gdpr=0
Request Chain 239
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=c478328da529e2ba086a7e1c54fc1&_fw_gdpr=1&_fw_gdpr_consent=
Request Chain 241
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=200&key=OPTOUT
Request Chain 242
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1696430392884-995932689369-001779-015-007148&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D3%26key%3D%5BUSER_ID%5D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=3&key=GDPR
Request Chain 246
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 248
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Request Chain 249
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D52%26key%3DBUYERUID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-35d8db48-ab35-3e70-a712-4c699231070f&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0zNWQ4ZGI0OC1hYjM1LTNlNzAtYTcxMi00YzY5OTIzMTA3MGYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk2NDMwMzkyODg0LTk5NTkzMjY4OTM2OS0wMDE3NzktMDE1LTAwNzE0OCZiaWRkZXJuYW1lPTUyJmtleT11YS0zNWQ4ZGI0OC1hYjM1LTNlNzAtYTcxMi00YzY5OTIzMTA3MGYyAgwgOAE=
Request Chain 250
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=55&key=7770374247560168041
Request Chain 285
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&gdpr_consent=undefined&gdpr=0&khaos=LNBUUS3F-L-G04A HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LNBUUS3F-L-G04A&gdpr=0&gdpr_consent=undefined
Request Chain 325
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2762954008211025756&gdpr=0&gdpr_consent=
Request Chain 326
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZR15OgAVNRlgagAN HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZR15OgAVNRlgagAN&gdpr=0&gdpr_consent=&_test=ZR15OgAVNRlgagAN
Request Chain 327
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Ym04ZGpjdlhBZnNReHEzMk5rLS1sRjdYdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGJtOGRqY3ZYQWZzUXhxMzJOay0tbEY3WHciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGJtOGRqY3ZYQWZzUXhxMzJOay0tbEY3WHciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGJtOGRqY3ZYQWZzUXhxMzJOay0tbEY3WHciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=227586578612158718&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGJtOGRqY3ZYQWZzUXhxMzJOay0tbEY3WHciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=bm8djcvXAfsQxq32Nk--lF7Xw&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=2762954008211025756&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 328
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=148634829be78ea9fba0be8b52b4aec3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7286683455218905426&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AACQbU7KOvIAABkFBugagw&dataProviderId=817&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/148634829be78ea9fba0be8b52b4aec3?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-w4mtySxE2oOaawh4c1MWKHqEgtFPQKjGTMqOkwdV~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Request Chain 351
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5108559730125016522
Request Chain 352
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=4675a75b-4262-489b-9956-4e00d71e4528&google_hm=NDY3NWE3NWItNDI2Mi00ODliLTk5NTYtNGUwMGQ3MWU0NTI4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBAkxFA4qEpg03bGRfTnWDo&google_cver=1&ssp=sonobi&bsw_param=4675a75b-4262-489b-9956-4e00d71e4528 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=&gdpr_consent=&us_privacy=
Request Chain 354
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNBUUS3F-L-G04A&gdpr=0
Request Chain 356
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=b8Gt1GkdkdSRthLH0q5C&pi=sonobi&tc=1
Request Chain 357
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=676b3b9a-287d-4a47-b04b-9602ef896cfe&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=OVR1OXpJNHp4UTgyVU50S0ppZ194QQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEdbwo5GWssQpifOwc-Rub8&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=aqOaU9LBSw9J
Request Chain 358
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=d5cd2d15-0a4c-4481-a3ab-bf8382769834
Request Chain 360
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 373
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-w2mB5EtE2uHcrnlToLaRDxaBv8AbllbLy71Mk58-~A&gdpr=0
Request Chain 376
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=227586578612158718
Request Chain 377
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTQ4NjM0ODI5YmU3OGVhOWZiYTBiZThiNTJiNGFlYzM=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIMjqKeLm_HNEHchtldSvXM&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 379
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=368da48d5c701941&is_secure=true&version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAIICO91l2DowNf_ivNAAAAAAA&expiration=1696516794
Request Chain 380
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=8cab3cf7-eaa7-45dd-a917-dd18974a702a
Request Chain 383
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=227586578612158718
Request Chain 385
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=8cab3cf7-eaa7-45dd-a917-dd18974a702a
Request Chain 388
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286113066477353110&gdpr=0&gdpr_consent=
Request Chain 389
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5ae7f1d1-987f-4831-af60-32b85110345f&expires=1&user_group=2&ssp=pubmatic&bsw_param=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 390
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gXXf2Fl8XqJBI9dANIBNMMPOaYQ&gdpr=0&gdpr_consent=
Request Chain 392
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 393
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDUWJVN0tPdklBQUJrRkJ1Z2Fndw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACQbU7KOvIAABkFBugagw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACQbU7KOvIAABkFBugagw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACQbU7KOvIAABkFBugagw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2762954008211025756&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACQbU7KOvIAABkFBugagw&gdpr=0&gdpr_consent=
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hE5SR55dS8WhXBB1GEpEDA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 396
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent=&ct=y
Request Chain 397
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2889393243
Request Chain 398
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=844E5247-9E5D-4BC5-A15C-1075184A440C HTTP 302
  • https://a.audrte.com/p
Request Chain 400
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7295c288-d3d4-4622-8123-8de69b5313e4-651d793b-4348&gdpr=0&gdpr_consent=
Request Chain 401
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1d02f2e232dc17f7&is_secure=true&networkId=17100&version=1&nuid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIg52X2ebBtgMMg344AAAAAAA&expiration=1696516795&nuid=844E5247-9E5D-4BC5-A15C-1075184A440C&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 402
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3736268900511119604&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 403
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Request Chain 406
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&us_privacy=pbs-ozone&ox_sc=1 HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=615b4c19-fb97-4387-adff-7a3c10f94177
Request Chain 408
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=e1db7e18-621d-4993-944f-36112bb1169c
Request Chain 410
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?uid=AACQbU7KOvIAABkFBugagw&bidder=beeswax
Request Chain 411
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-w2mB5EtE2uHcrnlToLaRDxaBv8AbllbLy71Mk58-~A&gdpr=0
Request Chain 416
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1975632a7e0c4dada2b9356fbf50e3fc
Request Chain 419
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730125016522
Request Chain 420
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9192942573442099881
Request Chain 423
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 438
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=902c4555ce4360a6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRaXjWVVVjnWYUagU%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=ec81b78f27a1fcadf328b5aa52c6240a&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRaXjWVVVjnWYUagU%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRaXjWVVVjnWYUagU&gdpr=0&gdpr_consent=
Request Chain 440
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2640DB98C3844147BF9B3D3B71701BB7&gdpr=0&gdpr_consent=
Request Chain 441
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8584673287
Request Chain 443
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=844E5247-9E5D-4BC5-A15C-1075184A440C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=844E5247-9E5D-4BC5-A15C-1075184A440C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 444
  • https://pixel.onaudience.com/?partner=214&mapped=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=7453aedcc22fac7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=81fdaa4d-3c18-4e5f-4235-33814070e891&reqId=340ddec7-793f-43fa-7181-329988ba886a&zcluid=7453aedcc22fac7c&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHfRl6wahJill44kdYav0lQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=81fdaa4d-3c18-4e5f-4235-33814070e891&reqId=340ddec7-793f-43fa-7181-329988ba886a&zcluid=7453aedcc22fac7c&zdid=1332
Request Chain 445
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7770374247560168041
Request Chain 451
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1975632a7e0c4dada2b9356fbf50e3fc
Request Chain 455
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730125016522
Request Chain 456
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9192942573442099881

464 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request deleted
www.file.io/
Redirect Chain
  • https://file.io/BiEhsiVZvPqt
  • https://www.file.io/deleted
500 KB
134 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33f65f1245679f52f9f196177f5c7708d897d43d47d9206de6d7583817c947c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
34043
cache-control
public, max-age=0, s-maxage=86400
content-encoding
gzip
content-type
text/html
date
Wed, 04 Oct 2023 05:12:27 GMT
etag
W/"8383c64345756119de2856d82db9bbef"
last-modified
Mon, 26 Jun 2023 16:00:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-cf-id
3i0anUbYhLU7JaaJcDUWh9C1f8c1kgrC8g38lnjcfQm8evhqHU3yIw==
x-amz-cf-pop
FRA2-C1
x-amz-id-2
l9ioSqH7W0WwQ0GGgD5+qYVudBrRAEO3q/SzIA4q5UD55jt0f5o443rlNi4JztXe3EevN8WdXRk=
x-amz-request-id
WWV90PC9R59874FS
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

access-control-allow-headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
access-control-allow-methods
GET,HEAD,POST,PUT,PATCH,DELETE
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
content-length
98
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 14:39:49 GMT
location
https://www.file.io/deleted
retry-after
60
vary
Accept
x-ratelimit-limit
1
x-ratelimit-remaining
9
x-ratelimit-reset
2023-10-04T14:40:49.237Z
ad-manager.min.js
hb.vntsm.com/v3/live/ 		994 KB
288 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
fd5b5d07b7a368f048906fa6ab245acc65b8de9ec709f8cf930b04a79db55e4a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 14:39:48 GMT
Content-Encoding
gzip
Venatus-CDN-HB-Rule-Version
1.1
x-amz-server-side-encryption
AES256
X-IP
195.206.105.132
Connection
keep-alive
Content-Length
294361
Last-Modified
Tue, 03 Oct 2023 11:35:45 GMT
ETag
"01bd27685f22dabcf1dfc0fd2a338a5f"
X-HW
1696430389.cds324.fr8.hn,1696430388.cds131.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Geo, Content-Type,x-bl,x-geo-subdivision
Cache-Control
max-age=505
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
X-Geo
CH
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07b8fc424a30155823507014515f450aed1c9c6a84cdb234cb1d066a79cdd68b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86477
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Oct 2023 14:39:49 GMT
Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/ 		317 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

Referer
https://www.file.io/deleted
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 01:32:15 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
05FMZDDFMY66Z00Z
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
6872855
x-cache
Hit from cloudfront
content-length
324864
x-amz-id-2
tFoH6XhiMPtGo+oTOmZbR0FLR76o/r491RBVasEURutQ8lZyJRUjKK28+h4dH1JT9DWZN2As9LM=
last-modified
Mon, 26 Jun 2023 16:00:05 GMT
server
AmazonS3
etag
"8dd26c3dd0125fb16ce19b8f5e8273fb"
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_A37wnM_uSX4F5qWDDbyECuaR8LsOI2HVi3DvswEKbMahe0WhpJ64g==
app-ce1c3df6a1080a0c9f36.js
www.file.io/ 		759 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26501a1ea54927eb684a57374525d72bb7112e5036a8f73dfb9890a34fb08871

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 00:29:24 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
8W35MNKEABYJQGTG
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
7049426
x-cache
Hit from cloudfront
x-amz-id-2
HVJa05IZTTnunsrcW+oyGQ7C0Nd0F2DhFUxB54GP4fZ2gijgjNNlilUe0ZjwBNgXryVKZ/vTtr7xtEQYuzoXRQGWiYFXDwSgp0JaCjwG+jA=
last-modified
Mon, 26 Jun 2023 15:59:57 GMT
server
AmazonS3
etag
W/"ee554025a765570fd938eaf7853e81ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
9mJAI4SOgrTBJ-Ff-iIO_LWi5tqAO5ipNo0u4oMzpDqWAX-ni4_t8w==
0eceb729-3d23d92b83ca9772b679.js
www.file.io/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/0eceb729-3d23d92b83ca9772b679.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
618f84de04f8a165a6d22328816b618433d49c5f50706d033436ea0cc0e1a9a0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:20:19 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
SH1TBXRK8Y5XS76F
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
6038371
x-cache
Hit from cloudfront
x-amz-id-2
t9ENAOEps2T7FokmLAI2h95lpusIxd6POz8Vo3TSeYjQDdesBaa9COOcnnOji4RDEp+rPCRI3WM=
last-modified
Mon, 26 Jun 2023 15:59:53 GMT
server
AmazonS3
etag
W/"0a3f35f6211feffe573a08f983c2a35a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
X4G_N7etbY3vicRK0giYAOdZ9bHEPMmPW7HoKCrKYTMkiOGsej4Krg==
d6a9949e-c7fb26743b3df7c3d4f3.js
www.file.io/ 		48 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/d6a9949e-c7fb26743b3df7c3d4f3.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c99558fc6ef205ec358d6ac68ec549d6972949f3cdca2be0aed2a2b3c165c17f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 00:26:59 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
84E6QRNZ4P5S8D0B
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
7135971
x-cache
Hit from cloudfront
x-amz-id-2
VzcgygJ63b7aZRKZOdZyAHEgM06SF/oIIUKEXzhz7475sFtClNZ8gQqvJmuE+TTs2Ow7g5oZA1A=
last-modified
Mon, 26 Jun 2023 16:00:00 GMT
server
AmazonS3
etag
W/"8be798e491d64c90fb2668c241136d27"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
y5zc212viEWs-VS4KaLeAl2WcoB2jXMJG5D0kIdJcOXRzf6NLnFcHg==
e82996df-418a0be62c8cbbb8c8af.js
www.file.io/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e82996df-418a0be62c8cbbb8c8af.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9ae0cc0755ea3b042acde2932d6885c1dcbcc785cae4ec96958540302727b66

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 02:15:57 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
8NHGJ41T8HEV1BBT
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
6092633
x-cache
Hit from cloudfront
x-amz-id-2
x6GmmUrW45+fx/IXEmRdPNNdkVX1GPL3mbs9rdtUmi47h3gbTKYOB9G8qPBGVBMHwXLCfAmBFKM=
last-modified
Mon, 26 Jun 2023 16:00:01 GMT
server
AmazonS3
etag
W/"41f1589b5b330e89885e93dcec06328c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
qx3d3rysMYoy2DYEfXzo6-1awpBLfIvDyIm6L348KBywSwUc_APkQQ==
framework-2e81d87b28ccd7c06c04.js
www.file.io/ 		145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/framework-2e81d87b28ccd7c06c04.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57e30f191bec3bcb919f18dc014c7124dd24e9f0755f2abdde9ac3ccb8d161de

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 00:50:25 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
ZMT6MSSMPW7K5YWK
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
6356965
x-cache
Hit from cloudfront
x-amz-id-2
P8DHYZHKSMjCAIN8AqgtUJyKOAxkIh37LxiLYchviaAQQ69Kqwb0TNq6mCCceFBKIj25pCBLhoYn7chIK5Twh5inBbSRWODnnkUJ1Ib11T8=
last-modified
Mon, 26 Jun 2023 16:00:01 GMT
server
AmazonS3
etag
W/"d57e42a527da656114d580605cefa13e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
3jUysrqARjYJUu1qseYYTfp4_pZ1z0FULZ0VHkvbFxq_0oxxqmLfLA==
webpack-runtime-00496db0502e55758e64.js
www.file.io/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/webpack-runtime-00496db0502e55758e64.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
227dfc9c1b39fbd23f9ba7c16aca7bdbdb64049217e7fb76e2aaff41958f0efb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 22:08:39 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
CMZ2KED403RTZVFH
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
750670
x-cache
Hit from cloudfront
x-amz-id-2
BafwTv2wO/tcplVQdh+Tox6dzLm9zs+YLwxHC3XrEXbG4i93sfl8xFAKKzJS1kBOOBpXaWdrTFo=
last-modified
Mon, 26 Jun 2023 16:00:06 GMT
server
AmazonS3
etag
W/"7e7cd760231abe0c7d749dbe484730ce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
XOpHpayniLBlu3qCC58lwI2Ns9kGdoGFFlyma1i1SZ-DormsubwQYQ==
js
www.googletagmanager.com/gtag/ 		182 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-65658019-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f3eb3b313bde55721c42f8e43e5c01476136dbe781d6f673fdaf828811451cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68028
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Oct 2023 14:39:49 GMT
app-data.json
www.file.io/page-data/ 		50 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/app-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
726bc88a18b1b1c7907ccf8fd3e312bd4bd7872d549ee68bd4bbc9f1307f33c0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 01:13:49 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
FFY5SWGS08VYZNEF
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
48361
x-cache
Hit from cloudfront
content-length
50
x-amz-id-2
0VT4qKUrsAbqGYibEhJUFxi7TWsvLMDpRyzMc0bLM9iaJ7WTpzKOgcW3q2Sk/n6jml4R/JTq4FJQlPYpn+xACQatxEv4Sobn9o2bxXXye98=
last-modified
Mon, 26 Jun 2023 16:00:02 GMT
server
AmazonS3
etag
"35cb6cea66440d75f865d872ce0f123d"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
Fj0iKi0GaWf24SH80moGmmYDhGmZwsbaAdRNr_N33AhCkiuLW1mReA==
page-data.json
www.file.io/page-data/deleted/ 		152 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/deleted/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:34:31 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
DH8VVC9TSQC1A51T
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
29119
x-cache
Hit from cloudfront
content-length
152
x-amz-id-2
5v9bH7vHE7sTqLKyimz3XOML0AwzlPs06hcaMrx5t/3uyuk0rsKyk9fmfeQE0D+GUlzmhtNcSU7dILiTU7cPwg==
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"728a4f433ef9bed1433eaa226cad06d0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
qCiVlYU3Mpr7eT6sLtOfYU2OSI0qDpKrl542C-0nd2p1-pxtVW0BOw==
content.html
hb.vntsm.io/ 		32 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:49 GMT
cf-cache-status
HIT
x-amz-request-id
SQ3ERJ7JTQE6TAD2
age
6657
content-length
32
x-amz-id-2
AjgekodoibLi+PEY+Y9epPcj1CDpaolNH8k3XiyA3Mj6XDSabf6oXEk8nnp1eUPEaSeZotabSa0=
geo
CH
geo-subdivision
CH-ZH
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
810e2d3088cf9241-FRA
cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame 05CD 		967 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Geo, Content-Type,x-bl,x-geo-subdivision
Cache-Control
max-age=600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
420
Content-Type
text/html
Date
Wed, 04 Oct 2023 14:39:49 GMT
ETag
"d80b9831e6e7896aa97e84d70f49e545"
Last-Modified
Sun, 10 Sep 2023 14:04:21 GMT
Venatus-CDN-HB-Rule-Version
1.1
X-Geo
CH
X-HW
1696430389.cds324.fr8.hn,1696430389.cds322.fr8.c
X-IP
195.206.105.132
x-amz-server-side-encryption
AES256
6357fe75b1abda701427d92a.enc
hb.vntsm.com/v2/live/ 		37 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6357fe75b1abda701427d92a.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
BunnyCDN-DE1-1081 /
Resource Hash
3f2050cff45669548a88b99f5fe7144f2177c12e157f0cb6f931a3b4040236fe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 14:39:49 GMT
Content-Encoding
br
cdn-edgestorageid
1082
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
cdn-cachedat
10/03/2023 11:37:59
cdn-pullzone
131999
Connection
keep-alive
Last-Modified
Wed, 27 Sep 2023 08:44:40 GMT
Server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
ETag
W/"45d8cdfad2bdcfd3478bcc86b9245407"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
Access-Control-Expose-Headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
Access-Control-Allow-Credentials
true
x-bl
0, 0
Cache-Control
public, max-age=86400
cdn-requestid
2fc2ab784acf4332a36864a545d4128f
X-HW
1696430389.cds126.fr8.hn,1696430389.cds126.fr8.sl
cdn-requestcountrycode
DE
Access-Control-Allow-Headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
c16184b3-95b4c1d4f88fa26cbedb.js
www.file.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/c16184b3-95b4c1d4f88fa26cbedb.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-00496db0502e55758e64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17712c90e8473e3a5c2f70a4399e79ba0687d7be77d3aa642870f27a1c13da94

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 00:50:08 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
M8PCXRK8XXRCAM73
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
6702581
x-cache
Hit from cloudfront
x-amz-id-2
cFgmwZjgqGPA/BOMIsTKkTxNwU1z6UIc22P/RDFgPUCiC+Da0Rr8jWHzz+pOcv49MscQdvK9A0k=
last-modified
Mon, 26 Jun 2023 15:59:57 GMT
server
AmazonS3
etag
W/"99a1550c7fd59aef33e8474b7e4d41c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
XuEeS8rn4wj2EKxhIb_jAwJnLbiBbTzYDbMFUAfJo5EZnG0fPlgdHQ==
2cca2479-b6c05be52437560faaee.js
www.file.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/2cca2479-b6c05be52437560faaee.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-00496db0502e55758e64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3148b503996601811f2abcc09d7309d321d02d144c93243b4b914c00b36d87d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 00:17:31 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
V25DEYGEY9THNCGE
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
656539
x-cache
Hit from cloudfront
x-amz-id-2
NdAraGQ8RoS5vl3Tx5kGwYCEDe20ldrWOnYdH1nLKuZCWVeHNKtgrh5QlMcXi+vSndNapVKjQN2knAkQPX4OygHuv5nJNopqgNw+xlUmqJ4=
last-modified
Mon, 26 Jun 2023 15:59:53 GMT
server
AmazonS3
etag
W/"6cd7fa0413645d437f12b65c8ca4d4bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
aCLiJ0OxE2hnbkpcFKuNJ93qb8blmeT13quCFob8auZjxlP5q3sICg==
7ae2231b1295f47744064cafef681eeeabdf28c4-015e1d1647a984681642.js
www.file.io/ 		117 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/7ae2231b1295f47744064cafef681eeeabdf28c4-015e1d1647a984681642.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-00496db0502e55758e64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9d0a668bbfb705e317d51bfaabf290c28cca253877bc8ca0885af764860c945

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 02:15:58 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
2JY1PFFCQ2Q117K3
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
6092631
x-cache
Hit from cloudfront
x-amz-id-2
JpSkRQdthVzT4K+vaSMae9mkqzPM7v7uRYt+PXWG9Koxq63uCvVR9WIHK1bvSU3PxRdgAFL8g60=
last-modified
Mon, 26 Jun 2023 15:59:54 GMT
server
AmazonS3
etag
W/"1d960a13eec23d962cec4d1fb874ad24"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
xhvw2Um5Uh5JfdmUx6bkOuQbj3m6nPoTzOoKvN0hGhEDtQvBkN5tRQ==
d586fea45c8a80d9eaecf1d04f964b1ca23e203e-2e7296bc1aadb7b4e547.js
www.file.io/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/d586fea45c8a80d9eaecf1d04f964b1ca23e203e-2e7296bc1aadb7b4e547.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-00496db0502e55758e64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc77dc77f2acb1d2781f3d6a45131816596a2f47f90eb52bbbda7ff6dc22697a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 02:15:58 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
2JY0FQ6S8QPZNE04
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
6092632
x-cache
Hit from cloudfront
x-amz-id-2
rR0ALH1wLqHqPTl3otvYR0wnSb2oYORLKDKgiEBC+uGVj21c/nBR07BDLL3C4aGO7+hkr3RNa75szk8Xu1lD/A==
last-modified
Mon, 26 Jun 2023 16:00:00 GMT
server
AmazonS3
etag
W/"22cfddc9a580e0d98dc0542be850ee73"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
xMgv7IgjTKNgZGTP-A7KfPspOM-cJzr7MB9Zy9-97SNdrFnqKg6Zbw==
71836864b7a2066d7d874ab5eea3f7769b0144c3-ebc51d1e381ba863cf3d.js
www.file.io/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/71836864b7a2066d7d874ab5eea3f7769b0144c3-ebc51d1e381ba863cf3d.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-00496db0502e55758e64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9aff67207c751e2410d82062275cbbce494d88e6a054b36eeb65fea942b92244

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 23:15:19 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
NN6ZTJ18V3J2XGEM
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
1178671
x-cache
Hit from cloudfront
x-amz-id-2
OZFotj/ngBAdbRqArcA4yaEP0OdleLKDYm/E44DjKj3HNyKxpraeVk+rD8bibjAtQcSOih6XH6M=
last-modified
Mon, 26 Jun 2023 15:59:53 GMT
server
AmazonS3
etag
W/"fd22536429ef564a589e257edba4bb43"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
7kOED6Y280oZ-NG3dTf3jHrOxn8EuFMb3ZBoTVxsPz_pYXiltlM1Ig==
ed516ccec82792e61eba5551e335b957b2d7d02c-a82720e411859fecd019.js
www.file.io/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/ed516ccec82792e61eba5551e335b957b2d7d02c-a82720e411859fecd019.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-00496db0502e55758e64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41cee572622e55c51a0229bd489312e2b9bcc0ac84d8001f4527d2cfc9700fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 23:26:05 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
QBEQZ74BQDYTGFHA
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
1782825
x-cache
Hit from cloudfront
x-amz-id-2
zWFeua+Rp0AmuFg5YrPQiJUGYFbQAH2RrXWopampjCE/baoV036XIRUcj8wwsLRUFEKYLvciV7y+WACHrYgZEA==
last-modified
Mon, 26 Jun 2023 16:00:01 GMT
server
AmazonS3
etag
W/"96772a03733ad2ba49633ced27df9c55"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
j5QLtGMMIeX60Are2WZKGeJFXYO-QzFYnCSOjIXeJcMa_llCFRqsKg==
component---src-pages-deleted-js-aab016514d6ea62d45bc.js
www.file.io/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-deleted-js-aab016514d6ea62d45bc.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-00496db0502e55758e64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8d809e270139dfe43d1bee53acd3bb175dc134e438a4a639f0e2d611fa78432

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 04:00:19 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
SGEHXWXC7CMNP5D8
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
7036771
x-cache
Hit from cloudfront
x-amz-id-2
12mpVTAi+qMi+q3ekQb2T5aWIkaPJ0nP71PxrB9vXTfxAKwSMV8lpupbPYEVBXc5c04M7sYCr1E=
last-modified
Mon, 26 Jun 2023 15:59:58 GMT
server
AmazonS3
etag
W/"ddb15483161fe08bf54e82af248d5433"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
AB8e2H99Pz6ieaqtcKVrkgVndkvvr-O8su_3eJl9HOFP014iVOo8kw==
1655680770.json
www.file.io/page-data/sq/d/ 		447 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1655680770.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 03:39:16 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
5PE7VSGNZ62NYPAP
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
39634
x-cache
Hit from cloudfront
content-length
447
x-amz-id-2
R346tPDQhfLT55uv/kp0k/udq0sVrNr5Djp8dTDonYnci0iie0XfK9pDxKPxY2mCjD3mFEg8dkk=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"c839c57483bd5d788408e7fc88e7cc8d"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
38LNZNKIIh42JuH3IpCQazXkxmJlZI4C90XAUTD9_LUrYecr54Yleg==
1810866655.json
www.file.io/page-data/sq/d/ 		2 KB
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1810866655.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 02:21:27 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
JVRJ8PJKB5FVQBB9
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
44302
x-cache
Hit from cloudfront
x-amz-id-2
v5YBl2vtWcXaUIDv2WRmBfE7lTlVNYLKDmqKTNel/TNe7t2/fa+hpCE8q5JfkNVKGsz5K7cPibAwlz+5EMxB2h3V2oH/2JWd
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
W/"7bb0144e136507cd9bfbaceb72189d09"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
4mCtGUDRHWxotp1OzZP336UrGvGQ05I-04kcp8zguuolS8nR5nrh-w==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65658019-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 13:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3006
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 04 Oct 2023 15:49:43 GMT
px.gif
ad-delivery.net/ 		43 B
955 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
603792
x-guploader-uploadid
ADPycdtnhTwvRwGtGVML3wuenGrjXOy9i4dsDVEI_viVMUVgGJBcBQHwkt2zqd57q7qIWdxB_Gj6s2N07Lz2rA756DuSZZspRAdn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E0YSaJO%2Bwf2g%2FvtNo%2FEFB%2BzlBAOtyztbcQcD3mIDjiRwjVBbDDOhnZWf%2BBUiSBtY%2BaV34kga%2BH5Ztgtvyc%2Fdw74PLkyuKWTbKmcNcUsQQ8S%2F5ySB4r9R23bjm7XMtO%2FXe2kFEZoBV%2FYc8qYUw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
810e2d321cd58ff2-FRA
expires
Wed, 27 Sep 2023 15:18:56 GMT
collect
region1.analytics.google.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KDJB5247JB&gtm=45je3a20&_p=1394946623&_gaz=1&cid=414785464.1696430390&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fdeleted%2F&sid=1696430390&sct=1&seg=0&dl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&dt=Deleted%20%7C%20file.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDJB5247JB&cid=414785464.1696430390&gtm=45je3a20&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDJB5247JB&cid=414785464.1696430390&gtm=45je3a20&aip=1&z=1434799676
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1394946623&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&ul=en-us&de=UTF-8&dt=Deleted%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1425738565&gjid=624877476&cid=414785464.1696430390&tid=UA-65658019-1&_gid=731026119.1696430390&_r=1&gtm=457e3a20&jsscut=1&z=1596885488
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1394946623&t=pageview&_s=2&dl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&dp=%2Fdeleted%2F&ul=en-us&de=UTF-8&dt=Deleted%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=414785464.1696430390&tid=UA-65658019-1&_gid=731026119.1696430390&gtm=457e3a20&jsscut=1&z=917889101
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 11:31:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11288
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-65658019-1&cid=414785464.1696430390&jid=1425738565&gjid=624877476&_gid=731026119.1696430390&_u=YADAAUAAAAAAACAAI~&z=1243505783
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 04 Oct 2023 14:39:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e45b98c9adfa705e68cb9500bc3af7f900882e753fde19705f7afc3d738fb18e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29388
x-xss-protection
0
server
cafe
etag
72 / 19634 / m202309280101 / config-hash: 15172790911108097760
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 14:39:50 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79bc00b1ba3e228fe806d7ddfc0bd9a9b9eb904701a35d6dc435932c0b17c1e3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:55:28 GMT
content-encoding
gzip
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
last-modified
Thu, 21 Sep 2023 19:18:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2663
x-amz-server-side-encryption
AES256
etag
W/"1e9fb8c04a3987274adf2a65103a9f65"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
XVbGtBvOc9Ev2T8xzmavjIexwLvDAVlwuhnaujkO7NV-moib_6vbwQ==
choice.js
cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/file.io/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/file.io/choice.js?tag_version=V2?timestamp=1696430390252
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29905a44e368760ee8deaccdd34a956b1d66e1fe4b798c602901080d7b3c5bb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
br
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 23:43:41 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
18
x-amz-server-side-encryption
AES256
etag
W/"917541e96c23e303fa97e4156139d61e"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
hDdWXhtgcm_WWnoBzf5g1g_F2tjvEIcAtWC1X1tD3qt0INJ2jBFZFw==
70247b00-ff8f-4016-b3ab-8344daf96e09
config.aps.amazon-adsystem.com/configs/ 		537 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-30.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
1f61edf1b3d673b7159e25bc6bea22a83b1194c6e0bd335499d4f0afc7c1d5b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:46:29 GMT
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
3201
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
8Kop9tS3E_KCvbAQYTb5P6Z40dXBrt6MHP_UZWwczxgp5wFFdvyg3w==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.file.io&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:49 GMT
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2353
x-amz-cf-id
lV0Anh5GKr6sRToEl1uMNixKRRYNh-aZ6v8syvLxFZq3qTMYJxTrvg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:39:36 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
28815
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
HXnQkkj_6wI3oOlKLLRpa8IZfKxpC_cyUCnQypo5uDKPExYAYeQdhQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 		413 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
8342
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 03 Oct 2024 12:20:48 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/file.io/choice.js?tag_version=V2?timestamp=1696430390252
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 11 Oct 2023 14:39:50 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		160 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=file.io
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/file.io/choice.js?tag_version=V2?timestamp=1696430390252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77bcb4c37f64db9971f05424bd125a9d48fa46729effa3c90cfa90bd6d705bd2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:42:03 GMT
content-encoding
br
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
3468
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Thu, 28 Sep 2023 19:02:47 GMT
server
AmazonS3
etag
W/"04d1a85b65b7e4c29bbd9bf3487f3854"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
x-amz-cf-id
JUHPKKUBDC5H3VzMrkc9txI0xuPvI0OMUHFbPcvsUbjAOwseTnVA9Q==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 04 Oct 2023 14:54:50 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&ref=&_it=amazon&partner_id=288
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
3253
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
810e2d350bfb3809-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		135 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6318c2a67407cf6bfe6d6f8c54ef7810f10269b3da9aeab21fcddca6f9c69c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 13:25:57 GMT
server
cloudflare
x-amz-request-id
Q3ADP1GTN46XZTP7
age
3339
etag
W/"e2d064674840c0ce74455133749a58da"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
810e2d352f679b28-FRA
x-amz-id-2
AMz3i62olUlLcWIBBp1xsuvoV2QcVl2BXSjfG69xaVWIasPCm46GuTs7pj4xS/RJqQnEjNNDHeI=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Wed, 04 Oct 2023 14:54:50 GMT
rules-p-Hwnr8j7tWA3Nu.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:50:53 GMT
content-encoding
gzip
via
1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
2938
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 23:45:13 GMT
server
AmazonS3
etag
W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
dzvdfn0c_ZSnxWl7wxJ8S9Lom6Vz6BBS7f4C4idJCr916dJAVUIy_g==
hadron.json
id.hadron.ad.gt/v1/ 		92 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.file.io&url=https://www.file.io/deleted/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce608fb0a054d1044062f85e171dbc208afb3967ed0080041f15416a11726273

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
810e2d36af6f1e58-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.file.io&url=https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
810e2d35de8b1e58-FRA
content-length
0
content-type
application/json
date
Wed, 04 Oct 2023 14:39:50 GMT
debug
OPTIONS block
expires
Thu, 03 Oct 2024 14:39:50 GMT
server
cloudflare
script.js
cadmus.script.ac/d1oykxszdrgjgl/ 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9450c099d51617e0891ffa1d3613f809614b741e6d17fb5c2cafd910d07408b7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
gzip
last-modified
Wed, 04 Oct 2023 10:41:51 GMT
server
cloudflare
age
0
etag
W/"bfb096d04722145b96d6d99f4aeb50656001c4e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
810e2d35efb122ab-CDG
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Wed, 04 Oct 2023 14:54:50 GMT
pixel;r=1040093697;source=choice;labels=All.Title.Deleted%2CAll.Type.website%2CAll.Description.Sharing%20files%20with%20file%20io%20is%20convenient%20%20anonymous%20and%20secure%20%20Just%20upload%...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1040093697;source=choice;labels=All.Title.Deleted%2CAll.Type.website%2CAll.Description.Sharing%20files%20with%20file%20io%20is%20convenient%20%20anonymous%20and%20secure%20%20Just%20upload%20files%20and%20share%20the%20links%20via%20email%20%20SMS%20%20Slack%20%20Discord%20%20etc%20%20Easy-to-use%20REST%20API%2CAll.Description.Sharing%20files%20with%20file%20io%20is%20convenient%20%20anonymous%20and%20secure%20%20Just%20upload%20files%20and%20share%20the%20links%20via%20email%20%20SMS%20%20Slack%20%20Discord%20%20etc%20%20Easy-to-use%20REST%20API%2CAll.Url.https%3A%2F%2Fwww%20file%20io%2F%2Fdeleted%2F;rf=0;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F;uht=2;fpan=1;fpa=P0-1805948172-1696430390536;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;us_privacy=1---;ref=;d=file.io;dst=1;et=1696430390666;tzo=-120;ogl=url.https%3A%2F%2Fwww%252Efile%252Eio%2F%2Fdeleted%2F%2Ctitle.Deleted%2Cdescription.Sharing%20files%20with%20file%252Eio%20is%20convenient%252C%20anonymous%20and%20secure%252E%20Just%20upload%20file%2Cimage.https%3A%2F%2Fwww%252Efile%252Eio%2Fimages%2Fog-img%252Epng%2Ctype.website;ses=733cb439-2d69-4c79-a3b2-fddd45ec64f2;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Wed, 04 Oct 2023 15:09:50 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 04 Oct 2023 14:39:50 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Wed, 04 Oct 2023 14:54:50 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		159 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&pid=7Wg0delzsqYVU&cb=0&ws=1600x1200&v=23.919.1525&t=3500&slots=%5B%7B%22sd%22%3A%22637370d898fb531abee85aab-1100%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22175459031%2FVM_6357fe75b1abda701427d92a%2FVM_637370d898fb531abee85aab%22%7D%2C%7B%22sd%22%3A%22637370bb889c301e8e7ad53d-1101%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22175459031%2FVM_6357fe75b1abda701427d92a%2FVM_637370bb889c301e8e7ad53d%22%7D%5D&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A5100%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%2272fd7ce3-ac7c-43de-a5be-8dd2dede3a7d%22%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.93.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-93-173.prg50.r.cloudfront.net
Software
Server /
Resource Hash
8639ce828f1cb05ad3ff2981fed9243b3267b60e760e8b7af173821fa51aa599
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
5CN996DRN799MBB2XW7E
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
timing-allow-origin
*
content-length
159
x-amz-cf-id
bHqPcyNh7i3Xy92eME-mNZBdiOwX4shALaTWTnt2ni2i5Tp5xCCn_g==
edgekit.min.js
cdn.edkt.io/rNn9xk/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3bcdeca8663ebdc7388dd720fa7a0c6fff4363b578edd80fc786f08d9ef02fea

Request headers

Referer
https://www.file.io/
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 11:47:16 GMT
content-encoding
gzip
age
10354
x-guploader-uploadid
ADPycduIMjfJTrhuULOQJ9JRQmOd2u0q9_Ffj-eNmkgaMxHKdOYgjPv2M_hnLe3GexRLZzZ9CcBqZT9HWGyOftLNYjdOSw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7875
last-modified
Tue, 03 Oct 2023 15:04:03 GMT
server
UploadServer
etag
"8ddf9d0e2c82bbeabae4cf0a9afd0bcd"
x-goog-generation
1696345443918473
x-goog-hash
crc32c=C9jEaA==, md5=jd+dDiyCu+q65M8Kmv0LzQ==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
7875
accept-ranges
bytes
expires
Thu, 05 Oct 2023 11:47:16 GMT
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 14:39:50 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
170227
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AD4tP1170i3wHVOK%2F9GSAEqy9xBM4HpBp11y3SSrEN6qtMsYEsFB%2B%2BaV4m%2FGjcfRRsfNuhBo59FD4vZ7xykufm8I%2B%2F43K6XjbiSC5QPiOeoPyt67ea4%2Bthv7Z2uHjekjDgKImDVtXS7ig2k6"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
810e2d3759a41e68-FRA
track_enc
track.venatusmedia.com/dual/ 		16 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.130.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-130-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:50 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
pb
ad.360yield.com/ 		0
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.229.130.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-130-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:51 GMT
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		77 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bbc3577dd7a765efbd18c5a3948a149a2896452b4eca1a29faed7ba2e5dc3124

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
v1
prg.smartadserver.com/prebid/ 		45 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3a94920451e39bdc04dab7854584152e91f12d7d65b87d50e3da90bb54b4dc0a

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		45 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
f0d518cc783c3c6bae38aebf7385b35aead21ffbd9e7f86282fa57c2211995fd

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&tmax=3500&gdpr=false
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.181.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-181-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bce4bf1c170127b1c50ee9e5fc097505c58f72361ca1c606973d032296e16eae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
7537
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
trinity.json
apex.go.sonobi.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22233845e398f40e%22%3A%225c3986d1c2b45d45777d%7C970x250%2C728x90%2C970x90%2C300x250%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&s=141d075e-02bc-4ca2-9a10-3d978fe14528&pv=49e58219-9fdd-4497-98a7-ded6773958df&vp=desktop&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.file.io%2Fdeleted%2F%22%2C%22domain%22%3A%22file.io%22%2C%22publisher%22%3A%7B%22domain%22%3A%22file.io%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.132%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%2272fd7ce3-ac7c-43de-a5be-8dd2dede3a7d%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2272fd7ce3-ac7c-43de-a5be-8dd2dede3a7d%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
183175d699512fcce37611f805e4f0990e58feb16bda6bc3853df6be050c7a64
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-141
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
578
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
7a
date
Wed, 04 Oct 2023 14:39:50 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.file.io
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
prebid
ib.adnxs.com/ut/v3/ 		258 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f0086d67682118d47f856fa6d02a28b59249cd2b666db7ea7f4d96f1e522fd21
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:50 GMT
an-x-request-uuid
43491f17-2c1c-4929-a7b4-9d03907b7bfd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
258
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		179 B
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7efc7b09232ae9af87d44a66d66a99500fbdf21af05e4172a02a7b50b3f9b8b

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
810e2d37699a01fc-ZRH
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&PageUrl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&PageReferrer=https%3A%2F%2Fwww.file.io%2Fdeleted%2F
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
ba486f43f9263d607b547ebc3b7c0917663b78ccea1b8e3313efd3adc8519509
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
20
content-length
180
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
v1
btlr.sharethrough.com/universal/ 		534 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.200.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-200-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9585ba445527f611a6db8f10ee5f94e235eca02c4122021ba027425f83dece02

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
293
v1
btlr.sharethrough.com/universal/ 		608 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.200.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-200-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2451fb3812f398b3504c2826c0608bb40250c681767da55e759af196d57194f3

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
378
v1
btlr.sharethrough.com/universal/ 		915 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.200.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-200-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
99eb7e4f3f684c60ea2c6fbff817d1a2c393788871a1713df848210e6c87b1bc

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
474
v1
btlr.sharethrough.com/universal/ 		875 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.200.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-200-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
95ddf7325e3f43fd39b3e18752179f50926a90dc9d232d8e4b5bc912caeca3ca

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
503
288
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff96f5463d8be80b3da7cf76709b313ce09cbcf8b1a51c974bfaf89aab27652

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 14:36:34 GMT
server
cloudflare
age
197
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
810e2d3829aa03e0-FRA
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:50 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
810e2d37aa4d22ab-CDG
content-length
3
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 14:39:51 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
168202
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJNsK5n8MdTdeqmVTx8rnHuVkUNXjuEUm9v3iLY5IfDtDE1CeprIdKb9MSgFCtWhYvtoljZ4DIIAIDcPRI%2BSSB6Em2QjgZ9iqzXy79r%2BsRjZo%2FAj1LBDOegKToKPJPtRgK1cdpUaeHQBXSoi"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
810e2d382a583a54-FRA
index.html
cdn.edkt.io/check/ Frame 61E9 		163 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/check/index.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3de06d17189e15796e7e8f2640a21b655c2d1562e0fdb88df501f9f3138ad42b

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
28278
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-length
163
content-type
text/html
date
Wed, 04 Oct 2023 06:48:33 GMT
etag
"47b2c3a6d225cdc377a1def2926ff28f"
expires
Thu, 05 Oct 2023 06:48:33 GMT
last-modified
Tue, 03 Oct 2023 15:04:09 GMT
server
UploadServer
x-goog-generation
1690295959061648
x-goog-hash
crc32c=WnJJJw== md5=R7LDptIlzcN3od7ykm/yjw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
163
x-guploader-uploadid
ADPycdtA5CTIB7YQxrJAjufdEFJ0vF_eGZPArCoZBzbKJdVa4Y24WqtnlFlG1v1W6mybHm9QDYmx3n9S1uxCtRbpmii56A
prober.html
cdn.edkt.io/check/ Frame 61E9 		235 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/check/prober.html
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/check/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
38a94dca5d95c210a670a327db5f38030f7b42da54d7ee832a3dd77265b249a0

Request headers

Referer
https://cdn.edkt.io/check/index.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
79285
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-length
235
content-type
text/html
date
Tue, 03 Oct 2023 16:38:26 GMT
etag
"a4b889b9bfd92bab5cf5d117cc7d6cd0"
expires
Wed, 04 Oct 2023 16:38:26 GMT
last-modified
Tue, 03 Oct 2023 15:04:09 GMT
server
UploadServer
x-goog-generation
1690295959055435
x-goog-hash
crc32c=WnrwwA== md5=pLiJub/ZK6tc9dEXzH1s0A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
235
x-guploader-uploadid
ADPycduhAWg7nUGfrHZwBm4sZL3yq8wKcTIafk4Fp28tDKvyFO5ONR3cDxwoBjuVHLvG19Ja4EaTHMZUWSkQXK6f_jFSY1-AMk0S
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50495
x-xss-protection
0
server
cafe
etag
8535594156683800510
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 14:39:51 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame F152
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&dcc=t
329 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&dcc=t
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
726915cf649f0a4ef8aafb5779af17c1a81526f981ff266965ac5b819751892d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
329
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 04 Oct 2023 14:39:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K2Z8SC8TZK17Z3N4XPKQ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 04 Oct 2023 14:39:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HX35AJ6XX3G9H3Z83KC4
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491912848628584&correlator=1476008793299841&eid=31077231&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&npa=1&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370d898fb531abee85aab&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C300x250%7C336x280&ifi=1&didk=1404109569&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696430391440&lmt=1687788000&adxs=315&adys=1413&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&vis=1&psz=970x-1&msz=970x-1&fws=0&ohw=0&ga_vid=414785464.1696430390&ga_sid=1696430391&ga_hid=1394946623&ga_fc=true&dlt=1696430389417&idt=1062&ppid=72fd7ce3ac7c43dea5be8dd2dede3a7d&prev_scp=hb_pb%3D0.29%26hb_adid%3D637370d898fb531abee85aab-1100%26hb_iv%3D0%26sv%3D1%26re_ve%3D4167bda5-v7.35.0%26pg_ld_id%3De3644c11-0e96-496a-b7d6-7018f7762746%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370d898fb531abee85aab%26co%3DDE%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dfalse%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dtrue%26hb_bt%3D2023-09-27%252008%253A44%253A38%26ta_si%3D728x90%26aw_cm%3D118%26np_md%3Dfalse%26cm_st%3Dloaded%26cm_es%3Dtcloaded%26cm_ds%3Ddisabled%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D%26tpcs%3Denabled%26bf_br%3D29400000%26af_im%3D29400000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2&cust_params=testgroup%3D76&adks=1850949067&frm=20
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
639ad05381102be1db5b007e62b776d0acd1b082a6f9412dedfe7490a81be12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12356
x-xss-protection
0
google-lineitem-id
4753675196
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138238778460
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491912848628584&correlator=1476008793299841&eid=31077231&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&npa=1&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370bb889c301e8e7ad53d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C970x90%7C300x250&ifi=2&didk=632356620&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696430391449&lmt=1687788000&adxs=315&adys=213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&vis=1&psz=970x-1&msz=970x-1&fws=0&ohw=0&ga_vid=414785464.1696430390&ga_sid=1696430391&ga_hid=1394946623&ga_fc=true&dlt=1696430389417&idt=1062&ppid=72fd7ce3ac7c43dea5be8dd2dede3a7d&prev_scp=hb_pb%3D0.27%26hb_adid%3D637370bb889c301e8e7ad53d-1101%26hb_iv%3D1%26sv%3D1%26re_ve%3D4167bda5-v7.35.0%26pg_ld_id%3De3644c11-0e96-496a-b7d6-7018f7762746%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370bb889c301e8e7ad53d%26co%3DDE%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dtrue%26hb_bt%3D2023-09-27%252008%253A44%253A38%26ta_si%3D728x90%26aw_cm%3D118%26np_md%3Dfalse%26cm_st%3Dloaded%26cm_es%3Dtcloaded%26cm_ds%3Ddisabled%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D%26tpcs%3Denabled%26bf_br%3D29400000%26af_im%3D29400000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2&cust_params=testgroup%3D76&adks=90772829&frm=20
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a494581111c7a7e5ee358ae38e2d439bd7293a2a6d7207a9eed7be602188357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12268
x-xss-protection
0
google-lineitem-id
4753675187
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138238778460
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c99f1c14ef37296dc00166cbea46fb829461edd8a6717227a421201657abbd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12065
x-xss-protection
0
container.html
3365f209bbab38f41fd52e8a3343fb85.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF54 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3365f209bbab38f41fd52e8a3343fb85.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 14:39:51 GMT
expires
Thu, 03 Oct 2024 14:39:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bid
aax.amazon-adsystem.com/e/dtb/ 		159 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&pid=7Wg0delzsqYVU&cb=1&ws=1600x1200&v=23.919.1525&t=3500&slots=%5B%7B%22sd%22%3A%226373734998fb531abee85aca-1002%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22175459031%2FVM_6357fe75b1abda701427d92a%2FVM_6373734998fb531abee85aca%22%7D%5D&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A5100%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%2272fd7ce3-ac7c-43de-a5be-8dd2dede3a7d%22%2C%22audigent%22%3A%22060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%22%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.93.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-93-173.prg50.r.cloudfront.net
Software
Server /
Resource Hash
7acf5f489a5fa3ce1693a93e611b5dda998576b37ce2269a28468ad932eefc9a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
GBA2JPJ5JP92WM5JR39S
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
timing-allow-origin
*
content-length
159
x-amz-cf-id
-RGLfKer3OAIXiBJzh0IyKtLUe5QF5OOBO4g_y8UORw1QwIZ4R2zcw==
spt
tg1.aniview.com/api/adserver/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=e3644c11-0e96-496a-b7d6-7018f7762746&AV_PLACEMENTID=6373750d98fb531abee85ae5
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
4edd6bf62a26028d4999c3669b617e8b187187f5902d94a74f8499cbaf02f170

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
vary
origin
x-hw
1696430391.dop264.fr8.t,1696430391.cds057.fr8.hn,1696430391.cds223.fr8.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
7087
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 14:39:51 GMT
v1
prg.smartadserver.com/prebid/ 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3f2ba27cc5045d65cae98b800470bdc7f5c046360c8b16ce25f3099e1090412

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
7a
date
Wed, 04 Oct 2023 14:39:51 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.file.io
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
trinity.json
apex.go.sonobi.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2255b58be2c41db26%22%3A%225c3986d1c2b45d45777d%7C160x600%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&s=83f4dc34-2e2d-4804-8fd1-5640f1729e99&pv=49e58219-9fdd-4497-98a7-ded6773958df&vp=desktop&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.file.io%2Fdeleted%2F%22%2C%22domain%22%3A%22file.io%22%2C%22publisher%22%3A%7B%22domain%22%3A%22file.io%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.132%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%2272fd7ce3-ac7c-43de-a5be-8dd2dede3a7d%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2272fd7ce3-ac7c-43de-a5be-8dd2dede3a7d%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
5074daa080e1caeef1da9f88d51ba9b05a569dc7362e260d931f932e89b2e44a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-141
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
598
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		143 B
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4f2e4e9b9cf3253423296719e2f93be860fe6e11ae54d3ae5e1986d8faf18914
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
an-x-request-uuid
d952371f-63b4-46c0-8774-8c845fe42676
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
143
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pb
ad.360yield.com/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.229.130.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-130-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:51 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
auction
tlx.3lift.com/header/ 		19 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&tmax=3500&gdpr=false
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.181.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-181-121.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		176 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0a63e2bd2d93ba8e217d90a29b48c3e0176a91b0e1eaa335bb83240103b92e

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
810e2d3b2fe201fc-ZRH
expires
0
611a1881cd22c87dcd063d22
feed.avplayer.com/backend/api/playlist/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/api/playlist/611a1881cd22c87dcd063d22?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
97161b52bbb897b196b58f31c9ce8d660f913d58c9f0de57b31e175cd6bbec8b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
vary
origin
x-hw
1696430391.dop239.fr8.t,1696430391.cds339.fr8.hn,1696430391.cds280.fr8.c
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
content-length
844
avcplayer.js
player.avplayer.com/script/8.3/v/ 		456 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
ac6d745064a12deccd8622d1116b95fe023c54cf18623b3322c872472a2529b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 11:50:30 GMT
etag
"1695901830"
x-hw
1696430391.dop270.fr8.t,1696430391.cds053.fr8.hn,1696430391.cds108.fr8.c
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
134629
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&cb=1696430391574&r=www.file.io&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d65=&d66=8&d74=&e=playerLoaded&cpid=611a1881cd22c87dcd063d22&str=viewable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.90.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-90-67.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC57 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 14:25:04 GMT
expires
Thu, 03 Oct 2024 14:25:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6BAF 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
87f760f3968573d056b5f11771b25c80a9db025f9fe1de433fb581cc426ad2ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1hMtld98iaFrC6pzHuabiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1hMtld98iaFrC6pzHuabiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 14:39:51 GMT
expires
Wed, 04 Oct 2023 14:39:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame EB9D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d326e1b799f2e5c3a88a292f2cf5c480be98539f9a7b6ce61fbdb9b9c9bd2005
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1737
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 04 Oct 2023 14:39:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
34GM7KW02MBN7S1QSWPM
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame BC57 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
5197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 13:13:14 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
33002871c65b860e5af646b691114a429475b4b35c33538c16287f20937e7c5d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 6BAF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=2491912848628584&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EB9D
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=4675a75b-4262-489b-9956-4e00d71e4528
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=4675a75b-4262-489b-9956-4e00d71e4528
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JX48HKQS5FEQST9WKXN5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=4675a75b-4262-489b-9956-4e00d71e4528
date
Wed, 04 Oct 2023 14:39:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
onetag-sys.com/match/ Frame EB9D 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EB9D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1696430391776
  • https://ad.turn.com/r/cs?pid=45&rndcb=7233123317
  • https://sync.1rx.io/usersync/turn/3736268900511119604?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a5bc009a-264f-4517-8f25-feca7a950cd5-003?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-a5bc009a-264f-4517-...
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-a5bc009a-264f-4517-8f25-feca7a950cd5-003
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-a5bc009a-264f-4517-8f25-feca7a950cd5-003
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XCVXJS6VAXJH21SETQYM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-a5bc009a-264f-4517-8f25-feca7a950cd5-003
date
Wed, 04 Oct 2023 14:39:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa5bc009a264f45178f25feca7a950cd5003
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame AF14 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Oct 2023 14:39:51 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 75CB
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2762954008211025756&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2762954008211025756&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 04 Oct 2023 14:39:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
82QF5DT883QPQQSCW57P

Redirect headers

content-length
0
date
Wed, 04 Oct 2023 14:39:51 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2762954008211025756&gdpr=0&gdpr_consent=
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D804
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=37f3182e36c7a31e16455edc85f8b3d6
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=37f3182e36c7a31e16455edc85f8b3d6
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 04 Oct 2023 14:39:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CQ8PFRZS8EBSRJ6EXVVM

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 04 Oct 2023 14:39:51 GMT
expires
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=37f3182e36c7a31e16455edc85f8b3d6
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A6AB
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4419242845649292636937
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4419242845649292636937
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 04 Oct 2023 14:39:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6FTQ8QKTW0V6Q0S5D0PS

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 04 Oct 2023 14:39:51 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4419242845649292636937
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ads
securepubads.g.doubleclick.net/gampad/ 		554 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2491912848628584&correlator=1476008793299841&eid=31077231&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&npa=1&tfua=0&tfcd=0&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_6373734998fb531abee85aca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=3&didk=1786973170&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696430391739&lmt=1687788000&adxs=45&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&vis=1&psz=160x270&msz=160x250&fws=4&ohw=160&ga_vid=414785464.1696430390&ga_sid=1696430391&ga_hid=1394946623&ga_fc=true&dlt=1696430389417&idt=1062&ppid=72fd7ce3ac7c43dea5be8dd2dede3a7d&prev_scp=hb_pb%3D0.08%26hb_adid%3D6373734998fb531abee85aca-1002%26hb_iv%3D1%26sv%3D1%26re_ve%3D4167bda5-v7.35.0%26pg_ld_id%3De3644c11-0e96-496a-b7d6-7018f7762746%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D6373734998fb531abee85aca%26co%3DDE%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dtrue%26hb_bt%3D2023-09-27%252008%253A44%253A38%26ta_si%3D160x600%26aw_cm%3D118%26np_md%3Dtrue%26cm_st%3Dloaded%26cm_es%3Dtcloaded%26cm_ds%3Ddisabled%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D%26tpcs%3Denabled%26st_ty%3Dvert%26bf_br%3D29400000%26af_im%3D29400000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2&cust_params=testgroup%3D76&adks=2224704849&frm=20
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78cb75a64f2216af868c8c7fb05e9c31925cb96f5112abc4763baf1a583c6741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
id5-sync.com/gm/ 		276 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
41bd2a5675e793a19a555b166d4e73b888e4e1c68ab0e3bf3626a1d53b134c41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ui.js
player.avplayer.com/script/8.3/v/ 		372 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/ui.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
e853a62d616234d773f6dbf597bf118e1f37f5d5ef412b41c9973d6aa1e66b66

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 11:50:30 GMT
etag
"1695901830"
x-hw
1696430391.dop270.fr8.t,1696430391.cds053.fr8.hn,1696430391.cds342.fr8.c
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
84738
view
securepubads.g.doubleclick.net/pcs/ Frame 3A6D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvz3gHIQp32YigVMzh7tU5Bop8qg6uMdMeDDi1xjt84cizPcF1RQ9QB5afI540qPtWfTdA99TXqJNzvwp9yVSvcmcE0VSqbOkOrctCLo61tb7FxuTV0L9z_L4wwNWyPQKRWEQbtCOvfy03JIDfmnu34oGFlR16B7UjLgk2BGzVwyXpbYsYO4SNde1KJM5gVeJjgW6q9CR_3rY2XbYPJqXHDhh4Krp4IDyEDEA8RigA3fDEB5QiWsNTy84l4sXLAHtSwuFn4HL0OTQlZbjBvmUyLqgferAUXYdzFZGEEEuIM7SVF9ufViFKMBm2G7FOB11-_PfSgQirkjo8J287ClLLPV0WQbj97zxGcP3NyC277ZyFqTl9qx3xZPRUg8zj0pvAVlA&sai=AMfl-YQ79J3Uo1bzvo4VJqbjzCFC2aGQBlF5GNOL9MMMJZOLW0E24m2MVlywRw_rpUZ4UyxZL8lnjk48oLZgq2aIWgypmy8gpEoL5662SpuoY0wFg7hfVvct7cTz0W6pCCx40YARmA26NLHUQp0SewyZQ3RYZlXLFBTssHghJD3gU3YP&sig=Cg0ArKJSzBHnzt2ce8HTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 04 Oct 2023 14:39:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A6D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696246517909956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 14:39:51 GMT
usync.js
eus.rubiconproject.com/ Frame AF14 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
505951a64db6a022566f5a00c860ab78c11b99e53cc8f3ac2af43c87b93d0992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 14:39:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Oct 2023 02:48:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43749
Connection
keep-alive
Content-Length
10463
Expires
Thu, 05 Oct 2023 02:49:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B8AA 		267 B
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVpwk26EBIWVOiwdHSUp6KjjBPwnnx2MiG6ap3uHaA-_DOAWXUWLjNBTn5DiLid0hEnCVd6H84xIdFs2Gq46KsT-R548g
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 14:39:51 GMT
expires
Wed, 04 Oct 2023 14:39:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 357F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 14:39:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 357F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2HUlNDf2cMOZxj3_MUkXQcOrhI2G2rbokTBYQX7Vun0REc3oTCFxVM5sECt6MtSnmkL6LgNUaun0qY_5BDW9zs7qGVV_7wj8L6If1gHUQYazAM8U
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 357F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4355175450309928404&x=6&ct=76
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track_enc
track.venatusmedia.com/dual/ 		16 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.130.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-130-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:51 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
sprite.svg
player.avplayer.com/script/8.3/v/ 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/sprite.svg
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
3b9e90a5fbc13fff5ac8342cd2af0316342cf5070859cddb621b3ec1f94896b8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 11:50:30 GMT
etag
"1695901830"
x-hw
1696430392.dop239.fr8.t,1696430392.cds339.fr8.hn,1696430392.cds164.fr8.c
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
4831
AVmanager.js
player.aniview.com/script/6.1/ Frame 9C1D 		475 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:e600:584::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ac31065e47f40e77ea0fdb52a6da8a0965185f865c5e2a00e185c1b778f10eaf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtLocHi2wXmaTCNJDj9cjXZLEZKyjFPmorPQiNG1r9ljMQhKBX1h2HUJ4XqeOyG0fPHrCqOR_538gQPWzW6F14sBw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130421
last-modified
Tue, 03 Oct 2023 06:15:56 GMT
server
UploadServer
etag
"9ede50663ae3a048024cb125f30cc6c4"
vary
Accept-Encoding
x-goog-generation
1696313755856301
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=11c3mw==, md5=nt5QZjrjoEgCTLEl8wzGxA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130421
accept-ranges
bytes
expires
Wed, 04 Oct 2023 14:49:52 GMT
VenatusLogoVideoPlayer.png
play.aniview.com/5f2063121d82c82557194737/649e849ff783dea147003ee4/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.aniview.com/5f2063121d82c82557194737/649e849ff783dea147003ee4/VenatusLogoVideoPlayer.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash
0e6793d503dab31054f9bd9fae79408db374713aa1b8524b678feb477e292b1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
x-guploader-uploadid
ADPycdsnKUe3dahn_QgZv1zG5zwuHZVNba7QLFU5b84HCaZRqjadSAmIrFL6lqQVoEBXMS0uSrX5kF3kW5zz-CUM2cptY35tcIET
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
22280
last-modified
Fri, 30 Jun 2023 07:30:46 GMT
server
UploadServer
etag
"828ea356e578f2461851df4c764afce2"
x-goog-generation
1688110246115598
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=S2ZCWg==, md5=go6jVuV48kYYUd9Mdkr84g==
access-control-expose-headers
Content-Type, range
cache-control
max-age=1800
x-hw
1696430392.dop264.fr8.t,1696430392.cds057.fr8.hn,1696430392.cds344.fr8.c
x-goog-stored-content-length
22280
accept-ranges
bytes
large-poster.jpg
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/large-poster.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash
73dcbada170d574260e860070597159c83851a7b526b0fba9dd497f1267a8254

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
x-guploader-uploadid
ADPycduL1_uI0VNOkfOHBdleXUMJ-OKQdCuJyZeG2pqgvY35mGwkX3qON8mnz2b5_WtZTlTYLebwbYp45OPUXa4-4bKaPy8Zk14P
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
23486
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"bd3186ff36ffdfcf7f2ad985fa02f7ed"
x-goog-generation
1677153097278222
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=tBzdQA==, md5=vTGG/zb/389/KtmF+gL37Q==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1696430392.dop270.fr8.t,1696430392.cds053.fr8.hn,1696430392.cds149.fr8.c
x-goog-stored-content-length
23486
accept-ranges
bytes
khaos.json
token.rubiconproject.com/ Frame AF14 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
generate_204
tpc.googlesyndication.com/ Frame BC57 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?r9HKzg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame B8AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEJ4IFlYRAUHYDberY0bYrsA&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEJ4IFlYRAUHYDberY0bYrsA&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=acaa4a2dd248a4f1d618b926cb5d9c51&uid=acaa4a2dd248a4f1d618b926cb5d9...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVpwk26EBIWVOiwdHSUp6KjjBPwnnx2MiG6ap3uHaA-_DOAWXUWLjNBTn5DiLid0hEnCVd6H84xIdFs2Gq46KsT-R548g
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:52 GMT
Last-Modified
Wed, 04 Oct 2023 14:39:52 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B8AA 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVpwk26EBIWVOiwdHSUp6KjjBPwnnx2MiG6ap3uHaA-_DOAWXUWLjNBTn5DiLid0hEnCVd6H84xIdFs2Gq46KsT-R548g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 172A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT6Ao5g5DxdsdCj3cH0bj1waDeK-QWhOwVyxshIFWCgcC7D2MmFi71ZcZwpUXBWvFjiohA6M5VleoBj39S1FHhev9B-UKuZHPT_sn0xI7SQ83-YpbUsoMm8UBiTPQoaOdtidmFjTohmlgNG89AJjiX4j59AfkrfqKuPYKRaIctBQRyEuI8W0M2PNEAjFK_xTXlkqOVUEW0w3aYQeRcW2-PjQFlkOkvm1r7LIhRJxgUSAB5jpRsG0bfWmE9Z_qweoB3CU692OnD3lsTYPb1DGBhuF7vLGrw_H58mrBVliUJsCPJpUgy_9iFUBjwK0e96pl46zmfAKIq6bypqMPyaZUWwMttEqGj8XwnGff-vMoSUwUMMjjYzD-sfWxcOA3dBShZ9g&sai=AMfl-YS2Mxp1JAxNVXMvL3_3XKEjSZr8d9WM6j2_ei-m5Ayou-CCJQaa10KPR1-VOYtMjUz9n6hiGOEojBjruFJmTh4wly1K1H_LbqZr8J5dGGuhcoFTlftdAYFbMPR4afyzRi6ICa0s0GgNfLyVH9niOMbSwhOfeiYFdzwmvJVowXc&sig=Cg0ArKJSzOVvYaNlrur-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 172A 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696246517909956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 14:39:52 GMT
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/video.mp4?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
x-guploader-uploadid
ADPycduPNxSqtm0zerYRpjebM0nO-7fM7fqA7gkQMSl55cdph4kAVGkaHqOoI97UnCdEzVafgbf9rd4lZlciHl7gmAgSHSzDkNEq
x-goog-storage-class
STANDARD
Content-Range
bytes 0-16354256/16354257
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
16354257
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"556c15db3f672c7aa373111276da5a0c"
x-goog-generation
1677153097681732
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=q314DQ==, md5=VWwV2z9nLHqjcxESdtpaDA==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1696430392.dop270.fr8.t,1696430392.cds053.fr8.hn,1696430392.cds343.fr8.c
x-goog-stored-content-length
16354257
accept-ranges
bytes
pixel
googleads.g.doubleclick.net/xbbe/ Frame A5E6 		267 B
270 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVoOdoJTlWZodT5_V2Nilumk7VjGwt5V8xIOE80X9-TiZo-tub6jMhBJFQ2fWY9j0ab94mYOFZzEO3OHkDGAPs1PGTaXw
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 14:39:52 GMT
expires
Wed, 04 Oct 2023 14:39:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B560 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 14:39:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B560 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bec9frvbm1yfaWrTkRcfli3KCVWYSvMSGb27X992OZz-XmJD0h4tmmHo-LM-GAXbXB2TbtVDB2jlBUMp9cIIusBznLx5ALt2LBsBE7si9WIPRBWLM
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B560 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17994456145118480865&x=6&ct=76
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track_enc
track.venatusmedia.com/dual/ 		16 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.130.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-130-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:52 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
view
securepubads.g.doubleclick.net/pcs/ Frame 3A6D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4WY2T4nkxR66u6pLxBE9AzqCaKi1Ontu_dA25gb_UBis797fSrNuwCmqqFGGMZL-BdaQnHWNlCG3zYdkwfgu-6JcbUPlg8rG36HOahYu1btQn0yf8pHlMRi_UjNlOS5y4NPO5Od6qFr5Bip9CHMcmv10PfpcBNnFnzJoI2PUGXwIFZC6WY9LHGUbD3Nh5QjlZfhiLScrWr6yvJsKYZfDzXTQ3_2c_HFzcDMqf2RxAGRkrdoGM8l8Vf6l0YFio-YridVXNtkOs6TwRpfShCNRVylOBs-6O5FafsjSVoGTrkJ59m5p-aKWT0bX84coGJNoVB5kH3E3QoMcok9EwmE-3p6-7tQBtedxXSjwL_AhBwjOkqt1Q8rrrigtngeVcaQIlfoBF&sai=AMfl-YRfr0De8IKXqb2A-tlCK9t2UoxSWTEcj1qhdeXDAIhr6Gnk8tBgT7PNjZm7HXo9LNNJiFvWHrd5ojm52wOgABwBJ5qOTUI2ZaB-dv588V1B0gPcwKLSptDuMU_2srzxmpCVe86XAShVJ_WToFkFPoRIY2YKCppFkcN5H2RYXJ1S&sig=Cg0ArKJSzE3sMZNaVlC9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 04 Oct 2023 14:39:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 357F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4147951328006&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 357F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4147951328006&version=m202309260101&ct=76&x=6&cor=4355175450309928400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 357F 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APu1rudbahmUNAuA74TWc_E7R3UfYOQ29Rdef03YXiXHTFOOZxZob55y2lQpoLUcYRqIQa1tivtWeTFGtXSszYLGPoeXUFEG7H0c8-Y9X0tfbDiAik6i6dOzLyiUSPd7PbiUg9e2AT073OGsQfUAH_NGkUzOT17vZbEiQ1tWq55Q89gdw&dbm_d=AKAmf-DZOOT1SvxNwLy2snRq6l-NW61XRe9naj7NMewjWFClC1_xooYMZuTR4MjpK1tTflXxHzmjjQ6aISSMDLrsu8I2FGk0r761qtVg0NUFqvh4hkmjlQ6qY_JbCAQpFhnooSuHuZpJ5Kr8cxNKGcpig9UqvEL3AFV4VjAOFybvkEL1zhSdJJh81qr-wlcBtGIwE3ThkdvUAHGWuGMPcJoeXJAtM-vPgtqFeseDDu0nrAUPxzg0jJMYi_yt5RyzS0mB9mMd9YyhcqV0Q5HeGqgE49HatOn0-tQfsji2BXibVk3daCoVWhsUVK2liwz1Nt9FxEgb0vWCDbH79wQFrTwgK0bjJFx3881s_iRhpdqGuVxt3LQTw6IDYN0Tg9nxbr7JHsNnqbFS9on8eDlPU2R_5tpEQGg5xCiCkF2f8A6p6-lI8Kl8CMqubIYWHrvLXdY__DdgdspIRkLCwMxW0pYfnNzL3l_j_TwRC6WHh8ehjMGVaE80F3ApDViXYqBbjO2NE8KNcJXBRGuIxgYeVdAjuO_L8w8Cttx-JMlW1pacPRou3jdRxbM7qFDueI5DRRN360JkCpoX6mDuuYl4xoCj8pbyRc5X2MUFXSt5PAh-fxj-UtQccMa0ci3rkWrGim-OcowLKf2ht5P-RPPyr_rqBhOTppo9NFal3xXub-Q3wh2HTLxMm-nh7R6kwhhPD-qa3-e72Mf0gYTTocZW654J-uKQ_yd7tcfq61FESvx3qDeSn6b782t1zB_C32uo0-mUtt4KPhquJ8RkfukJckf6l2xdQkXU8nxMfgKtAItefQ7Uuh2cTQWuJAOkvQWEz38PSoa6mxObB6_uj_1r45z55q5WMNQCTxuQ5uFzmuSRMWRxZTVIhSbzWT9ICMYYlMqMnX8bvDId50xQPUzdttHjRZ8VZ6v8oAanJWve94aSzLNVLSZCLUy0KovNyCuIlu7ZavUmKmNoNCIWuGlYaW6g8o0Ba4w2yRObQyV8msYfMymUgqu2g2eECPlUQedwasbSUMI9e6Ny_YfUimC7_DhRQLNAw9DaXIfovC-SQeY9tSHmiOdf4F8Ddyq8jlFWwc3tyXqNhLZrhBcurOpQZ0mxKRInc49Q9c-JlpnmGWKb-AddQK9Xnru2Z39rgYmlF7OBwiM0kD4mRnspxMsydHiVvHGecCd6LZT4xWYGkDV6bJvgDHqVwk5_YzZTGmb29seg6xWin_qJ3ucwvIpOsGpvGVU6MZWA7aA2DUK0XeSaz42AqklWdeG82Yak821xyVe2zE2CU8TetHnhaEYQlVELPHfqc2kCcxBSnZC-p6BH6hOxqxdfXJ1-XqTQC7Q5pwwv76J9aUiHTu3y7gCtAGY8ukmsUNPMTHWhIqD7D29faZzmUOt96CXIe6h9AWxlff53EQyf_bAhkrYac3nUDATGWqPT8HA1i6Woku3iwwVbckLTjK_RkzeqBPNHMNFBU9qLEcJiCcDey3JNy4YGqyRfGduF8VGhugTmy0Q-w-HwKTI8AtXIsXZtxNrZvt4XZFM6kJLEywNIGjgij-r87Ayj9PXQB9u6sef_B64ciag3noUJTSnmBabNC7-C1yVEye3QSuAx_JiIn9e_NafoZKSu3zwHxKWBKZaHaQrsSz-mxeSLO626U-XZS4fRtkATWGClQftXPJ2Ur-v3MiZ9V051iubYu-kY1KQL0gwBprHyzTLTtBtZ3KMVBitJrEqN3mTfYqa_8RbtUfDXcLAzWjmcIzSdmSMBO76WgYVL_xUUTkwZB4fecu9PU2GdJcc-oUMpo_LtycMsZfd_rPRHjUpCDIvVUaGXoMJpIMuCxZb3D9PTkK58ZVbwRUDbTrNI64v0jmh566cvXx0P_dISLQLJCuVZ6iQO0Y9cZrw96v_ZfCE-80g8krU04VrEgjcSF2TMloNnSp1dXmmRarjE50qIanPPSfS4NRxB8SYXfupqiHrGqIpcYSu05szfsi5-XOccE7cSFyDwd72Hx_peiHSPDVrwN124Y07REF3lxamEjJOpC3RqXBQ_JbPn1BeJ_xjIwIJikizHyueU-7rAOx_bbHAuczbOoBe0j1qYpqoKf-a9BypbJpGzPUEPxw2G8Do1-qCBPO3cGx9vikogPM8tKALS2hG39damB5RqLVYr84Jrj_Fie38IgMxfBkVsqSfGjaywjZAjmBYOYuE0W29Kryzi2mXfJNzIdUs_t0uJOAUvS1AwMWkWm3_TwYMEA9InB7exUYk1Oi6v_OtiNDtyzuFMt19LQsL2irW4qCeTCaTnQn1CdWCoKKUo-mwu26EOKKr8tKl1OiNRCrZ9JA_xCH8cNdF3bUVTmFUTES_90-iJf2maxBgdtvZ0VWwsZcbAeZBUd4BstfVxb87EtZqcqEt1phloM0X4zTlxBlSO_XGfvkGUtdI3tKudOIqKmQdxeumjjD8wEkmjlLZagBop9j9P8dcccP4iANLV4vfSb2Qa2nUXyzDX0-CQFcZ82IKSdJOm2Re61fMpoihPSvNNnQxvnjgtHqFOgWEyp0M_RB2JT4N40rJY88oVEb3r3ayhkfZQw9WcA1zZUArhQTWtplIEoqDvGNt2719DfMab2Y2IkDTRKF-Rj0oxFrxVdy66SH5ak0ETwEZ9RwmNohTY13N_HHlo9P_cT4Tl856Nvd5a9yNrgQqEXEzJA4ly8KFPJV4Sy4a8DSPPtW2AXYaB0XhcNdogib_PWMryCwJg_AdecFRwIAVnpBLiCSJHx8ZtI37tkm8AImgPB9-_xlbkOOBZZR0n4iYJp4uCFdtXf7l15BfKD45WOQz1OqkrQic5Sp2JzzCAhKNZ2L2Tby0HZ9Ya-YYIPtroAF-ORePs8o66ca__40aKfYrJKvyBHbkXbt8wqv_-Y62ykk8pwxPlFmFbUG5CsJsPbn2xbmQfXTafxHUR4C4IwUxZR0TGfwYsAGyhpedzA3-4tkgPq2OPkmZ6j847uP_LBoBIeLkTbTo16ZTLI8YSoeKFIDm6aEWEGJvrckYDN_qEeRyE31IMquW7941eBKMxnpTbHRm2Ybm_gVh4saETpGy5Jq_WPGWyDZ2vYGym8_iMxYTceiADR-a2OPYNy0xXXSLCTzQHGHEDzLilnDeENQZ4drjJhB0XuBx02rItVpAmLErU3ya8EWDfeI-HXoM_5rkTIK3HeYqB8VoG3PvGnw2M8HSrAKggG0Xfw2M7U7M3zro51cU7_BchCqRnmQ64qi-3XgbN-HLSFmXaPlsv7hPvkr3q4jzpi6Zb_FjEgjeG59Z0TCYNvDMX6VEfz4JfYNZortPQ23ufK-8KsD2h4j50BFEjAN5ZG76m0vAoCWHA4blzMkblaFglrBEb8BvpU1jndmao0rtkkgAV3rqt33uhI-mjA3gyZHILUgRs2_vyJxkNJW8VdCC8FmafQYIw0h-G5T859uDxlDwBeRnjtq_TcqV2glEIlOnlIqp4b9zu-bV4q3CxCf9hOrG1Jw&pr=6%3A0.322721&cid=CAQSMgDICaaN51w8buZNXogpNOEUzvlWV0O9E2dDlcMSUgd2ZY0QpEjwowOaYyFFp9QJ4Xt9GAE&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1OTIzNCZzaXRlSWQ9NzAzOTY3JmFkSWQ9Mjg4NjIzNSZrYWRzaXplaWQ9MzImdGxkSWQ9MCZjYW1wYWlnbklkPTIyOTg3JmNyZWF0aXZlSWQ9MCZ1Y3JpZD00MDM2OTY4NjMwNjM1ODk5NDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9N0NFQ0ZFNTUtRTFFQS00QzhELThDNDEtNjE1MTk0NjFCNTQ4JnBhc3NiYWNrPTA%3D_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&ds=l&xdt=0&iif=1&cor=4355175450309928400&adk=1870476868&idt=170&cac=0&dtd=32
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
255c230b3ccd6029e71b9df389e7ed54949b02f41a830c55a2b64013ca789cd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40089
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame AF14
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0&khaos=LNBUUS3F-L-G04A
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LNBUUS3F-L-G04A&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LNBUUS3F-L-G04A&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WYZTXRRP3N8TT9YQDXET
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LNBUUS3F-L-G04A&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
generic
match.adsrvr.org/track/cmf/ Frame A5E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEJ4IFlYRAUHYDberY0bYrsA&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEJ4IFlYRAUHYDberY0bYrsA&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=acaa4a2dd248a4f1d618b926cb5d9c51&uid=acaa4a2dd248a4f1d618b926cb5d9...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVoOdoJTlWZodT5_V2Nilumk7VjGwt5V8xIOE80X9-TiZo-tub6jMhBJFQ2fWY9j0ab94mYOFZzEO3OHkDGAPs1PGTaXw
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:52 GMT
Last-Modified
Wed, 04 Oct 2023 14:39:52 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A5E6 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDLynYY_Yun3QEwAQ&v=APEucNVoOdoJTlWZodT5_V2Nilumk7VjGwt5V8xIOE80X9-TiZo-tub6jMhBJFQ2fWY9j0ab94mYOFZzEO3OHkDGAPs1PGTaXw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sas-banner-1.4.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 2A7E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.4.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
778205696539bbda569700aca1c63d9382998926eb92f33f60a248a49715afe4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 14:39:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Sep 2023 10:04:10 GMT
Server
AkamaiNetStorage
ETag
"45f463e1d3264474aaabd81bd7f915f5:1694687452.84434"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12792
view
securepubads.g.doubleclick.net/pcs/ Frame 172A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssL_qnpiRmBAVLJCV9peucUYpVjsGmhy1IxlePbb1SBfgsuSymrqPjMpx5k8YsQkD8FrA5x_FSMBh5mc4G0hkoAIifGxWoyYC2V0tYxm_KZeZ35giwxz9Nooe3kncEm-ZKYAxqhBJeEaQmTSD9jxba5dfjZiA3n-3uFEoAlSkekLrZf0G7p2qub9M29g0-fO_P_CGQwFnCQ_jWLIgqSZcZMLbNHs6Pc9d2bRtPo07SunSS7BSk58zf36_1HERvmpM9YBeI--wafIU-nnOH3zrXfFxQb7I4CU_kC7wXKBaOY1K7i_Z0ArqZohRc6psUfJj4swNFNq5k4pChPrJjmDOw9_QJJOQuA6FvnAmLhSmqP_NiHqgJEgNn7l91olLqhgcgNABhr&sai=AMfl-YRtCdZIpOOHXLpLODSHXE6qT-xn1J4QnRliZsxUiejwD6CWZBypNZF-fHynrX6qk30xQuTwBRqVJy8YmjHRrBkxYodhaoE5Ql1o6W9FHaYROUgNFxKmFQ3NWdw8UKQPZQ3fDGmoneuXjGBCqjIjksEC-6Suwrhiji2nfLbQtMg&sig=Cg0ArKJSzDoLKLCxLK1VEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 04 Oct 2023 14:39:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B560 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9142203151122&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B560 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9142203151122&version=m202309260101&ct=76&x=6&cor=17994456145118480000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B560 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnGJKgRzLeM1taIMiXMycxNY909w8-_fEQQQNR7t336syEVhBf-naDjXfmFu4zpbQZ6lOxsyPoc-xbDQtwgYt4ZfKeJLGGHy01ycO9wNmwCHRZdTWVHYtmu0cVPh0DjbmmaDxOOWYP4gernr6vLJuK35T47CPBUMrwYno41CC_u6N4rdo&dbm_d=AKAmf-ANbmnF6EQ5eHZAplG0dNZZPTD__7ONVgJxRVgx-R9Nt1vs2oFncn-yvioLOcAIKCqY-CPQTqNGNoIPySc6iVQPby8Jl_uBd0YkA25aJQX_i3IB3ini6t_5wWpHnaloMneDNgoiVBpiQIA_tBZUzMxgDLreP_3f3jPev1IeuDfmCfCg1-5ZpfkFZUgUuJS80DD8w9-DdaSVtvMCfYXcuPNYqMyltfcRti9UiPVF-2K5cVWP14iIEqraVoB_Srn-i9NDE0O2O6qMXqXNcdH2YzJIPJta4O9kYGco0mhZLgRtHwgPzD6F-6y6JND8t57lAuyhkQMqY8O3IXtBu-Gd3NZxLF0in80vZoams9FBS2XfQQ8-pY3DQ0T4LoXoUy_kHOoE35XJSZEXILdekxq2DwG8tlZ9HaWtazotta04Pl0WaPqyxvGQvqnHYmdqjWdvQBT56-isWP7xMB6C2hpcCo9m65naRoRX7hkYsec4eodkR1112H5SjI_Z2aoTtX7d8908RGi8sg5S81CT5K1Y4EuVOKGeGotaM6NJIe1k5rknG4gy8Ap5NeR4098GydXPyRE-Q6EvvDMABGn8spH_C0BW-E4MA36En5LcogCg0Sjk1cuRO4kEBR5uJ2hB2acb34xiwpOe4LzjKYCzMTbL6JnU6UNlZWt253RDaFHkJYxIWOCg80f8OdeNnypa-qm8NH6qVbF5WTBHPPzxr0rpWulqWkEbNReTYPfcNSQe9p3TRig-uEh23Xt5aAaq9PAeBeTDbbC8WVLQbb9Yz7U2FEHPfLVCVq7zv0dNiOwhXHJSAgPY_d3Sr6SIMBUxAjU4zeMip6ATqv6xQ4iEELH1NJvo7P0GxTVDF4fpa3kKLSfToNXXe--9u8sLwkpRA1J6w41WLyFsO10UueUyyS7rVb2a1Fn_DE6msCGOG_crrv38WR3hSZTW8RoSIzHqnJ322UDLaPq6nj7Pz5pRqkHkzk5PhB5dEvhSVN6pALwji9DpopkgIZLd8C4qM3DW1CJq_bfYSXo9wXkozluTRmFDuA53fwMjvo5QZvEEcWD7rxi9o_6a14z_02GDfAnKSSOgwrKtDp34bdtDC8oR_fx7vRrBnwfORumpeV6Cc0Wq6gL9HqFWVx7fWsN_tryhzHH2ylhrnHxQISoRsMNB3oyU_PU4cSGP3YP800VyQj-X5I1gIP4C-nsKP3NLcf2tmNQK06ZmEaX5FCNdBVtH-k8izM2x2MEt2hH5QPrTwyuaIqg1ShqgR9yIoGRCXWNLY88uoGLGD2bU9UAo3qXVXL4hHcMSgRzAb9Xd-TCnJFGUXJ8Rp7GRYLiwhq5Buqj3bp-OOFgeCBwguK3NwkRfDiydu_GvwrAoVUZPiuY5WDnIY_YFYiX2lc6owGCkY6qfU4PpHpu5uEIS2dPXbBX3Bb8DEUEL7wN6wPx9S2G2qs3KtIGiyzWTP99cUE49BckvYEBCOYVfuTZ7vOB7d_Co557Yv55HI9b_O-Vn6nu4DHL-eypaMY6c6bhPbPO-jSblprP7VuDzzBtfQXAVRVUFXGIVMUkJKqmQL4RP8m-F5XuMURJFBS73nUchzw6CsL4390IZv2hW4tFjDfSW1R0bpFh6vJ62csJ6LB0ToEhRK1F26W_Zg24To9GAT0R1PXlBzeKvjMrV5iPi2g2MghhZfAa51CyPrrMaRDtONl4xqqa5p40pz4snqoM26Fj8Vnr5bpvHFMLRz6VcqNBbIiGv509XDQccna5LXTC2BCyTZ0ZsFBvd8z9Rqukr_iYhvhWtgAVQ7r_AZYTdLfAktywLOv6heE0oUyiW9LqboJjuHIcp9dM40dOTwf1R_atmN3RkNvr5x5s_t5TPP3xWjbPcLVxRFBYCtWWSoy6n-WElzMCCdvibBCjUumAooVZ6YpvNvd7VBeQNdlahTNrMvHkm3F7Vo8hhBB0JjYDv5iRcUm8XBLFhDr1yv6apP0y-IwYxIePv9_nKkmizWIXK-ywXGGP-zOjdXlZQ9mUItt5ZTt-IA6WGtLtUWGSaMPE1mnj6zBlUyUFozdwK5tHA7vfI0sgdt9BAbnlpVcJlAMJcsmyoV9PiWPXmL59w4doPMeBSLCh8W-JAyB9uxAjCFNB-Fg9XPKhJAP1EchBfMCnmZd_vW0GONklu-Y0Klv_mzDgGvrS08UVsu7Z67Z7KHpFMQXBq0O1Fiva4tRxwWH72xY3i0AmiHxQ-zrHlK_Rs1nKMT5gcISU-zt-X2L0GQsPPQ1SqF4YfxIBiGPdY1kaRC-3lDY_oEC8CxmH-30HD5xPjg7YLh1mdh-Idu8a_ggsDxtVxUcL9IVJaofJix11_pl_SecfPWBzGkgOU8dD8qwDB75MV-z2MY7Bok4DvFh-msWFmw9mzLPN4COec4qPj1_PUb1qAnKsamCtZxiDoEDeKzOmK8NQ1xy1Xc9ywP_w5bIcOsBO3QleisPkuDpga6l8_YlJrS-pVLd7Lbcb1lBB-3fReec0p3GZEeL4XsehCjRsTOulnUzmQ9--OErm_53Lg0SX8L6R5DfqCJu4Ho4D-MlNg2k73EQOPguDM8T1uBIemPm9Fa4s-tMZ_L3ED-S4ecCk2myEHmXD_Mn1cuQngbhyZhY5HGMe0Qc2-ROj8hyh5gTiuSI7WO1dnsP04iSzFmnRzCFlYdj_wpvYdXkBaZEKFhL6pGVbJfZzqQQN3bm9fAo0KvF7awpweTWYkXobdSUh-qENiFbPfaCJlKbYLi81K4_g0X5-mnmAUu8DATCFYD2ka6P9GDH-qvu0vzDu6L0ktOXrQzKyyYQJqR0n8zrTivuM00o7-cmyrChO4xsCc56_6FzTDbBy9DQgVVZfH61idc6rVD1jIv-e7dVfoTeTX32Cu-ZpZPEHaDCcSRSW1r73bQVwmdu3hPLKR-0TRYBy3Xj2VFctUikOqmV_0y_QZ9oeiSf1ofbEI4eaQ5ctRoWxvPiwCGOR3IlU3PjnqGqOWr49SRzZQpWl0lA1djau7LZOIZRRLUMOsauLAeMWFUvomFpm3rXy07BOhHp2efs8zJZ_Roq8seVQgAX1rrRV7Fkdkescp3QCuCV3G8OtlZgfButOIJgOhVrywAc2AWpWNdAmwLgVFcJL4wmFVwKSs5VNYdoDXAYbl2JZzul2z92hV3e2JGJBxxV2HEae3XKMVV6Tdk8ZelGxUhvsEqYumh6Iu2VytE_BbIvR0YeFKc5YkDsXX625tEXwnAa3F3h-khxW1QVKw5t2mnaYtoDj1okzIh_WvIGsQZUHpJmXWR5ZH8RMulFAdJJ-sJRA-n84JRGz_k7E3WV174kKHsaWuzNza17SNZDh5V3B77zb-Q92X7BBfKiSli5rxf0T_0zFH-fGbFpqoNHF6HcL4oaN0ZazOuL5kx7lrDkG0pjfGGmqv5XmmDY4roTv9LQ_20g6T1eGQGxCGfzPpAPxbHQULyw4EIuVI&pr=6%3A0.338060&cid=CAQSMgDICaaNhjUBy_3GYaJjm68MdskXsZ_ycriS0p9UjlxG_ByQK0gRo7q7GiPGsqPaY_dRGAE&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1OTIzNCZzaXRlSWQ9NzAzOTY3JmFkSWQ9Mjg4NjIzNSZrYWRzaXplaWQ9MzImdGxkSWQ9MCZjYW1wYWlnbklkPTIyOTg3JmNyZWF0aXZlSWQ9MCZ1Y3JpZD00MDM2OTY4NjMwNjM1ODk5NDUmYWRTZXJ2ZXJJZD0yNDMmaW1waWQ9RjZERTYxNkItNEI0MC00MjI4LTg5MUMtQjEyRjM0QjMyRjAzJnBhc3NiYWNrPTA%3D_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&ds=l&xdt=0&iif=1&cor=17994456145118480000&adk=2318209152&idt=80&cac=0&dtd=3
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35104952e90077aff9742cae7bd7b87b383de61158c412dfbf9794a428ad400f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40366
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		24 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=e3644c11-0e96-496a-b7d6-7018f7762746&AV_PLACEMENTID=6373750d98fb531abee85ae5&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&AV_CHANNELID=6374ee512c8ca8606841c0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.file.io&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=6374f8665f2f007d23421195&AV_TEMPLATE=62f50abe103ae32adf5785c8&AV_GPID=/5f2063121d82c82557194737/6374f8665f2f007d23421195/www.file.io&d36=6.2.132&responsive=1&sver=4&avtoken=392554&omv=1.0.1&AV_D66=8.4.2&clsid=d5991c28-d1a5-4b14-8267-a59d67c19c8b&rando=45&AV_WIDTH=440&AV_HEIGHT=247&AV_CCPA=1---&AV_DNT=0&cb=1696430392559&wfc=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.218.84.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-84-96.compute-1.amazonaws.com
Software
/
Resource Hash
b667bef0065942f85dd838063d3dade9621366ec6834cea88478da2f82eee717

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.file.io
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Sat, 23 Sep 2023 00:53:13 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.file.io&sn=&ic=0&tgt=0&app=&wi=440&he=247&test=&d36=6.2.132&apppkg=&fv=1&proto=https&d66=8.4.2&clsid=d5991c28-d1a5-4b14-8267-a59d67c19c8b&rando=45&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&pt=2&d66=8.4.2&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=63f7530d2bdf8c59ab0dcf13&cpid=611a1881cd22c87dcd063d22&str=viewable&cmssynd=%5B%5D&e=inventory&vi=100&cb=1696430392558
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.90.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-90-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/ 		131 KB
131 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/video.mp4?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash
e19a30d7d8b2a0a2d1b061e0d63cf287ed9df54c77d521548783a0d21f37eb46

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Range
bytes=16220160-

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
x-guploader-uploadid
ADPycduPNxSqtm0zerYRpjebM0nO-7fM7fqA7gkQMSl55cdph4kAVGkaHqOoI97UnCdEzVafgbf9rd4lZlciHl7gmAgSHSzDkNEq
x-goog-storage-class
STANDARD
Content-Range
bytes 16220160-16354256/16354257
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
134097
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"556c15db3f672c7aa373111276da5a0c"
x-goog-generation
1677153097681732
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=q314DQ==, md5=VWwV2z9nLHqjcxESdtpaDA==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1696430392.dop270.fr8.t,1696430392.cds053.fr8.hn,1696430392.cds343.fr8.c
x-goog-stored-content-length
16354257
accept-ranges
bytes
tap.php
pixel.rubiconproject.com/ Frame AF14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/0aDDizipwqIvzRXYojVL6A?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OmGQusdE2oJOVWBMEJv8EUo3rfITzy.u4wwdxw--~A
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OmGQusdE2oJOVWBMEJv8EUo3rfITzy.u4wwdxw--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 04 Oct 2023 14:39:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-OmGQusdE2oJOVWBMEJv8EUo3rfITzy.u4wwdxw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame AF14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHu9k60QPWX_NXGjTKuDuf4&google_cver=1
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHu9k60QPWX_NXGjTKuDuf4&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHu9k60QPWX_NXGjTKuDuf4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame AF14 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-mediagrid_n-onetag_rbd_rx_smrt_n-adYouLike_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
server
Kestrel
content-length
70
content-type
image/gif
setuid
px.ads.linkedin.com/ Frame AF14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNBUUS3F-L-G04A&gdpr=0
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNBUUS3F-L-G04A&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 719BE55BE57D4F32A922FB30E040A1F9 Ref B: ZRHEDGE1206 Ref C: 2023-10-04T14:39:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYG5PryWq0jzrondvDr9Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNBUUS3F-L-G04A&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame AF14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5CVVVTM0YtTC1HMDRB&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEOd8z-B6LNG13i0ytoRwu0k&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5CVVVTM0YtTC1HMDRB&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5CVVVTM0YtTC1HMDRB&google_push=&gdpr=0
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5CVVVTM0YtTC1HMDRB&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
ecm3
s.amazon-adsystem.com/ Frame AF14
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_UMwQjDBRxiHbo_YwLO48w&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_UMwQjDBRxiHbo_YwLO48w&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_UMwQjDBRxiHbo_YwLO48w&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
20KEDK23MGNHZR37R2NB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_UMwQjDBRxiHbo_YwLO48w&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame AF14
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y5Hmv_ICSSOBaga9ra6-sA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y5Hmv_ICSSOBaga9ra6-sA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y5Hmv_ICSSOBaga9ra6-sA&gdpr=0
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ED377395Q64P97YB4QRD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Y5Hmv_ICSSOBaga9ra6-sA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame AF14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWEyMTJiZmMyYzQ3YzBlNGQ0Y2NiMDZmNTk2MmY5NDhjYmYzMGJlZg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWEyMTJiZmMyYzQ3YzBlNGQ0Y2NiMDZmNTk2MmY5NDhjYmYzMGJlZg&gdpr=0
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWEyMTJiZmMyYzQ3YzBlNGQ0Y2NiMDZmNTk2MmY5NDhjYmYzMGJlZg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AF14
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACQbU7KOvIAABkFBugagw&expires=30&gdpr=0
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACQbU7KOvIAABkFBugagw&expires=30&gdpr=0
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACQbU7KOvIAABkFBugagw&expires=30&gdpr=0
Date
Wed, 04 Oct 2023 14:39:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame AF14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNBUUS3F-L-G04A&redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNBUUS3F-L-G04A&redir=true&gdpr=0&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNBUUS3F-L-G04A&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WU5GVHNGRTJ1RUVXUDVqNl9FVXR0MVpaajFEXzBoY35B&gdpr=0&ovsid=LNBUUS3F-L-G04A&dpid=58160
53 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WU5GVHNGRTJ1RUVXUDVqNl9FVXR0MVpaajFEXzBoY35B&gdpr=0&ovsid=LNBUUS3F-L-G04A&dpid=58160
Protocol
H2
Server
23.48.23.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 04 Oct 2023 14:39:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Wed, 04 Oct 2023 14:39:53 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05WU5GVHNGRTJ1RUVXUDVqNl9FVXR0MVpaajFEXzBoY35B&gdpr=0&ovsid=LNBUUS3F-L-G04A&dpid=58160
date
Wed, 04 Oct 2023 14:39:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame AF14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNBUUS3F-L-G04A&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNBUUS3F-L-G04A&gdpr=0
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
an-x-request-uuid
1f86489d-b7c0-4367-9e6b-e11fea957633
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNBUUS3F-L-G04A&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
liveCS.php
live.primis.tech/live/ Frame AF14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNBUUS3F-L-G04A&gdpr=0
0
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNBUUS3F-L-G04A&gdpr=0
Protocol
H2
Server
2600:9000:2251:f600:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
gzip
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
NUXin0GadsRQP0fWHFzh5yYfpWrbsKuz9qdSFCRn3LRfjqx1sOgNbQ==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNBUUS3F-L-G04A&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 357F 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 12:29:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/ Frame 357F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/omrhp.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
71882
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:41:50 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame 357F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
71446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:49:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 357F 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
459688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:58:24 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1661 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56621
content-encoding
gzip
content-length
14527
content-type
text/html
date
Wed, 04 Oct 2023 14:39:52 GMT
expires
Thu, 05 Oct 2023 06:23:33 GMT
last-modified
Wed, 06 Sep 2023 06:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame 45AD 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=159234&siteId=703967&adId=2886235&imprId=7CECFE55-E1EA-4C8D-8C41-61519461B548&cksum=25D148AA8FF293B6&adType=10&adServerId=243&kefact=0.309737&kaxefact=0.309737&kadNetFrequecy=0&kadwidth=970&kadheight=250&kadsizeid=32&kltstamp=1696430391&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.322721&dcId=3&tldId=0&passback=0&svr=BIDAMS0155&adsver=_2043887087&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=N3kdZbBCAQB6Gnjvd8BjqsvjcsFthBjANTolpd-1sstdbYBV&ekaxefact=N3kdZcBCAQAZ5n3Ld_27xHBHDY416Ere_JnOAnNUpLwuJ9Ui&ekpbmtpfact=N3kdZc5CAQDDyPvEVjf3cyicPqCAqrYRhNvFB5g47awit1Ne&enpp=N3kdZdxCAQCvfr0QpwRyuzm_RJjbbZnaHlHJI2pDxturONxd&pfi=1&domId=16921222812304876096&dc=AMS&pubBuyId=16886&crID=464111101&lpu=interdiscount.ch&ucrid=403696863063589945&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=1683864&wDspId=80&wbId=0&wrId=3958685&wAdvID=100097&wDspCampId=19432207831&isRTB=1&rtbId=5AD60249-1CE3-41B6-BB2D-2F2DD694694CB&ver=10&dateHr=2023100414&usrgen=0&usryob=0&oid=7CECFE55-E1EA-4C8D-8C41-61519461B548&cntryId=45&domain=file.io&sec=1&pAuSt=2&wops=0&sURL=file.io&BrID=5
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 04 Oct 2023 14:39:51 GMT
expires
0
pragma
no-cache
check
pixel.tapad.com/idsync/ex/receive/ Frame AF14
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNBUUS3F-L-G04A&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNBUUS3F-L-G04A&gdpr=0
95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNBUUS3F-L-G04A&gdpr=0
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 04 Oct 2023 14:39:52 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNBUUS3F-L-G04A&gdpr=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame AF14
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=a5d22f64-9edc-41be-a923-f3b46ae971b3&expires=30&gdpr=0
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=a5d22f64-9edc-41be-a923-f3b46ae971b3&expires=30&gdpr=0
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=a5d22f64-9edc-41be-a923-f3b46ae971b3&expires=30&gdpr=0
Date
Wed, 04 Oct 2023 14:39:53 GMT
Connection
keep-alive
X-CI-RTID
6ad95340-a9d6-4167-8436-55d6b01f023c
Content-Length
155
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame AF14
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=6c2f42a1-1374-41df-9180-a1c84fec9c21&gdpr=0
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=6c2f42a1-1374-41df-9180-a1c84fec9c21&gdpr=0
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=6c2f42a1-1374-41df-9180-a1c84fec9c21&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1134062
content-length
0
expires
Wed, 04 Oct 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame AF14
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=gXXf2Fl8XqJBI9dANIBNMMPOaYQ
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=gXXf2Fl8XqJBI9dANIBNMMPOaYQ
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=gXXf2Fl8XqJBI9dANIBNMMPOaYQ
Date
Wed, 04 Oct 2023 14:39:53 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
track_enc
track.venatusmedia.com/dual/ 		16 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.130.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-130-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:52 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B560 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 12:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 12:29:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/ Frame B560 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/omrhp.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
71882
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:41:50 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame B560 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
71446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:49:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B560 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
459688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:58:24 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 90B2 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56621
content-encoding
gzip
content-length
14527
content-type
text/html
date
Wed, 04 Oct 2023 14:39:52 GMT
expires
Thu, 05 Oct 2023 06:23:33 GMT
last-modified
Wed, 06 Sep 2023 06:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame 334B 		0
49 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=159234&siteId=703967&adId=2886235&imprId=F6DE616B-4B40-4228-891C-B12F34B32F03&cksum=91929411CD45D957&adType=10&adServerId=243&kefact=0.324174&kaxefact=0.324174&kadNetFrequecy=0&kadwidth=970&kadheight=250&kadsizeid=32&kltstamp=1696430391&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.338060&dcId=3&tldId=0&passback=0&svr=BIDAMS0096&adsver=_2043887087&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=N3kdZVgQAgD1oKgaFNlYl5FXjO278iLFHDCz5hPiKOa7PltR&ekaxefact=N3kdZWkQAgDsbX0J1naWs1wndVByXSiYRt-bsk_9A8ZzeOv4&ekpbmtpfact=N3kdZXsQAgCThM8eC5Q49FjqsVPLThrM3MhyblJKgTWOD9NM&enpp=N3kdZYYQAgBeg203K2YJnVpU6vZleJwk-QROYbSuLPKqaqq9&pfi=1&domId=16921222812304876096&dc=AMS&pubBuyId=16886&crID=464111101&lpu=interdiscount.ch&ucrid=403696863063589945&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=1683864&wDspId=80&wbId=3&wrId=3958685&wAdvID=100097&wDspCampId=19432207831&isRTB=1&rtbId=36489816-B44C-48EA-8661-646536659A15B&ver=10&dateHr=2023100414&usrgen=0&usryob=0&oid=F6DE616B-4B40-4228-891C-B12F34B32F03&cntryId=45&domain=file.io&sec=1&pAuSt=2&wops=0&sURL=file.io&BrID=5
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 04 Oct 2023 14:39:51 GMT
expires
0
pragma
no-cache
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 14FC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
209210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 04:33:02 GMT
expires
Tue, 01 Oct 2024 04:33:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 283D 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%222b83a9c0-2745-4918-acf4-937f68f021bd%22%2c%22adomain%22%3a%22microspot.ch%22%2c%22page%22%3a%221143513%22%2c%22format%22%3a%2282113%22%2c%22crid%22%3a%22503623041%22%2c%22dsp%22%3a%2276%22%2c%22buyer%22%3a%2262057%22%2c%22cid%22%3a%2220351945701%22%2c%22adid%22%3a%22503623041%22%2c%22hash%22%3a%227495224449846664028%22%7d
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Wed, 04 Oct 2023 14:39:52 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Thu, 05 Oct 2023 14:39:52 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
pixel
googleads.g.doubleclick.net/xbbe/ Frame F826 		278 B
127 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNXZGdmWfw-UtC9X-GUCVVHkyZ8I-f6_ezDgbFGQtKH5cJom1gRIzQrHNk7tWMCoMf2otKFQLa7N_i-cLUH4X10XjLqshhsIchxgjN-bFzjb0cDvBwU
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 14:39:52 GMT
expires
Wed, 04 Oct 2023 14:39:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7276 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 14:39:52 GMT
aip
itx4.smartadserver.com/h/ Frame 7276 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itx4.smartadserver.com/h/aip?uii=8798412149275991001&tmstp=6970764839&ckid=2762954008211025756&systgt=%24qc%3d1500031714%3b%24ql%3dUnknown%3b%24qt%3d73_0_0t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d7908%3b%24wpc%3d7964%3b%24wpc%3d7962%3b%24wpc%3d8004%3b%24wpc%3d8209%3b%24wpc%3d8219%3b%24wpc%3d8220%3b%24wpc%3d8221%3b%24wpc%3d8245%3b%24wpc%3d8183%3b%24wpc%3d8061%3b%24wpc%3d7992%3b%24wpc%3d7920%3b%24wpc%3d8044%3b%24wpc%3d8150%3b%24wpc%3d8063%3b%24wpc%3d8116%3b%24wpc%3d8146%3b%24wpc%3d8041%3b%24wpc%3d8141%3b%24wpc%3d8136%3b%24wpc%3d8262%3b%24wpc%3d8263%3b%24wpc%3d8264%3b%24wpc%3d8267%3b%24wpc%3d8232%3b%24wpc%3d8268%3b%24wpc%3d8271%3b%24wpc%3d8142%3b%24wpc%3d7900%3b%24wpc%3d8261%3b%24wpc%3d7983%3b%24wpc%3d8258%3b%24wpc%3d8643%3b%24wpc%3d8644%3b%24wpc%3d8646%3b%24wpc%3d8197%3b%24wpc%3d8259%3b%24wpc%3d8645%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d6159%3b%24wpc%3d6163%3b%24wpc%3d6166%3b%24wpc%3d6169%3b%24wpc%3d6170%3b%24wpc%3d6172%3b%24wpc%3d6173%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5793%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d5745%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6213%3b%24wpc%3d6214%3b%24wpc%3d6217%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d18676%3b%24wpc%3d18677%3b%24wpc%3d18684%3b%24wpc%3d18955%3b%24wpc%3d23900%3b%24wpc%3d24078%3b%24wpc%3d24079%3b%24wpc%3d24080%3b%24wpc%3d25380%3b%24wpc%3d25382%3b%24wpc%3d25388%3b%24wpc%3d29639%3b%24wpc%3d29642%3b%24wpc%3d29640%3b%24wpc%3d29641%3b%24wpc%3d29647%3b%24wpc%3d29648%3b%24wpc%3d29649%3b%24wpc%3d29650%3b%24wpc%3d29651%3b%24wpc%3d29652%3b%24wpc%3d29668%3b%24wpc%3d29669%3b%24wpc%3d29670%3b%24wpc%3d29673%3b%24wpc%3d29675%3b%24wpc%3d29677%3b%24wpc%3d29680%3b%24wpc%3d29713%3b%24wpc%3d29716%3b%24wpc%3d29826%3b%24wpc%3d30048%3b%24wpc%3d30049%3b%24wpc%3d30050%3b%24wpc%3d30051%3b%24wpc%3d30053%3b%24wpc%3d30055%3b%24wpc%3d30056%3b%24wpc%3d30054%3b%24wpc%3d30058%3b%24wpc%3d30063%3b%24wpc%3d30057%3b%24wpc%3d30060%3b%24wpc%3d30064%3b%24wpc%3d30059%3b%24wpc%3d30062%3b%24wpc%3d30061%3b%24wpc%3d30065%3b%24wpc%3d30076%3b%24wpc%3d30069%3b%24wpc%3d30071%3b%24wpc%3d30075%3b%24wpc%3d30072%3b%24wpc%3d30067%3b%24wpc%3d30070%3b%24wpc%3d30074%3b%24wpc%3d30068%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d8630%3b%24wpc%3d29823%3b%24wpc%3d29824%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d6425%3b%24wpc%3d12176%3b%24wpc%3d12196%3b%24wpc%3d12213%3b%24wpc%3d12210%3b%24wpc%3d12177%3b%24wpc%3d17962%3b%24wpc%3d12302%3b%24wpc%3d12199%3b%24wpc%3d18382%3b%24wpc%3d19086%3b%24wpc%3d21050%3b%24wpc%3d19002%3b%24wpc%3d30017%3b%24wpc%3d30018%3b%24wpc%3d21051%3b%24wpc%3d21052%3b%24wpc%3d21053%3b%24wpc%3d21054%3b%24wpc%3d21055%3b%24wpc%3d21056%3b%24wpc%3d21057%3b%24wpc%3d21058%3b%24wpc%3d21059%3b%24wpc%3d21060%3b%24wpc%3d21061%3b%24wpc%3d21088%3b%24wpc%3d21089%3b%24wpc%3d20922%3b%24wpc%3d20925%3b%24wpc%3d20948%3b%24wpc%3d20965%3b%24wpc%3d20962%3b%24wpc%3d20926%3b%24wpc%3d20932%3b%24wpc%3d20954%3b%24wpc%3d20951%3b%24wpc%3d18964%3b%24wpc%3d18971%3b%24wpc%3d18973%3b%24wpc%3d18974%3b%24wpc%3d18977%3b%24wpc%3d18981%3b%24wpc%3d18984%3b%24wpc%3d18985%3b%24wpc%3d18994%3b%24wpc%3d18997%3b%24wpc%3d19023%3b%24wpc%3d19024%3b%24wpc%3d19030%3b%24wpc%3d19033%3b%24wpc%3d19037%3b%24wpc%3d19045%3b%24wpc%3d19054%3b%24wpc%3d19060%3b%24wpc%3d19065%3b%24wpc%3d19074%3b%24wpc%3d19107%3b%24wpc%3d19119%3b%24wpc%3d19121%3b%24wpc%3d19122%3b%24wpc%3d19127%3b%24wpc%3d19128%3b%24wpc%3d19130%3b%24wpc%3d19202%3b%24wpc%3d19205%3b%24wpc%3d19658%3b%24wpc%3d20220%3b%24wpc%3d20329%3b%24wpc%3d20244%3b%24wpc%3d23073%3b%24wpc%3d30024%3b%24wpc%3d23069%3b%24wpc%3d30023%3b%24wpc%3d30022%3b%24wpc%3d21514%3b%24wpc%3d21471&acd=1696430391557&envtype=0&opid=d8dba4e5-7b04-4586-b250-9b54242e269a&opdt=1696430391557&siteid=321135&tgt=%24dt%3d1t%3b%24hc&gdpr=0&bldv=13403&visit=S&statid=1&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fwww.file.io%2fdeleted%2f&cappid=2762954008211025756&capp=0&mcrdbt=0&insid=8894466&imgid=0&pgid=1143513&fmtid=82113&isLazy=0&rtb=1&rtbnid=3490&rtbbid=2203769346639107891&rtbh=19c3be8d2e5e5982011931b3f52deb0f4f66b94b&rtblt=638320271915619835&rtbet=0&rtbptnid=76&cftgid=f2ccddea7fc0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7276 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvDdM4T-GTVRYKhAbtoJmhfW1R_TTq22nxt_U4Bqvgsk_0epwYuvVHkdLJnsrXu5CT86zmJbek6VD-WZZc6zZajg3Lh347aKtFt2IPNPaJCrihSus
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7276 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5510322065162005139&x=60&ct=76
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
action
www14.smartadserver.com/track/ Frame 2A7E 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www14.smartadserver.com/track/action?sid=1696430392448&pid=1143513&iid=8894466&fmtid=82113&cid=0&key=impressionsonrender&rtb=1&rtbbid=2203769346639107891&rtbet=0&rtblt=638320271915619835&rtbnid=3490&rtbh=19c3be8d2e5e5982011931b3f52deb0f4f66b94b&ts=1696430392448
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
transfer-encoding
chunked
content-type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B27A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
209210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 04:33:02 GMT
expires
Tue, 01 Oct 2024 04:33:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
pagead2.googlesyndication.com/bg/ Frame 14FC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
68499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14789
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 19:38:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 357F 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696246517909956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 14:39:52 GMT
index.html
s0.2mdn.net/sadbundle/3732934259778781184/ Frame CB4B 		16 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7062ea887ccab5ead5bd1c6068b74d65390d6b97a233068e5f5a5896ae1524b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2257
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 14:39:52 GMT
expires
Thu, 03 Oct 2024 14:39:52 GMT
last-modified
Thu, 29 Jun 2023 14:58:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 357F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3wSD7j0viDwy69FDuRU4aRSunxCI1O8XFoiM2pkLbEmzPK9tvU4gq6-9W4-FEzQAPF_JneqQGJjv_wXo6lSZwBOfAGFkh72EHseloevepLFNO0u_2OSGNtmPyks3_Bw2sEMNpZNm3kVb5nhPCsqp6pxeaHP8l5OrNE20ivu8vYIhXmVvjyh2tB0ncL0v1ZGEQshN2LdlC4jOQeByrtHHwpQcHIm90CKfJKksef8OlIBe-eK6dvqt1Vnrr503AEpbM9sgV_FQ0YMF6k4nDZ7lvnzNdfFJhmJpPPieelYcdJadX5VPdsUty_a_5ocgBL8FjtNIASADLzwTQ_YT5yMQnJF_UGarH-nLsTiYi2Fer3nK9gWvU6_q4QJY0uhc4Q24Vtx_pEwMJn8RDe5BMygNsc8lUPcXhlj2VcZGUN1EToeJ627R9FOLbk5TsVmVf7KAxPngQ0D3oHpVcYQplSjRmwYI_bmMMA8uPyRyOygUSypdIZDhNCMwF2fub588RN3zfbZj6tsas4eSqxFVUxbNdeTZ4sSGXeheRjFyOFwx1N3Voh1f1W--qMNkrg7FWF-3w07n2dC7PtU-66NJLiewB-RSyBT2vBAgmMF0g5XjTLV7E30q-cwQ0pe57sWSgOapEhSxnXUBFHA7RCqFA90hkbxoKDegMLam8NvdrO3cmGMRquskwvIBI9zv_rPNqUK95-hNXOY2m_FwOT4jI18Hc6UoNt1XJ0MDnaUuHa5nkS2IZj6kw5KkrTKYXqbjNdhocGqvvSK-jMgs0HZ7wuCInNG4v7YpJVmWlyoEsBlZb-mTTo0OR86WBAs0C3ehpROEl2T-mZ9oTlwMsLfLKmUWKTH6loLt-qQDLOrDG0urCLjxOJNCJbEwB-U-RMNoLsPIcvOnXEmOgmCqZVMiOFdW4xJXV8yyqWCmGAjSRDE_N21elSsLvn4oqvN2j1f_w_-oq4jBYWJqbwrG6jJW4mkGda4u0LR1qKyQ4fie1NRh3E_9PIGoa8YyOJ69ytd4TkDmBCSl3_fZayz_oRcBxdBF76IZfB-wzrTaIGasswBLTa5Jp6JI2gtBQVPJ_oyQJotrdP1z7f5DpZzu9JpYxmkjT_KJhVSRQRIi7n9nSWwFdzE2webzHbdl3820skmexHbxJ9F3fZzNpR76Ojy_v6ggdIM0pBfCtm7eE6kgMydAMH9-JdQklHNkHxjGAs4x1vX9FMiLcHMiEGrKlivwh5C-wbGfW0BkwMit5CvXqa5CtnPxf_4IDt2oC8qIYDltfayQx0nKgiy1dleGc6rkL8Gitr30GR8i6rajztf3PE25B8NmRI3xPnoTV&sai=AMfl-YTtCs8-5GfMhxNAZ6ItXB9g2k-8ckrI4en_8ubZ8WLUFEASkksAhlzV0iVzRznsqC3PoRMlL_gSVbnr9mvMv3kOY91NmDDszRkcCuEwLVaXKBRAS02gwTsNGQ34nEbG4NKLTSNlMEHU25_GsmBrH0Na5M8_caRwlxvVvCjcbbOrQWcSyHbvVz3Ksqx-WIJtE5IxfD_nKwen8-I4fhPHzSZdqYIOyofdrlZVXL2014LUZ_EgqoKnd545MUk&sig=Cg0ArKJSzOsdGz0lSaFtEAE&uach_m=[UACH]&pr=6:0.322721&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=145&cbvp=1&cstd=131&cisv=r20231002.34195&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sync
ad.sxp.smartclip.net/ Frame F826
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEN2YaOO-hUq90ql2eL64sOI&gdpr=0&google_cver=1
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEN2YaOO-hUq90ql2eL64sOI&gdpr=0&google_cver=1&ang_testid=1
42 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEN2YaOO-hUq90ql2eL64sOI&gdpr=0&google_cver=1&ang_testid=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNXZGdmWfw-UtC9X-GUCVVHkyZ8I-f6_ezDgbFGQtKH5cJom1gRIzQrHNk7tWMCoMf2otKFQLa7N_i-cLUH4X10XjLqshhsIchxgjN-bFzjb0cDvBwU
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 04 Oct 2023 14:39:52 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEN2YaOO-hUq90ql2eL64sOI&gdpr=0&google_cver=1&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
m
ad.yieldlab.net/ Frame F826
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEH3P9DDxkVwS-Pq0B2aa8Tg&google_cver=1&gdpr=0
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEH3P9DDxkVwS-Pq0B2aa8Tg&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCb9_-fBBiB25LwATAB&v=APEucNXZGdmWfw-UtC9X-GUCVVHkyZ8I-f6_ezDgbFGQtKH5cJom1gRIzQrHNk7tWMCoMf2otKFQLa7N_i-cLUH4X10XjLqshhsIchxgjN-bFzjb0cDvBwU
Protocol
HTTP/1.1
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:52 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Tue, 03 Oct 2023 14:39:52 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEH3P9DDxkVwS-Pq0B2aa8Tg&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B560 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696246517909956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 14:39:52 GMT
index.html
s0.2mdn.net/sadbundle/3732934259778781184/ Frame B560 		16 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ZqlLlKExLK&t=1&renderingType=2&ev=01_250
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7062ea887ccab5ead5bd1c6068b74d65390d6b97a233068e5f5a5896ae1524b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2257
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 14:58:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Oct 2024 14:39:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B560 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstxOxcebbLklv_L9ohPyUBiMoJVMMewDzYp3XGp_MdcMDlh6SFzC7AkDkf_eKH16hXN3heKWtVa6YWRSk9Bl-B2JfLx9JmDsIZtTMCZ6wRVJ9PPP39SB8qC__G-hvl_G6X7AOX33ziV8QFfhVwo_5wYhKr7nPaokqezSM4eGHhQ8UcKrnIwe_G6hpi2oiFhGMpZW4Xpvt74M1MwnrbsTQrNRDPZSVgSyWq8i7ZKrSSFgVOpzI3TovrwOjzM3Ko2UcU1CxnC4qBqIczoFB95uC2DKVCEWbDjQ-ISLZVKfXFR-qyVPhWbH9D36ecdnhxg05vg3yokj98FFMWrMEOrSaiHVEPe_yIEp-e5qBvtf6KjQQO2wqHFzbRCi-nc_P6YQdoJKOcxSiCglja7_fUtnxQh6EBtFhMmn5l_LkBDO9CJBcLOPzll_GsLltHzHi7UDAC_rxr-mdJGze4Etwg0f0JFWpwT13qqgi1rt9DKbhDWhfC6ME_xltJ8NYcqw9MRRDSUq5IGj4ZCPMT95V4gzSqEfjDw1Rec8cENmf7PZsaDAmN8KtWhAZ-Djv9LlSpLYVvnzwE-BCzjVCQ7BI41yKtUdyw0ihcEC22saJTaV4x6HkoNLsYU6BXr8EYLA5Sb3JtyWg97WfleVoTXy8LkEiBDqABKXsKHiqMo1ScrsPxgTq9BjZ59etpuvloa6fCFUpXb87ziA1yWFB1_BEOTMNKIMTr4dZb1n6b1CJfEuqKZ0xzs78vwpJ5kSb1O1EtbPw8l39tXBFzfc-kWcKE9wRsJ0TqCT1vYiOX5YSng4xL-Cso6bIeglhjdoAfSEXzagdR0-V-I4RTGZztMRXcYo53T98uPYa78groxfIaVbtmfIdfAPcNw_vzETcjItkigX8VxO2iIfElam0g8kp-NzqrLCKrBIAyiQeyp7hVCE4TthWOD5mHVkCxZijOAglH7vyzF669zyiGG5wp0C8MeiiZnMQ0PzXO0KrabhXR8ip9FkP-BiMPu_cf3tw3aaZdPBFEopXx1-jwqi9qj5PzTgORxtlscmbKTL8Pu3Vhfgt0L_kUViiBwlJ4UIARpxIRQxIpaXtCbToJdFOcbmrUNDyXsNgRfc-RXeaTeWt2ohJlGgqdHuLOjl4l9nrTbwmPFoBQSh7yZLWRs4BfMc75yPpPgjyMJ_0LijjE97bB8U4vF11NWOtZUoWBwJ90YMh9bRMDoDA51qembtKb8gKeMnwCP25GVCb_lPiY0DgAFZjMRLDnC1V3BcjFrrm1fdVtJu1ltPf2jBuIFK7xV_aN2OpKVtUABGsAUsjb05MFXDovYB8liB8qK&sai=AMfl-YTopEn3DJim0gN_DZ8aFR7ectp68c8E1B7YlDVjRyzDkoQO0-laQvD6S55xXexfSGNC46ermaGfSHN7z476IEZF1f3iStgrf8HOc-9-ngDPB95rPz_Y5TR-aNk47_3UbwtPRl2CewucRj5guu7wEpin19xOp0bkkIzqNG8uT_mYHqzKlzXxobteaq5U-CZ43Cmq7MRlO0llDvt_EloNJ2wXdz0Wdm6F84pn5NRCPDaFl5NpQbGGdE3MIaM&sig=Cg0ArKJSzGKasv4xzHoWEAE&uach_m=[UACH]&pr=6:0.338060&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=2&dett=3&cstd=141&cisv=r20231002.55038&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7276 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1985939251745&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7276 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1985939251745&version=m202309260101&ct=76&x=60&cor=5510322065162006000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7276 		77 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwfmiuE2raet6AX3vRaU_Jt2HR5Gz4hhmmbptb00urtx8XeapQ0XzFs4Bxc4vl0NEKI9MAW0h8LTW05nMM6ay9Jr0hbM5_uhEC6tE8a9Z-EuojFz7q2UcW9ISSAFO2k03nsGo8RchjEdJVFwsIMUY3mETbkfXB7hGNyAyQGiQ9zUgnZRA&dbm_d=AKAmf-D8riQ-eXLGk_gLNKRZQeMIn3S8y7l0vV_0NrH7DWf7qwhYen0TCvJNKA7TFn9wZJ-tMEfF3lb1QEcjsYfrILtHf8P3qxr6FeAI7wSCUA8WJUP-rArJh5BChgwUQmtgf_eDOV63llgvD4YbRp5w-cwiaU14E6cG0UyjoaudINUpTpd0fglw2P6xK2-zsAxXpjJH4mLciw7FpZjM9_Jjb3V54GivkXCHKJRGfBsWlW6hMAl85EpqQCKjtxl-i-BO7-CsC6FYZ-zRjy9lgBT1Pb0HpkdbFfgyn9Xw1Ps0Zxts0BMu_kpx9LGpPUGJIOAy6JDJwyWjBMC6TN_9UYkHDWj-pMjn0-gmadImfPpvnIzX2rtjs3mvYztBNXLeEfYU3dlP-1dtawHOsdSim0QgfQ6G4p950epQRqGoMCbvdCQurKVWMukuYdjpJ6zldAg1ace6QaUej_INBxv-Y5oI1RNOPx1eHMRmi9vwDS_bgeP_so7oC0eDK8pa1DhImos97aghmo5bMXDRCnGeHpqjQBGEA7vR_KMKbE5Erlsw6WmrsmAFb8TVN8t4xG6CSpfiV6NVpipkSSVAIDzfKeL35nLjfkFbcIOAm0OI1bnA2VIlcPrFuCrb7D3L8UOdmaRzryiXsXCGChzB_EQPGvWE8xXsfKIkoudJMVQZQfvkJ5bbdjUDRkUkzzFlfYc_LQ3EOvPreZv9_39jHiJs7gWGvXYsAR3FSM-oVNRx5q2SBz8ZpGs1Q40raYWeQbjD-y2-MiqaDAC3oQY1LQJyAtDBvdkIqCtMi_T-IWc_tOYFlzGNB-LHXF-3CwQOfHT8F_19vQnWoXAdZrNYI1fjnRK7I48VWQQ5vDU-Sb9lQQ0JM7ljq9G2D1YnEv63TfJ_MZczVzTRPfAZ4Iu8m9Uq_7RzdcljqWStKwXU-HSJqk_zDIcuDWhrdQuDJVvDxbNUI_Lh-wTd9ZbcX2wQKSw9OuK-gKoUeM7DVZuEW3p1-e1aPlYZH9LZCJczyTmQcPc6oZ0gr4OD8MRoOAp83VI_c6qUO_fLmcwx0__TAD-a4zEMexTlpLy8yoDtShbiG4vubUvGPNp47p_IfpiXW_br4QWoOg5Ym0-AzxvTROJVohBcby-j4pBzin6Gxm8g_RoRwqJKrkQR7eMIV1gvh55b8Ri6W3KKAOs97q9yS2sG3DivrdQJOTZxbjAHWWV_aa6v2e6Wa3-se5IUBKTB5HhIlJUm0JlADn-7ddZ-8t8mNd-uCKmhGsXyd5ntJLXQdaYt3XXPXAQJPK70k4RiDiLFczHqib_6HtjSXnrsecKrp1T7mxilXdR1rSETSk0rTY8Zk9FODFJVSNK2s8WHpelkqR6PaZF9zcKh90iF5mh8JqbiTuPhE-sNFLvzhgJlBT-c8ZP_tCxhFlYHiOmgXsYpPdFiYfcS6C9Fa0pJ37yR9oTOOU1vLrflA0-JwU4OtRfrx8J--8QUSeIklEn_v3hUHurM04q4sQ0i3SzP5PGZLs1gUfcmbs90IPkMr2IqRE_obt4ZqdS83eWYLc8J-Kt43pOisriKgUEBNDtftSb7QUfsXiD7ry6TpyC4wQJnM2xdMIqOpWftz7qMpxHsghGT3M87HMGV6pwRlw2Wk0BbfkSNmCcb08GQOil6TDfafhl4RRmGcLurxv6GzXsRQU_LcuYJ8EGCulAmwWnZ6WmqekbejUeO8V-rIXyD8_v-Es0MoukQNH6DIDLu2eeXjiKzhFn-rUy4PMTw5dFzSMMBX__N6kAFeNptjph06kwB05zF6udzlQ2NXSTR7N9MFD1bbN1YvFrY0UPriMs6HKhohzWPrUTuOuXM3MkkVyZY0RPxXt8snuxmUOKqjyLgehs48LQ_4X1F1_CYtxf_BTZ-3BPe9LkHOhWJNd1b9Edpd_zhhyk1lZq0XUkveVYI7r42qFmE_S1qLDgV3JmDZl8TaxF3P34TU6UEtBupPPsFOM-fSgLKA3Spn-8FJl2_yRUC2HjPBzkRlEpnQyI24Yun4JlheN0r1ZwuSvraUsKJ4NOei5vgGn8DKAGN2klFjkYZs6EFIMQS4VO9kKZkBdcmzC1OVyt_Waex9qKMR1uIPsZftC7tywH19XHmCPGttF185pkczYERXEqE66c2hp52CV8VZQFeg9E_dRt3jrJze8SZBFi_hjN0TnoCESJ_NjO0Y-PEuflVTauSz-hTlZOrg7uc_4hy59sMyNitt0ZFNMX1BnJ4enTSlHBdv_Zev76MaaPQrRi2V19Q_lFwbdrxdeco-tt0ENz8kpMv53girAt4xFhpT1pGXbgaY3-4y1FUvhy-HVFdoqPLe5vy9CgD5qVoQCJET_l25uG5248JOnnVWUjAmtO_HdlWxxejlxwKC1TMRvUUz5VZJ7Txjl4wWS1e90iW_brwCdtAU8_ABpvNeYUKuSRI_CNNJdeUMs8EOp3ivN8hUTU55Y2mA98vq-sG7E50QMwrkapijTN9CZKplSKCg9QCY1OEZrLhUQTn6ZttzmAh66V1rfi7MYy7qQV6cHcL_L16ZqZz-bv8bt1syYGzr7rbWqSdMln1wx5D7S5Yhd2-K0-PA75rjGnWnCGaibEb7GTzTj9cdX-xsNwymxl_bXdWWT7N-wUAa7h41CONemk-yemXjtge9lK6m0FZnQqrbFTAzoN4hLNyUaeHMfsTwXpkFSdh8od7pCf0N_8CL0iszqS-fQhu8oNCu9aq9PR4TuNHurj5kLdmtT2YRzUDHn4VpzGSlFew38VlyKcZwoRBPOhkMvA97TDtCsklceWQYvMorQpN7wW68vY9ojkvVr-XF5GrI5_oyimSXJf9cp2L1oNLhWJiwiHqKMr-3QdPentsjVEqmVbdFGGUrrfMb0QjNQMyA4LJOthA2i-snb-iXPNgIrW5ZgI-7U__ScI1Y1fnuuGJvHWATZANLS9LqQKs6k4Rm6dO498O6LiACaTq8IaveetvY99Iilb2xnwYOAWQ4BBSj9wSscmdxlwOKvKyw1ghADvJw7hDXirw_XwyyGkpzdzQq3-o7kZ5ltu-CMqAYfpU7-hBsnbJb4Qagf4SRdWUsZSPCHeEMOFHdMHCNM7HpPsemSNYKDmq2yGlWffMJ37BQjRq5LOaIzP5SELSGb_gPjGxziE-gqx5hLAA-zzE4g4CYc2-Ftnz9Gt6uQ_QU-JHMp6U3rjr7R9QyoKF7MHa-ilEPrFeyl2nLvdi3SFIggyDu-JrXakKrRr8W5ooQ58qLVjBYnuvQm6uX40NTMa-5iQANwNkThjFNAs0G1d0oVc1HRwq17Va_JA_1PyIZkGooZxu2Opu5f0pEmGwOpMa7afEHDqMfkQg4I3gp7MxY4YqKsoobIMmaR77k48RUy7EFcSkuJwvUNDWCEwnB0b7kJl4foXpZ3YPL5Z3WDH09SuX09fa2U1M8TMXIxRJ15MtpFuGGQ7XnDpJvzeebFWtevh4HEMWjTsVe4QSDlViNVqRwbWYQmUGc0w2u5AjwDljapKMhXHrLlrg1Ubww6DiqiGNNmTgYv7b2BCSpS6W0ExRKyRIr_DGeeBIf0ObAfJwpuB61SS5oQKOs4kfvlK31-ESyJEc2FZOB06XmTMG7o-L6i-pR4WdSSssuTvj38E9wCdZG-FQuYNVVw4zlnRgSuU7gj9sbGK8HPsGRLBkK2WwDJjXV43KXD5EMmWum5fc1xtw5sRh7l7rqPdbCMaz&pr=60%3A0.09242&cid=CAQSMgDICaaN6_eyV980yuSky8yD23WU0Vexu76P98rg6co0How1ujKQFO8Q1FbLihXoKEViGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&ds=l&xdt=0&iif=1&cor=5510322065162006000&adk=454148914&idt=74&cac=0&dtd=28
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d146611ef5bdf0fa751ab732161e1f81e1001041b615993b8cfa49e921fb1b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame CB4B 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 14:39:52 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame CB4B 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 08:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22489
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 08:25:03 GMT
style.css
s0.2mdn.net/sadbundle/3732934259778781184/ Frame CB4B 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3732934259778781184/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58023857e618007c2eed153d50c90c290e31677b495ab330eb6480f729175557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 14:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344715
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2097
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 14:58:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 29 Sep 2024 14:54:37 GMT
css2
fonts.googleapis.com/ Frame CB4B 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
logo.png
s0.2mdn.net/creatives/assets/4902406/ Frame CB4B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4902406/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:35:53 GMT
x-content-type-options
nosniff
age
240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2869
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:49:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 14:50:53 GMT
main.js
s0.2mdn.net/sadbundle/3732934259778781184/ Frame CB4B 		22 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3732934259778781184/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e46a8ec58514255aedae877395b5a33ecf0576eb368690b64802b1d4718627ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 16:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339224
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4157
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 14:58:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 29 Sep 2024 16:26:09 GMT
fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
pagead2.googlesyndication.com/bg/ Frame B27A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
68499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14789
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 19:38:13 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1661 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57766927&p=159234&s=703967&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d7589354b0a4a50002e110c2f12661dca930e8d6f91b798a4fe9ac61418de517

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 04 Oct 2023 14:39:52 GMT
content-length
1836
content-type
text/html; charset=UTF-8
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 41A5 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 14:39:52 GMT
Enabler_01_250.js
www.file.io/879366/ Frame 41A5 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/879366/Enabler_01_250.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 09:08:22 GMT
content-encoding
gzip
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
last-modified
Mon, 26 Jun 2023 15:59:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
19891
x-amz-server-side-encryption
AES256
etag
W/"5005913b9dde303ae1924b0487b70267"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
1RvwFbIGS6KsazhcSA8D5oCjxfoUOo57taCduD7z6mF-cEdJEWermw==
style.css
www.file.io/deleted/ Frame 41A5 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.file.io/deleted/style.css
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 09:08:22 GMT
content-encoding
gzip
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
last-modified
Mon, 26 Jun 2023 15:59:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
19891
x-amz-server-side-encryption
AES256
etag
W/"5005913b9dde303ae1924b0487b70267"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
3U8ix2_9AxNhxMFcIvRwmRymHsg7EEwcyk29wokA30aE8W6OtLCusA==
css2
fonts.googleapis.com/ Frame 41A5 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
logo.png
s0.2mdn.net/creatives/assets/4902406/ Frame 41A5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4902406/logo.png
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:35:53 GMT
x-content-type-options
nosniff
age
239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2869
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:49:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 14:50:53 GMT
main.js
www.file.io/deleted/ Frame 41A5 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/deleted/main.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 09:08:22 GMT
content-encoding
gzip
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
last-modified
Mon, 26 Jun 2023 15:59:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
19891
x-amz-server-side-encryption
AES256
etag
W/"5005913b9dde303ae1924b0487b70267"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
j_xelLLlyAYDIrr6L4fMJAjvnVopJFzrs8jGRlt2Sd9nF0uzyNY7pQ==
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame 7276 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
71447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:49:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7276 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696246517909956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 14:39:53 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/ Frame 7276 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/omrhp.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
71883
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:41:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7276 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbas8beiOO8xRyUpZlKLLKS9QkItwBvHPyzKAozpg3MlO_ly3Lae-zbkbKVllssC1vdjTZNaTRa7-mKp-8C_fUtrr7wqeTWlMIxG4Sfvv4zT-7L7mKutpPesugW7YxOYktYS3xFZwB27aND4NUsgklrc2uoCpg66irgiySSTeMT6NJZNGgKbHSXr3San23Y3OwQdINLKIiASze6pPVJa54Lbp-6HIM5eM7ih-pLKDW4u9pwqnIZQg10pswuT7lcoEDmEAuUYlky06ObLV8dz2zIf3qiScG1m_mVqergUi_t7NCR1S11f4xlr8nZ_BnczwDIYap6Rqpws_efLFBOlD9J_GuK2wFP2FDm7slgFeu0jk8ogfhUFhZ1wf_L6Vt_SFup2BaDKahhwbEW8I1uY8TqqT714U0SFtHVegCsKSiujoP4ycVUH7nYp_je_NwgsXPGcYfg_DS-hGvKrVMbNZco3UcnJkHV5wU93dvLdYNgYwzunKmdCLfuTEkxOOguZ-UPGgBgyDaHFCOiq1Z5O7F_zo79G5Fb1yhkPCFxqgBshstk6v20FsLmBLVB_ULX4AIP8aPI5wWisH3Q4GAbWSdOFnI1Lt9ITIiVGLDvGgFOdzy75B_7LBb_9RgVkXAWD5Ft81BrR93HfDaa_Ckpazx-8ybuR8DvGY1TL-QmRzMu9hDa5uhdkwTLgD1GlbPFNkBkzrJ4AkmSyVmPtp-SzUWhEYLmaB2yrQzHP61Xy-qa0-IsJS296jhsgfvKD5EAb3NkDWuLfeyON8c4FAaI9UIjM_H6mu6ii962p7U383qMBLQyACiUvM6Y9viE8Zx2yyZMF2ykY8Z8kblS7FY_4RElc782HhlvdXm0FLKaJO0EKDAm43XKVmkjHMNneZEnIDomaslcGgLmNoOxwG9jkDmSoBpZ6ido7bPdGVjlu4Xp7KL4vVT8UZ5S-WRfgQERGyHXLYzAvr02_q2DBCkpIqFuMyGO17QCtERLUWiC68Bs3an2ZhxSZlgTSbreSTj78gRBXA0qjX6PJCiWPSi3uuVBPbZKW2DDtl-lC5E4bI_99ozpxOLIMquO7k2-g27cPXONHFnnxAcY1-z2UZ0KhW_Sp1GdVfSsD0sEcWaflWXZ-SDve0xTgaeQgZYyfcY4AJcwW_MsNuuTQweTSvSxDjEvU_O3boskGaMS_FM46Cd1L0Sp8mNO5qjcymDFBVsx0dFr1hM1XLutejVhCaDpbcj3gdVD2e64zBMz3aqcdlkkq2IC0UvwtcbzqVVilQPZKBopg8EllMbpPYTvtNbHT3-qbzVqijmKbs2r_7MOko_gg&sai=AMfl-YScCIzKPdoLRMpwspq8W2Hn5nYW42EKOnH7ukO8RynKg_G-avSZ6VdXPhuDzltNCmkDKzzZXdFYykgcIJ6CmT6GnztuGr4VHkaODptY58QnbDwUHaTzvTFPg7nA2CtycMZMAmhHXxMTLLiJw5ekIybvggoXlSnUspL0hv2I01w9HESvzODkM7sTD69GcmG2BCDLglcGATYd09DLSCDfXVkuAH1cyArjTN6oANihIyy0ScmSsDWg2KL3IdI&sig=Cg0ArKJSzKy-jp-7TOOYEAE&uach_m=[UACH]&pr=60:0.09242&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20231002.41101&arae=0&ftch=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 04 Oct 2023 14:39:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7276 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
459689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:58:24 GMT
8193943097734355682
s0.2mdn.net/simgad/ Frame 7276 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8193943097734355682
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c3ed4f0a8f1b65c20077534676ae3a2ddb1c1419f68ee83795a85cd2b93427f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:06:23 GMT
x-content-type-options
nosniff
age
174810
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76989
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 06:48:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 01 Oct 2024 14:06:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=2491912848628584&bg=!-vml-bbNAAYEJRtnJCU7ADQBe5WfOILskCChqTPuHKSjTYwsrM54C72pnEiGBjBiHiEm-HOaTNxYars10NpQkxVR8Y1WAgAAAstSAAAACGgBBwoAWcgpjJZlw_BxZ8uqsSgFlhuPT8CDCWWD1-AInRfpDCVNZ6fzOzEfTU0_KCyhX4vC5mzY6MHEKCJY0LqPBHzAifzx-JqldqG8Ly6BXzsLPhtGAPi6mRvvlHK2mQKtW9jco62QmlIiq1IXUmxT72BZrpP8xlAWwzDA0tj390pz5UzzuM7mvXAKAWZEp9Y_g3WlfohSmzkkJ-b-aiaZw3RlM39pLmDPlaP6rOdEjpNAP16mQnl_4RTqE3zXgAfBjB0s-BLuwKiVbc8Q4qzrxcSfdyTmYEEyYHILkarwP-67rjn3bcNea_a1mrRxyuGjLxJc8yP3xEr9NIFgEjG7MSEKpJcO-xa8Icx2gkQ3z2s03_djhwBCwftSXIRtMt34xHvp0Dl5xfUvHcGfONDhWKa4EXvwBOf2TxuhVabGdCAjjMXPxxfpN57nfZCIms7gTcJTy8PyRb760y5mA1TdcQKkvTv5q50jGR7vdBOGkwOYZ9hHfpuKKEN5P8eJ6J1QbyLbFMiCo4cwCSUGP2_BBrY48R_soKyrX6Rws0Hk71-BnzX2fvrmnMxVsyV1Jkc72ipQt4kLBHNZXyV39gkDmSLolpaxPKXavDbfhfSuVq7kfVA7q14MtED3ASaaMMhTFIiQraT_kHjyiVHUEeRjMgIbnfoP9o6P3Str-rQ50KsyVm18damG6UfO7qM4ca6eMQW8ExGnWw6pJ-bYgs2vC_5ucLYRyV4kOYRISlwhm_ZfDStvOUvYwsflmVMZuey7SffqA2DAfSHRLm952jIYSyEHmI5PrdglJwFtgnCDqiJLTb1Ctg1SRwv3hGgOBBFSh8LTkqYFEUjjVGQOsD5SVDtViUVA3IdcsbTBKC5mT_bSCAb7o7y-svDCfJW6wB1H4pufi8vTVrZF3mEz7NjBq_pefFPgCGEc8SxvN7yivoSQ1i817fhvq8qyQHqi1Eqx9kqWOIw0iqGL4DbJV9cbt9LUYAWaW2gdsJ5ebVcfz-nr7YHCcb_HWEn069_0sc3jPdi0Ked6E34uFNrJEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
Pug
simage2.pubmatic.com/AdServer/ Frame E016
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 14:39:52 GMT
expires
Wed, 04 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
765822
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 08A4 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=844E5247-9E5D-4BC5-A15C-1075184A440C&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 04 Oct 2023 14:39:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
52GR2BQYV3N6B4QYDCY8
Pug
simage2.pubmatic.com/AdServer/ Frame 4543
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7770374247560168041&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7770374247560168041&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
35bf6073-8191-4cee-84a3-2152d7a7d060
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 14:39:53 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7770374247560168041&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 2FBC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yit9kssnf8DRf3WUmSphxs8mL8fRfHnGzioRLONg
42 B
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yit9kssnf8DRf3WUmSphxs8mL8fRfHnGzioRLONg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 04 Oct 2023 14:39:53 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yit9kssnf8DRf3WUmSphxs8mL8fRfHnGzioRLONg
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
image2.pubmatic.com/AdServer/ Frame 1661
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODQ0RTUyNDctOUU1RC00QkM1LUExNUMtMTA3NTE4NEE0NDBD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1661
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPQ-Ka-DlLLLPhL5ATQo0-0&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPQ-Ka-DlLLLPhL5ATQo0-0&google_cver=1
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPQ-Ka-DlLLLPhL5ATQo0-0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1661 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 03 Oct 2023 14:39:53 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1661
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=227586578612158718
42 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=227586578612158718
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=227586578612158718
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1661 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 1661
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=844E5247-9E5D-4BC5-A15C-1075184A440C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y_eO6rpE2uU8BbsrCgxWJl7wGAh3aSY-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y_eO6rpE2uU8BbsrCgxWJl7wGAh3aSY-~A&gdpr=0
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y_eO6rpE2uU8BbsrCgxWJl7wGAh3aSY-~A&gdpr=0
date
Wed, 04 Oct 2023 14:39:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
view
googleads4.g.doubleclick.net/pcs/ Frame 7276 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbas8beiOO8xRyUpZlKLLKS9QkItwBvHPyzKAozpg3MlO_ly3Lae-zbkbKVllssC1vdjTZNaTRa7-mKp-8C_fUtrr7wqeTWlMIxG4Sfvv4zT-7L7mKutpPesugW7YxOYktYS3xFZwB27aND4NUsgklrc2uoCpg66irgiySSTeMT6NJZNGgKbHSXr3San23Y3OwQdINLKIiASze6pPVJa54Lbp-6HIM5eM7ih-pLKDW4u9pwqnIZQg10pswuT7lcoEDmEAuUYlky06ObLV8dz2zIf3qiScG1m_mVqergUi_t7NCR1S11f4xlr8nZ_BnczwDIYap6Rqpws_efLFBOlD9J_GuK2wFP2FDm7slgFeu0jk8ogfhUFhZ1wf_L6Vt_SFup2BaDKahhwbEW8I1uY8TqqT714U0SFtHVegCsKSiujoP4ycVUH7nYp_je_NwgsXPGcYfg_DS-hGvKrVMbNZco3UcnJkHV5wU93dvLdYNgYwzunKmdCLfuTEkxOOguZ-UPGgBgyDaHFCOiq1Z5O7F_zo79G5Fb1yhkPCFxqgBshstk6v20FsLmBLVB_ULX4AIP8aPI5wWisH3Q4GAbWSdOFnI1Lt9ITIiVGLDvGgFOdzy75B_7LBb_9RgVkXAWD5Ft81BrR93HfDaa_Ckpazx-8ybuR8DvGY1TL-QmRzMu9hDa5uhdkwTLgD1GlbPFNkBkzrJ4AkmSyVmPtp-SzUWhEYLmaB2yrQzHP61Xy-qa0-IsJS296jhsgfvKD5EAb3NkDWuLfeyON8c4FAaI9UIjM_H6mu6ii962p7U383qMBLQyACiUvM6Y9viE8Zx2yyZMF2ykY8Z8kblS7FY_4RElc782HhlvdXm0FLKaJO0EKDAm43XKVmkjHMNneZEnIDomaslcGgLmNoOxwG9jkDmSoBpZ6ido7bPdGVjlu4Xp7KL4vVT8UZ5S-WRfgQERGyHXLYzAvr02_q2DBCkpIqFuMyGO17QCtERLUWiC68Bs3an2ZhxSZlgTSbreSTj78gRBXA0qjX6PJCiWPSi3uuVBPbZKW2DDtl-lC5E4bI_99ozpxOLIMquO7k2-g27cPXONHFnnxAcY1-z2UZ0KhW_Sp1GdVfSsD0sEcWaflWXZ-SDve0xTgaeQgZYyfcY4AJcwW_MsNuuTQweTSvSxDjEvU_O3boskGaMS_FM46Cd1L0Sp8mNO5qjcymDFBVsx0dFr1hM1XLutejVhCaDpbcj3gdVD2e64zBMz3aqcdlkkq2IC0UvwtcbzqVVilQPZKBopg8EllMbpPYTvtNbHT3-qbzVqijmKbs2r_7MOko_gg&sai=AMfl-YScCIzKPdoLRMpwspq8W2Hn5nYW42EKOnH7ukO8RynKg_G-avSZ6VdXPhuDzltNCmkDKzzZXdFYykgcIJ6CmT6GnztuGr4VHkaODptY58QnbDwUHaTzvTFPg7nA2CtycMZMAmhHXxMTLLiJw5ekIybvggoXlSnUspL0hv2I01w9HESvzODkM7sTD69GcmG2BCDLglcGATYd09DLSCDfXVkuAH1cyArjTN6oANihIyy0ScmSsDWg2KL3IdI&sig=Cg0ArKJSzKy-jp-7TOOYEAE&uach_m=[UACH]&pr=60:0.09242&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=104&vt=11&dtpt=101&dett=2&cstd=0&cisv=r20231002.41101&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 357F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3wSD7j0viDwy69FDuRU4aRSunxCI1O8XFoiM2pkLbEmzPK9tvU4gq6-9W4-FEzQAPF_JneqQGJjv_wXo6lSZwBOfAGFkh72EHseloevepLFNO0u_2OSGNtmPyks3_Bw2sEMNpZNm3kVb5nhPCsqp6pxeaHP8l5OrNE20ivu8vYIhXmVvjyh2tB0ncL0v1ZGEQshN2LdlC4jOQeByrtHHwpQcHIm90CKfJKksef8OlIBe-eK6dvqt1Vnrr503AEpbM9sgV_FQ0YMF6k4nDZ7lvnzNdfFJhmJpPPieelYcdJadX5VPdsUty_a_5ocgBL8FjtNIASADLzwTQ_YT5yMQnJF_UGarH-nLsTiYi2Fer3nK9gWvU6_q4QJY0uhc4Q24Vtx_pEwMJn8RDe5BMygNsc8lUPcXhlj2VcZGUN1EToeJ627R9FOLbk5TsVmVf7KAxPngQ0D3oHpVcYQplSjRmwYI_bmMMA8uPyRyOygUSypdIZDhNCMwF2fub588RN3zfbZj6tsas4eSqxFVUxbNdeTZ4sSGXeheRjFyOFwx1N3Voh1f1W--qMNkrg7FWF-3w07n2dC7PtU-66NJLiewB-RSyBT2vBAgmMF0g5XjTLV7E30q-cwQ0pe57sWSgOapEhSxnXUBFHA7RCqFA90hkbxoKDegMLam8NvdrO3cmGMRquskwvIBI9zv_rPNqUK95-hNXOY2m_FwOT4jI18Hc6UoNt1XJ0MDnaUuHa5nkS2IZj6kw5KkrTKYXqbjNdhocGqvvSK-jMgs0HZ7wuCInNG4v7YpJVmWlyoEsBlZb-mTTo0OR86WBAs0C3ehpROEl2T-mZ9oTlwMsLfLKmUWKTH6loLt-qQDLOrDG0urCLjxOJNCJbEwB-U-RMNoLsPIcvOnXEmOgmCqZVMiOFdW4xJXV8yyqWCmGAjSRDE_N21elSsLvn4oqvN2j1f_w_-oq4jBYWJqbwrG6jJW4mkGda4u0LR1qKyQ4fie1NRh3E_9PIGoa8YyOJ69ytd4TkDmBCSl3_fZayz_oRcBxdBF76IZfB-wzrTaIGasswBLTa5Jp6JI2gtBQVPJ_oyQJotrdP1z7f5DpZzu9JpYxmkjT_KJhVSRQRIi7n9nSWwFdzE2webzHbdl3820skmexHbxJ9F3fZzNpR76Ojy_v6ggdIM0pBfCtm7eE6kgMydAMH9-JdQklHNkHxjGAs4x1vX9FMiLcHMiEGrKlivwh5C-wbGfW0BkwMit5CvXqa5CtnPxf_4IDt2oC8qIYDltfayQx0nKgiy1dleGc6rkL8Gitr30GR8i6rajztf3PE25B8NmRI3xPnoTV&sai=AMfl-YTtCs8-5GfMhxNAZ6ItXB9g2k-8ckrI4en_8ubZ8WLUFEASkksAhlzV0iVzRznsqC3PoRMlL_gSVbnr9mvMv3kOY91NmDDszRkcCuEwLVaXKBRAS02gwTsNGQ34nEbG4NKLTSNlMEHU25_GsmBrH0Na5M8_caRwlxvVvCjcbbOrQWcSyHbvVz3Ksqx-WIJtE5IxfD_nKwen8-I4fhPHzSZdqYIOyofdrlZVXL2014LUZ_EgqoKnd545MUk&sig=Cg0ArKJSzOsdGz0lSaFtEAE&uach_m=[UACH]&pr=6:0.322721&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=590&vt=11&dtpt=445&dett=3&cstd=131&cisv=r20231002.34195&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sync
ssbsync.smartadserver.com/api/ Frame FBF2 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Wed, 04 Oct 2023 14:39:53 GMT
cookiesyncendpoint
sync.aniview.com/ Frame C08F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=1&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=c478328da529e2ba086a7e1c54fc1&_fw_gdpr=1&_fw_gdpr_consent=
0
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=c478328da529e2ba086a7e1c54fc1&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.2.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-2-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Wed, 04 Oct 2023 14:39:53 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 04 Oct 2023 14:39:53 GMT
Expires
Wed, 04 Oct 2023 14:39:53 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=c478328da529e2ba086a7e1c54fc1&_fw_gdpr=1&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1696430393256096-547
auto-user-sync
ads.stickyadstv.com/ Frame C4B3 		43 B
624 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 04 Oct 2023 14:39:53 GMT
Expires
Wed, 04 Oct 2023 14:39:53 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1696430393331012-388
cookiesyncendpoint
sync.aniview.com/ Frame 39DB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=200&key=OPTOUT
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=200&key=OPTOUT
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.2.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-2-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Wed, 04 Oct 2023 14:39:53 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 04 Oct 2023 14:39:53 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=200&key=OPTOUT
pragma
no-cache
cookiesyncendpoint
sync.aniview.com/ Frame B09D
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1696430392884-995932689369-001779-015-007148&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-0...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=3&key=GDPR
0
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=3&key=GDPR
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.2.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-2-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Wed, 04 Oct 2023 14:39:53 GMT

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.file.io/
age
0
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 04 Oct 2023 14:39:53 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=3&key=GDPR
server
nginx
via
1.1 varnish
x-varnish
104202741
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D7B2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D1%26key%3D
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51924
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 04 Oct 2023 14:39:53 GMT
expires
Thu, 05 Oct 2023 05:05:17 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 5ADD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D18%26key%3D%24UID
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 04 Oct 2023 14:39:53 GMT
X-Sovrn-Pod
ad_ap1sea1
sync
ups.analytics.yahoo.com/ups/58815/ Frame DEBE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
0
date
Wed, 04 Oct 2023 14:39:53 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
usync.html
eus.rubiconproject.com/ Frame DF7B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Oct 2023 14:39:53 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 04 Oct 2023 14:39:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
cm
u.openx.net/w/1.0/ Frame A213 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D23%26key%3D
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Wed, 04 Oct 2023 14:39:53 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cookiesyncendpoint
sync.aniview.com/ Frame E4D0
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D105%26pid%3D59c9148...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
0
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.2.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-2-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Wed, 04 Oct 2023 14:39:53 GMT

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Wed, 04 Oct 2023 14:39:53 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
server
envoy
x-envoy-upstream-service-time
1
merge
ce.lijit.com/ Frame 6C05
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D52%26key%3DBUYERUID
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-35d8db48-ab35-3e70-a712-4c699231070f&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-35d8db48-ab35-3e70-a712-4c699231070f&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0zNWQ4ZGI0OC1hYjM1LTNlNzAtYTcxMi00YzY5OTIzMTA3MGYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk2NDMwMzkyODg0LTk5NTkzMjY4OTM2OS0wMDE3NzktMDE1LTAwNzE0OCZiaWRkZXJuYW1lPTUyJmtleT11YS0zNWQ4ZGI0OC1hYjM1LTNlNzAtYTcxMi00YzY5OTIzMTA3MGYyAgwgOAE=
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Wed, 04 Oct 2023 14:39:53 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-MERGE
GDPR Optout true
X-Sovrn-Pod
ad_ap4ams1

Redirect headers

cache-control
no-store
content-length
0
date
Wed, 04 Oct 2023 14:39:53 GMT
expires
0
location
https://ce.lijit.com/merge?pid=279534&3pid=ua-35d8db48-ab35-3e70-a712-4c699231070f&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0zNWQ4ZGI0OC1hYjM1LTNlNzAtYTcxMi00YzY5OTIzMTA3MGYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk2NDMwMzkyODg0LTk5NTkzMjY4OTM2OS0wMDE3NzktMDE1LTAwNzE0OCZiaWRkZXJuYW1lPTUyJmtleT11YS0zNWQ4ZGI0OC1hYjM1LTNlNzAtYTcxMi00YzY5OTIzMTA3MGYyAgwgOAE=
pragma
no-cache
cookiesyncendpoint
sync.aniview.com/ Frame 6F11
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=55&key=7770374247560168041
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=55&key=7770374247560168041
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.2.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-2-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Wed, 04 Oct 2023 14:39:53 GMT

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
f2690059-c3f2-4763-9a1a-1ea12bc7d828
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 14:39:53 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=55&key=7770374247560168041
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid&user_id=1696430392884-995932689369-001779-015-007148&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.148.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-148-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.148.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-148-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.file.io&rs=www.file.io&sid=84254&t=1696430392&cip=195.206.105.132&sn=&tgt=0&osv=10&bv=117.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=38ec9aaf9c6c6673184c3d317ae8a5a4&d63=38ec9aaf9c6c6673184c3d317ae8a5a4&aafaid=&proto=https&uid=1696430392884-995932689369-001779-015-007148&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.132&cb=8368221070&d39=&d65=&d66=8.4.2&d74=&d56=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=195.206.105.132&cd18=47.40440&cd17=8.43630&d9=1000&d37=realtime&pt=2&d66=8.4.2&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=63f7530d2bdf8c59ab0dcf13&cpid=611a1881cd22c87dcd063d22&str=viewable&cmssynd=%5B%5D&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1696430393214&asid=641d8df98739524e9f0f45e3%2C5ff48b20d0a41e5853490d69%2C5ff87336239c6c7fd600e1b5%2C619f58d1f078ac47ae2508f5%2C5ff6ed8d06e9773265718a49%2C633ae81e14ba3a033d3a0fd6&ofpr=%2C0.49%2C0.49%2C0.49%2C0.49%2C&fpo=%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.90.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-90-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.file.io&rs=www.file.io&sid=84254&t=1696430392&cip=195.206.105.132&sn=&tgt=0&osv=10&bv=117.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=38ec9aaf9c6c6673184c3d317ae8a5a4&d63=38ec9aaf9c6c6673184c3d317ae8a5a4&aafaid=&proto=https&uid=1696430392884-995932689369-001779-015-007148&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.132&cb=8368221070&d39=&d65=&d66=8.4.2&d74=&d56=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=195.206.105.132&cd18=47.40440&cd17=8.43630&d9=1000&d37=realtime&pt=2&d66=8.4.2&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=63f7530d2bdf8c59ab0dcf13&cpid=611a1881cd22c87dcd063d22&str=viewable&cmssynd=%5B%5D&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1696430393215&asid=60bdce680f40fe0656405224%2C61c0681ef38da46e66702c44%2C64b7cb10abaef1a3420adea4&ofpr=%2C1%2C4&fpo=%2C%2C&ri=1%2C1%2C1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.90.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-90-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9C1D 		222 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:e600:584::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
da113d5c8af5bc0b2ef4a2ad0f7111caf9374be70bb5ee17ea2149bb66ae6ad2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvPYxns0v-pFIE-OmRtkdua4KbHHkdb7ipJa0b0v5uEdux9dl3MaSjBVwb1KbWfYkzhGfSXZqF5mNzM_Z1r3dr7Mg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
72053
last-modified
Tue, 03 Oct 2023 06:15:56 GMT
server
UploadServer
etag
"2c451b4cea8677f667082528635b3c88"
vary
Accept-Encoding
x-goog-generation
1696313756301486
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=/QfoAQ==, md5=LEUbTOqGd/ZnCCUoY1s8iA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
72053
accept-ranges
bytes
expires
Wed, 04 Oct 2023 14:49:53 GMT
avpb7.51.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9C1D 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a3.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:e600:584::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b769093a19d592ca037d008dc4c9093c775f9aabe3dd94d8c5667f4ce678fe56

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvo-euKpMY6Iezwo7CYXlnG2fPNBPkV7wThu0kxqhra15eVtMqiOKmom2SE76HJuFaUkMd7m-z8zlms_Vp4Br4k7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21046
last-modified
Tue, 03 Oct 2023 06:15:56 GMT
server
UploadServer
etag
"3b6dde462e4cb1892019a946816992f5"
vary
Accept-Encoding
x-goog-generation
1696313756327067
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=+s+rew==, md5=O23eRi5MsYkgGalGgWmS9Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21046
accept-ranges
bytes
expires
Wed, 04 Oct 2023 14:49:53 GMT
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9C1D 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:e600:584::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
fee3864ade0efb63463216c1d948e3f6ce4b856def993aa107faa2ba7a059969

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu2fX0QmnHL1MwDSkdf2I6JxjmeV98QcRTeSTGYhrVSeNRxO_Koex8CbiF8vLPFR2xJM81eMQMMKC1lbCVMCejl74fn8oaG
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23158
last-modified
Tue, 03 Oct 2023 06:15:56 GMT
server
UploadServer
etag
"114c35862d75f7b41ded03067304982e"
vary
Accept-Encoding
x-goog-generation
1696313756318416
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=qk/urA==, md5=EUw1hi1197Qd7QMGcwSYLg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23158
accept-ranges
bytes
expires
Wed, 04 Oct 2023 14:49:53 GMT
avpb7.51.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9C1D 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a4.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:e600:584::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
02bc356eb76e07148556c04423a5b9fca14e665572e2b26a67ddd6e91f30f41e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsJLKjv3kienRtVzKaWLV2HU7jA_j0VDrQZPv5IsjRghDRk9p3YUFe71lE4NMf7M9_Gy1FPMd2ZpcMD_gsp0Cc9qA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21452
last-modified
Tue, 03 Oct 2023 06:15:56 GMT
server
UploadServer
etag
"260fa8412de47334473ae84c3db8cf17"
vary
Accept-Encoding
x-goog-generation
1696313756337381
x-goog-hash
crc32c=AQCUgQ==, md5=Jg+oQS3kczRHOuhMPbjPFw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21452
accept-ranges
bytes
content-type
text/javascript; charset=UTF-8
expires
Wed, 04 Oct 2023 14:49:53 GMT
avpb7.51.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9C1D 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a1.js
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:e600:584::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
faf6dbe465a4d62df2472ca6a0069afb413923aea09c4f2dc85093b62dbcd794

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt2UPgaD3sp7Q1uAzyZngBzT9kuY1SI1ZU3QiDcDRw_G0sKbFarGDEwYeteiS5OaBaC4jsy0o21j2ZyrOccdyhmRaSfURSA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21028
last-modified
Tue, 03 Oct 2023 06:15:56 GMT
server
UploadServer
etag
"4cd04832d4e74e0cc25273c5c7f5b714"
vary
Accept-Encoding
x-goog-generation
1696313756300185
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=97thXw==, md5=TNBIMtTnTgzCUnPFx/W3FA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21028
accept-ranges
bytes
expires
Wed, 04 Oct 2023 14:49:53 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 9C1D 		28 B
306 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.50.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-50-67.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
953841
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0CCE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
209211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 04:33:02 GMT
expires
Tue, 01 Oct 2024 04:33:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame CB4B 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
659e352c4ae83f9f32e7da63ec5a7ff152b5b2590d0df35cd181c160629f1b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5725
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame DF7B 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
505951a64db6a022566f5a00c860ab78c11b99e53cc8f3ac2af43c87b93d0992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 14:39:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Oct 2023 02:48:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43747
Connection
keep-alive
Content-Length
10463
Expires
Thu, 05 Oct 2023 02:49:00 GMT
fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
pagead2.googlesyndication.com/bg/ Frame 0CCE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
68500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14789
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 19:38:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14FC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGjyIOHkdZce0GfKOjuwP_qW2yA4AAAAAOAHgBAI&bg=!Hh2lHVLNAAZN1Q_XbdU7ADQBe5WfOI8FnUoLGVdRiNEeweXF9sw5JkNua_DIfpycD007AeMxQqzElUQ8kQ1dwkbOrF12AgAAAeBSAAAAB2gBB5kCy-HqPIB7LOlFGqjHJS_dWxaQ21a2qOkhqKWnbSBWIfgxUGayWPyupvfs129mxjPpvyEI21C3eM2vaeDZ5jDN0uWSW0Qddhq6-3irpSTh5H2bzpd9V7WbntoQ8w5Vi4dsGtldn1lzXbUuOx6FOFd2yrJ7PwWRe6Phuhqa8NyB9uC25BfXyj4dMoAbwZUfgKsp4KpxgaJWByqPt2Lp4kQEROqSJnsF4CemL1wiE85qcQkn3QmorjqkuM_gKZrhLltq04B691Q0FDLwAkVHgI7qfLdeims2GL9IN1GZu-AeQMWonzuQ-6FsV4NLLAZRTrFkbAKUL4n5-qwCKIgfubVas62Rqyb19W88-etWQFyTcGh7kRPlD7deZj9WPRWJNRFsURoyfFGKdHNLz5ZLdgf_RKumX1vkMIU3FqdjjB1dElevZb791VT89cIA5K5Mwui2dIqrvdvRJLZhJXS0OLqEsJKTcKVS6CTmx4VyU6EmSHwAf4XdyRp6eg1aOdtPXh6phcZWKetKLoSjcVZnwpvovO9f6X2SzI6Fm4uzYujYqUmTBiXJX4mdB6p2abeoCR8DcppmS0MyFF-s4pHdubOxCE2yjwAkZPhKNuv7Y3QjkXgRLiBW-5_7EQ-_y2hCPInob5uU5R6cJoCtr3UoaPpuHLNdHf3aKZ4ncxnnu_g7BPLtGpQgtbdAKyPZqjyF1W_3m5PlNkj9LTqIaG4imZ0RpfC6oxkycLPBTfYDJ3EVoHH4NI42bmMaLRDeor3jtzU4uGUJtHmWofJ2fN3zTvxfvPrlRtDANuaCaSq_eI08oiiFFVRhbLgjK8-2AA_Xd-op2d33ULZdbyxmMCVdOMWr18Z0FQszRRDQzQ30mLIkBuJccdsZD8LcH5OTG71faK_4qD90uSVpDK47SC1lKWEtABYd4D_i_2unTNvxPpj-xnTJf9rmGVpgbifXZRo
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CB4B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 14:39:53 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 9C1D 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
258be9012d3f4b956b612bf93a5bd490204f773985851f32136fd6c5fd9f7fa8

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.file.io
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 9C1D 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1696430393421&_fw_bidfloor=0.49&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-1196509991&_fw_us_privacy=1---&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220fdd764f-f679-49c3-884c-a405bf0bb301%22%2C%22atype%22%3A1%7D%5D%7D%5D&withOMSDK=true&loc=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&playerSize=440x247&video_context=instream&video_placement=3&video_plcmt=2
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:53 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1696430393362094-531
Expires
Wed, 04 Oct 2023 14:39:53 GMT
v1
prg.smartadserver.com/prebid/ Frame 9C1D 		910 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0e7fe9d5cc55ddae9a867d72f398da2adb4f9d9eed7ad7a03f2c2ac73610b08f

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 9C1D 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.51.0&cb=84906552333&lsavail=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:53 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 9C1D 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ Frame 9C1D 		353 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU322PTV
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
67ad3736df767da9e9f56e26b42da4db10b374c6b8d944a6a583f7683a4fec76

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Oct 2023 14:39:53 GMT
analytics
api.edkt.io/ 		0
128 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Edkt-Load-Id
7dd93387-0515-4318-866a-c9561bf06d97
Referer
https://www.file.io/
X-Edkt-Api-Key
64592fcd-3944-4c12-b4a7-252328e431a7
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
via
1.1 google
server
Google Frontend
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
cache-status
uncacheable
vary
Origin
access-control-max-age
86400
content-type
text/html
access-control-allow-origin
https://www.file.io
x-cloud-trace-context
46c1b25db68d482ee47b331dfbe3fb3c
access-control-allow-credentials
true
cache-id
ZRH-2b6c94ca
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
analytics
api.edkt.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-edkt-api-key,x-edkt-load-id
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-edkt-api-key,x-edkt-load-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.file.io
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-id
ZRH-2b6c94ca
cache-status
uncacheable
content-length
0
content-type
text/html
date
Wed, 04 Oct 2023 14:39:53 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
c2a1614c4f29907ca28c74117d492f8c
60003574_20230919235243136_39_42_kw_970x250_sale_bg_1.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame CB4B 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230919235243136_39_42_kw_970x250_sale_bg_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6be2b90cd65a5816c3b9c7e197f8a2981eb0f52866cc33be47e8d0f2c1be4ab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:59:47 GMT
x-content-type-options
nosniff
age
27606
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14207
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 06:52:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 06:59:47 GMT
truncated
/ Frame CB4B 		320 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4857c3f329de57cf39a5823125b7d9a9d4cbbb290284d940f2ebfa5880282e6a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame CB4B 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86532733126528affb771ea7ca7b35d172d5dfc850aebaff0bfc6484cf5bea3e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame CB4B 		322 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29d5354479b51a59429aceb202a9e68c5ad9050be0a43ab75bb149b9b3a3473c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
GeogrotesqueXComp.woff2
s0.2mdn.net/creatives/assets/4902406/ Frame CB4B 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4902406/GeogrotesqueXComp.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f04f5b9ee8bfeaba95049646865e4163a92ba767cea569902e81a713c0301b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3732934259778781184/style.css
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:35:57 GMT
x-content-type-options
nosniff
age
236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19808
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:29:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 14:50:57 GMT
Geogrotesque_normal_400.woff2
s0.2mdn.net/creatives/assets/4902406/ Frame CB4B 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4902406/Geogrotesque_normal_400.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3732934259778781184/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef0adb856579b963b6049d94d5e020105cf548fd2356581f94a80b8c39da1074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3732934259778781184/style.css
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:35:57 GMT
x-content-type-options
nosniff
age
236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22172
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 13:29:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 14:50:57 GMT
60003574_20230912022816992_sublogo_39-42_kw_sale.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame CB4B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230912022816992_sublogo_39-42_kw_sale.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af2480826101ec09f9c56ba13cd54222179507157669af69f06014c19e9275a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 03:50:41 GMT
x-content-type-options
nosniff
age
38952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7105
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 09:28:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 03:50:41 GMT
60003574_20230920061315694_39_kw_acer_spin5.png
s0.2mdn.net/ads/richmedia/studio/60003574/ Frame CB4B 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60003574/60003574_20230920061315694_39_kw_acer_spin5.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b64e19e0439536b40f9a916285f5972a9eacba4946c229e426b24daf3441f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3732934259778781184/index.html?e=69&leftOffset=0&topOffset=0&c=ileDoakjt1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:20:28 GMT
x-content-type-options
nosniff
age
33565
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42429
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 13:13:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 05:20:28 GMT
khaos.json
token.rubiconproject.com/ Frame DF7B 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LNBUUS3F-L-G04A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame D3E0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
5199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 13:13:14 GMT
cookiesyncendpoint
sync.aniview.com/ Frame DF7B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&gdpr_consent=undefined&gdpr=0&khaos=LNBUUS3F-L-G04A
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LNBUUS3F-L-G04A&gdpr=0&gdpr_consent=undefined
0
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LNBUUS3F-L-G04A&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
44.217.2.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-2-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LNBUUS3F-L-G04A&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B27A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ8cIOHkdZcbuH8TAx_APhaSsiA4AAAAAOAHgBAI&bg=!r6ylrOPNAAZN1Q_XbdU7ADQBe5WfOP2RywlOqEPEC632fEINGMadJvG7zQeNe1ZYKKEMdYp7YKRLxGrScWpoNLhMyLndAgAAAZJSAAAAB2gBBwoAvX2F-uB5_uwW4I8i97QFNEYnrFJRL8JSmNoEDDxHCeTU2WhEURruKK25WJ03nFbXbIoevQ0ShBkkQQoedupjPMpRQkSYJKlVviDRzvjxwbXauvxM3rNLRZEWM3eh9mpDRfFFKDo6ASZQwhwTpLTZJattCuMxEqhOFSprNwFCOlqT7oNcRjBR0TB_u_g2NzEWJKZAuIuxbm7fYco3lPDwRO3oaUww3Wu2LBuySYFkxXEeeeBPghdwUGAaHJj1FpkCwu2RYTG95N38sI5McXhZ4IlwoyOfKt8xT5vTyuuoTm4zwOBwTBJ4-YdTlhc3w2SS-Z1HirLYNtdUG59Un-HNyXt44BDFeToVgQBGRtR9NR7U9eASNnbGadSPHgJ9oGm5fCoGVhF3j9IZKiTOGGegO0DnvNKa2YFUXehH5JOZXfXzOcNFqvc15UALDedyxgHC9pp9wmurCaPxaHiEbu2tqCH9clXGam5cFwYaWg0NYlGBfcfVztCzRAHsRLOlSku_vZHlV2UIy9RhXl83Q1BT4oszgpVh1bySnHifyIB1_EIui3D0WqJzGGkAwG8URFrRSwJoHyEMuTHvH_VDeaOMMTOD8gGnYvsg11e9UR088WvmpAQfvALEyZDxRddy6RbaLRI7Eks-gRdwJHLz8kz-cudlhQcREJQ65uoUQCj1OCRFe4k-psAhBBZemIA4hfU5lGrF1K8eGoUne0YfFxcnxa_jHKeQuWR5EFXafRPlnVF7FKNmuK_2qyEzJyoqTptPwp978RIzUe0MNomXblvIlw2Nr8FmTU4I2if1HDrCnJLVOzAJSQ1XTloWe9BD7WQzv9_-DG-Y4YA0IECP0qFitN3xhFoKmnRFXXJxrklOXHZDgEtlOAVPzejg5I2OVrH-O8WMUGI1vwgk4DMlnCU4fLZ9y3HXsqsLJ6yoAhYSeGMiQNNgjP8xJpZn7WwODZtUposx552NjdXXOuL5u50Lh8isAOLSu55zL_QTelei-_oUHpPxD_Mqt9QQuAPXT0bWQGpLKUhsvHr5XaTqkX3IumKV_bSDVCC6bNcD0cqNYSdtJd32nnwvSsXlmDHOAxUIb09ntmr9M_kWQ7RzftsgVNlK3K2FIcnAPPJRgObWUA4-jdfPluqKidu9d_3zdjBeVvgfjUuZeVVAEKP1UuUQJ5vmcwN1VTt0fxMSiyXytuGXW2s
Requested by
Host: www.file.io
URL: https://www.file.io/deleted/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.file.io&rs=www.file.io&sid=84254&t=1696430392&cip=195.206.105.132&sn=&tgt=0&osv=10&bv=117.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=38ec9aaf9c6c6673184c3d317ae8a5a4&d63=38ec9aaf9c6c6673184c3d317ae8a5a4&aafaid=&proto=https&uid=1696430392884-995932689369-001779-015-007148&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.132&cb=8368221070&d39=&d65=&d66=8.4.2&d74=&d56=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=195.206.105.132&cd18=47.40440&cd17=8.43630&d9=1000&d37=realtime&pt=2&d66=8.4.2&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=63f7530d2bdf8c59ab0dcf13&cpid=611a1881cd22c87dcd063d22&str=viewable&cmssynd=%5B%5D&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1696430393667&asid=641d8df98739524e9f0f45e3%2C619f58d1f078ac47ae2508f5%2C5ff48b20d0a41e5853490d69%2C5ff87336239c6c7fd600e1b5%2C5ff6ed8d06e9773265718a49%2C633ae81e14ba3a033d3a0fd6&ofpr=%2C0.49%2C0.49%2C0.49%2C0.49%2C&fpo=%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.90.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-90-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.file.io&rs=www.file.io&sid=84254&t=1696430392&cip=195.206.105.132&sn=&tgt=0&osv=10&bv=117.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=38ec9aaf9c6c6673184c3d317ae8a5a4&d63=38ec9aaf9c6c6673184c3d317ae8a5a4&aafaid=&proto=https&uid=1696430392884-995932689369-001779-015-007148&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.132&cb=8368221070&d39=&d65=&d66=8.4.2&d74=&d56=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=195.206.105.132&cd18=47.40440&cd17=8.43630&d9=1000&d37=realtime&pt=2&d66=8.4.2&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=63f7530d2bdf8c59ab0dcf13&cpid=611a1881cd22c87dcd063d22&str=viewable&cmssynd=%5B%5D&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1696430393667&asid=64b7cb10abaef1a3420adea4&ofpr=4&fpo=&ri=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.90.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-90-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 9C1D 		28 B
305 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.50.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-50-67.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
426879
v1
prg.smartadserver.com/prebid/ Frame 9C1D 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
86d79fadeb12670407bb6ee5291ec8e3eb44daf231af1e3932208dde47cf6425

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 9C1D 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 9C1D 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1696430393685&_fw_bidfloor=0.49&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-1196507879&_fw_us_privacy=1---&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220fdd764f-f679-49c3-884c-a405bf0bb301%22%2C%22atype%22%3A1%7D%5D%7D%5D&withOMSDK=true&loc=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&playerSize=440x247&video_context=instream&video_placement=3&video_plcmt=2
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:53 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1696430393645049-583
Expires
Wed, 04 Oct 2023 14:39:53 GMT
cdb
bidder.criteo.com/ Frame 9C1D 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.51.0&cb=48820245504&lsavail=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:53 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 9C1D 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ce323e9fa7bc335c46aa84ed3abb5421f9b5e04fc9e0742505f9eeb111597884

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.file.io
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
action
www14.smartadserver.com/track/ Frame 2A7E 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www14.smartadserver.com/track/action?sid=1696430392448&pid=1143513&iid=8894466&fmtid=82113&cid=0&key=impressionsonepx&rtb=1&rtbbid=2203769346639107891&rtbet=0&rtblt=638320271915619835&rtbnid=3490&rtbh=19c3be8d2e5e5982011931b3f52deb0f4f66b94b&ts=1696430392448
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:52 GMT
transfer-encoding
chunked
content-type
image/gif
action
www14.smartadserver.com/track/ Frame 2A7E 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www14.smartadserver.com/track/action?sid=1696430392448&pid=1143513&iid=8894466&fmtid=82113&cid=0&key=viewcount&rtb=1&rtbbid=2203769346639107891&rtbet=0&rtblt=638320271915619835&rtbnid=3490&rtbh=19c3be8d2e5e5982011931b3f52deb0f4f66b94b&ts=1696430392448
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip65.ip-5-196-111.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
transfer-encoding
chunked
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CCE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bvb4FOHkdZbGlNLGVjuwP1rOCmAcAAAAAOAHgBAI&bg=!xMelx4jNAAZN1Q_XbdU7ADQBe5WfOC15EH8A6KfYIrwujANvCshF7zt3gNzn3xP1rUczl2wixQqAryNZ4aVdyKszEotRAgAAAP5SAAAABmgBB5kC5x3LWamy9D8KRQ98MOPusXZsFdU91VawR8R6j0_RRJyc5AeQfW58z2tUdTlbw8qH6ue6fLdw6HmfScaUiUlanmCiqutv38c_LjARzo7VqrJK2wlVASFLfhqKZUmEM-FqqiYx4MfzyQ-hw4PKpH4ndlh4Uzdmp1al2UbGtO4A1DeA3EPtX4XYPDAd2EJyDp7CNRNl4Woelln1T22oxqghDieyOZ2teVnNZy2B1rZeGbYz4PI7nK8L8FqHCQq7gUZ4me953RLupu1OdHSQE9VFY3g3s8QCIvkd1KQJzjsaUVzmLfIWKXEB0d5VLEl03O3VL4et4Ms5mBOuTY4dmvrycUMfg2PE__cc1COfFtW9PgDZNgDIMNn2YIQ2GnAqhhE4lipN1RVQQKWed9oSn6RggKjL8PfM-3_lQFU_Nt0E5yhDw7R-EApi8LMmHzzny8Ussu3wDxi6DXlNUqKcskFLGrF3Oe3cwPzXn9GVZiqG9h9qG6aUZXr4HKrHxmsX-mM7ugx5_EYrF8onkwSwjsIwq87ZIf_JCnHTPmkFYUGMc_E2VLd99skSthH3LxbVaF0Ggxa8Vc08HaVZPOzbUajuvfNzWEwLvXD-U4BY_H_T9nHcIeuqxSxEPeTw7Pf2M-JrYeJr7NOaBYXEJAEXATyLXNAFI3rxqaxsWHUWpCOX6itAkxw7EvlxASBxZrTiH4vs31u1gkMUuu1b4RYm_L1QeZSgldKnC9k5E41iNTeXKPEL0U_xHMBIps7SkKZFcSumxE88PoOzfzLSshGoMmc5x6Z0xBLKcjocB9Oor_JVq0rBthButg24obUAjtGBEC_wcz7kYxsuKC2PLsVZzNbTNyBSioYSRf5arWegybRvoz8WWnH9VnQJe_jAGbyoVw9R3WoBs59udgUfz6aLTWSEKWdWwMD-wXsZu1EUILuC5va4PULmRkOMvwb0lCxUfvas5B7gi-C1DRGDBwVZ39o1z93m_csDQugY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
page-data.json
www.file.io/page-data/signup/ 		0
650 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:44:55 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
WJG57VN2E12SA4YA
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
24899
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
B5GjYb3QmasV+c6oquKrdlmOgZGO9TRW/vvflSNDBV82Pyl78JYYcqFNYpqQpEe4sOKXcn0Et3I=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
IbWJ-Q2U7-GQJoKJ8EouDrfNDho-3WoRePeUZjajqCLVr_bKUUCFXQ==
page-data.json
www.file.io/page-data/index/ 		0
667 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 03:39:15 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
RQHEVWKT19XDWBSW
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
39639
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
eN1ZXUQJMn8+HSvAAz42ytdua76XhHiLkS3qlE4qj8XidoapmP6JHzYRxJxCEBavyqbHUdwAQds=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
LiWJ-PGI46f8L-A9X2RIphTIlMjnLiDNvTKrucwwoSOxr3MwRKA_2A==
page-data.json
www.file.io/page-data/plans/ 		0
654 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:44:55 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
FPW85W3TGS2VJYWE
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
24899
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
MyBcTLj8OkyBEPgKnRRXNSquzk9IvdcSyDr8GH1dcysR/mfyNCLGVo0IxMjELOXlQ+UunKjtGwI=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
5ehdamkhKk6P7HX_HKvt2nEqaouvWZRmks52HCYw1cpib3Fomw-PjQ==
page-data.json
www.file.io/page-data/about/ 		0
660 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:42:53 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
RRJPTFVGQJH0R90F
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
25021
x-cache
Hit from cloudfront
content-length
147
x-amz-id-2
xSKKlNnFsiBuWkSksWgC38NGx3CyS7yZmT4Rv2b7stko+qo64CduNFa/uxAkP50JGOBqzQyxlOU=
last-modified
Mon, 26 Jun 2023 16:00:02 GMT
server
AmazonS3
etag
"cfb91ae7cd0473e276a9361907a683fc"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
zIJaL3UwC87hYSyU86SM7XGyOI_GrIqBrEW9OTs8mn6pRvTS-TalPQ==
page-data.json
www.file.io/page-data/signup/ 		137 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:44:55 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
WJG57VN2E12SA4YA
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
24899
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
B5GjYb3QmasV+c6oquKrdlmOgZGO9TRW/vvflSNDBV82Pyl78JYYcqFNYpqQpEe4sOKXcn0Et3I=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
4Erxo5ld0yOlXO7e7DoyUMn23jOUY8tzRItzxK3VbE4gdQo8ixRfiA==
page-data.json
www.file.io/page-data/index/ 		154 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 03:39:15 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
RQHEVWKT19XDWBSW
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
39639
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
eN1ZXUQJMn8+HSvAAz42ytdua76XhHiLkS3qlE4qj8XidoapmP6JHzYRxJxCEBavyqbHUdwAQds=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
CMu4VOctA9jyf4XauQ7BeAAvHhz4-swX_PBVtKAGrvyDmIG2mUbZRQ==
page-data.json
www.file.io/page-data/about/ 		147 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:42:53 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
RRJPTFVGQJH0R90F
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
25021
x-cache
Hit from cloudfront
content-length
147
x-amz-id-2
xSKKlNnFsiBuWkSksWgC38NGx3CyS7yZmT4Rv2b7stko+qo64CduNFa/uxAkP50JGOBqzQyxlOU=
last-modified
Mon, 26 Jun 2023 16:00:02 GMT
server
AmazonS3
etag
"cfb91ae7cd0473e276a9361907a683fc"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
Uo6Um8Nc3WU453xxKuC6lhxIk04B0z6DzWgc8fcix27urjV_ufs0sA==
page-data.json
www.file.io/page-data/plans/ 		141 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:44:55 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
FPW85W3TGS2VJYWE
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
24899
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
MyBcTLj8OkyBEPgKnRRXNSquzk9IvdcSyDr8GH1dcysR/mfyNCLGVo0IxMjELOXlQ+UunKjtGwI=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
Lyhq20n6O86phONR7ZGfLILL7y3YHonPNVTDy3zzFK2Bam0amNE-lA==
component---src-pages-signup-js-fd1b49bd14e389fae668.js
www.file.io/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-signup-js-fd1b49bd14e389fae668.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 22:56:08 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
ABPJ8K8JYB5J4NEZ
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
1179826
x-cache
Hit from cloudfront
x-amz-id-2
0sWBKFx4nZ04a2W70sEKpP4/3Lpd8bB9m5k3Ui6mto//rt9GTjzXvNCa8BSI7lonjuzoJ/9Eio8=
last-modified
Mon, 26 Jun 2023 16:00:00 GMT
server
AmazonS3
etag
W/"ff348576400c36f50f410e7387c7ce32"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
N_Q71xkWtTpd1_4GSWEbgGgikzBhhZ6xLaNglhdHi2gkk5jM92_Ttg==
component---src-pages-index-js-7c9738f2f01d69461917.js
www.file.io/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-index-js-7c9738f2f01d69461917.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:19:52 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
C1B1AVXJ4V60AWNN
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
6038402
x-cache
Hit from cloudfront
x-amz-id-2
zkZenSZ78IBpvbq4xmRA2IHGDyTsAhKc9ohXXAXnaLrhB9k1ElnUvlOUkhxgQGxJIk9PCQH0WMM=
last-modified
Mon, 26 Jun 2023 15:59:59 GMT
server
AmazonS3
etag
W/"deb0e4da83ab96b61be0acee8e705b59"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
8GMAwP4MurPVfh-stwsr_pcFY3xEE4vJWlfy86HyMh4M_NqeYzTl0g==
component---src-pages-plans-index-js-a1b4f4dd8917abd3cd24.js
www.file.io/ 		0
970 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-plans-index-js-a1b4f4dd8917abd3cd24.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 01:22:01 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
2CQD366C93MDV6JT
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
7391873
x-cache
Hit from cloudfront
content-length
473
x-amz-id-2
ZXnT0fplV/RmgwTDjQ4e4XXdyayNWADpb7M3W9pfOlHM01QFwqgpwrAu11FZpyseXfbDN0TLWxQ=
last-modified
Mon, 26 Jun 2023 15:59:59 GMT
server
AmazonS3
etag
"7145b9473a208226d7636a9a75abd75c"
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Eqq7nYdC5w-I4SSGdgc3wRuk5d8ixguNQKxGICndSMo7XprGETZCqw==
component---src-pages-about-js-d5659205ab31e042f35a.js
www.file.io/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-about-js-d5659205ab31e042f35a.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:55:23 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
NTQ38BJJQK1A42A5
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
6036271
x-cache
Hit from cloudfront
x-amz-id-2
/SFEq9CE5HFfHtqjI1TPVkDtF+JAySPuQ1iUdK8dSoVMRsuwSEdKk/7DgOzmyFuMI6YesYfvrZI=
last-modified
Mon, 26 Jun 2023 15:59:57 GMT
server
AmazonS3
etag
W/"427e2ebf785382e93e1575e427b3970a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
Y1IBxqnTesijRNohpLWW7Bj0puyNqbmi8Ww9jmUqDJs8L9XRvciESg==
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.file.io&rs=www.file.io&sid=84254&t=1696430392&cip=195.206.105.132&sn=&tgt=0&osv=10&bv=117.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=38ec9aaf9c6c6673184c3d317ae8a5a4&d63=38ec9aaf9c6c6673184c3d317ae8a5a4&aafaid=&proto=https&uid=1696430392884-995932689369-001779-015-007148&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.132&cb=8368221070&d39=&d65=&d66=8.4.2&d74=&d56=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=195.206.105.132&cd18=47.40440&cd17=8.43630&d9=1000&d37=realtime&pt=2&d66=8.4.2&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=63f7530d2bdf8c59ab0dcf13&cpid=611a1881cd22c87dcd063d22&str=viewable&cmssynd=%5B%5D&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1696430393871&asid=641d8df98739524e9f0f45e3%2C5ff48b20d0a41e5853490d69%2C5ff87336239c6c7fd600e1b5%2C619f58d1f078ac47ae2508f5%2C5ff6ed8d06e9773265718a49%2C633ae81e14ba3a033d3a0fd6&ofpr=%2C0.49%2C0.49%2C0.49%2C0.49%2C&fpo=%2C%2C%2C%2C%2C&ri=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.90.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-90-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.file.io&rs=www.file.io&sid=84254&t=1696430392&cip=195.206.105.132&sn=&tgt=0&osv=10&bv=117.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=38ec9aaf9c6c6673184c3d317ae8a5a4&d63=38ec9aaf9c6c6673184c3d317ae8a5a4&aafaid=&proto=https&uid=1696430392884-995932689369-001779-015-007148&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.132&cb=8368221070&d39=&d65=&d66=8.4.2&d74=&d56=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=195.206.105.132&cd18=47.40440&cd17=8.43630&d9=1000&d37=realtime&pt=2&d66=8.4.2&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=63f7530d2bdf8c59ab0dcf13&cpid=611a1881cd22c87dcd063d22&str=viewable&cmssynd=%5B%5D&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&e=request&cb=1696430393871&asid=64b7cb10abaef1a3420adea4&ofpr=4&fpo=&ri=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.90.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-90-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 9C1D 		28 B
305 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583020&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=1&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.50.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-50-67.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
426887
cdb
bidder.criteo.com/ Frame 9C1D 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.51.0&cb=64983783549&lsavail=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:53 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 9C1D 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ff8669288bfe4433f7c0eded5ebda72e7d9d13ec3e2a9f3d440548ed1a8e973d

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.0.0
Content-Type
application/json
access-control-allow-origin
https://www.file.io
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
translator
hbopenbid.pubmatic.com/ Frame 9C1D 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 9C1D 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1696430393880&_fw_bidfloor=0.49&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-1196505962&_fw_us_privacy=1---&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220fdd764f-f679-49c3-884c-a405bf0bb301%22%2C%22atype%22%3A1%7D%5D%7D%5D&withOMSDK=true&loc=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&playerSize=440x247&video_context=instream&video_placement=3&video_plcmt=2
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:54 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1696430393824080-377
Expires
Wed, 04 Oct 2023 14:39:54 GMT
v1
prg.smartadserver.com/prebid/ Frame 9C1D 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
a3edbcf922580327075c17c9c271c4c0e7be382ce3aeb04b39f336c1c5ba63e7

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:53 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
activeview
pagead2.googlesyndication.com/pcs/ Frame 357F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvY62ibNOAU0IM_krd2ca6ISkqVPsBqbrIY9f7J8OZ0yenHbaOLqREotm32G0XHrG5gm6XieCj_3iiKoVCj_pThfzFDwS_qGU7NZpICuTQg6rs&sig=Cg0ArKJSzFFoLtVt-84CEAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696430391862&rpt=1143&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
id5-sync.com/api/config/ Frame 9C1D 		135 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame 9C1D 		63 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3e6c6d6d94558f06d6d87ac3e06280b23ef3602176b8bf16c54eb14e2be4e9aa

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 03 Nov 2023 14:39:54 GMT
checksync.php
contextual.media.net/ Frame 86EC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU322PTV&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bc0232cf395ae26672ce695f7a3b2667df263ac62eed523d98260dde320c61ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=97312
content-encoding
gzip
content-length
8026
content-type
text/html; charset=UTF-8
date
Wed, 04 Oct 2023 14:39:54 GMT
expires
Thu, 05 Oct 2023 17:41:46 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AD8B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&us_privacy=1---
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51923
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 04 Oct 2023 14:39:54 GMT
expires
Thu, 05 Oct 2023 05:05:17 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4044 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Oct 2023 14:39:54 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
9.gif
id5-sync.com/i/102/ 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 04 Oct 2023 14:39:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2762954008211025756&gdpr=0&gdpr_consent=
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2762954008211025756&gdpr=0&gdpr_consent=
Protocol
H2
Server
18.197.170.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-170-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2762954008211025756&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZR15OgAVNRlgagAN&gdpr=0&gdpr_consent=&_test=ZR15OgAVNRlgagAN
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZR15OgAVNRlgagAN&gdpr=0&gdpr_consent=&_test=ZR15OgAVNRlgagAN
Protocol
H2
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-fra-eddf8230122-FRA
pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1696430394.318782,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZR15OgAVNRlgagAN&gdpr=0&gdpr_consent=&_test=ZR15OgAVNRlgagAN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
p
a.audrte.com/
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Ym04ZGpjdlhBZnNReHEzMk5rLS1sRjdYdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGJtOGRqY3ZYQWZzUXhxMzJO...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=227586578612158718&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MD...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=bm8djcvXAfsQxq32Nk--lF7Xw&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=2762954008211025756&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Protocol
HTTP/1.1
Server
52.202.131.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-131-94.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 14:39:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 04 Oct 2023 14:39:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=148634829be78ea9fba0be8b52b4aec3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7286683455218905426&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AACQbU7KOvIAABkFBugagw&dataProviderId=817&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/148634829be78ea9fba0be8b52b4aec3?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-w4mtySxE2oOaawh4c1MWKHqEgtFPQKjGTMqOkwdV~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:54 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696430394529053-387
Expires
Wed, 04 Oct 2023 14:39:54 GMT
v1
match.sharethrough.com/universal/ 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.170.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-170-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
usync.js
eus.rubiconproject.com/ Frame 4044 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
505951a64db6a022566f5a00c860ab78c11b99e53cc8f3ac2af43c87b93d0992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 14:39:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Oct 2023 02:48:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43746
Connection
keep-alive
Content-Length
10463
Expires
Thu, 05 Oct 2023 02:49:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 9C1D 		33 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
33002871c65b860e5af646b691114a429475b4b35c33538c16287f20937e7c5d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
258.json
id5-sync.com/g/v2/ Frame 9C1D 		276 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
fcb53e9eca28a1567402412c95c9a0f151e5b6d78f13febfc82fb35181033418
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 7276 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnJcFaFZtXzwENnLEzpIn6qJNnqLxW0U_PxftenDHsiAPOT2mQ-RF-Ify0qXE-WLKEN7tyiB2xtwsrYaQ8M870AT2GKLMosCNJaArsJ6mFcDc&sig=Cg0ArKJSzMsnFSkRgiu1EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696430392652&rpt=609&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7276 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1985939251745&version=m202309260101&ct=76&x=60&cor=5510322065162006000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 04 Oct 2023 14:39:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
339121
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
210202
expires
0
prebid
id5-sync.com/api/config/ 		135 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3e6c6d6d94558f06d6d87ac3e06280b23ef3602176b8bf16c54eb14e2be4e9aa

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 03 Nov 2023 14:39:54 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
pbhid
id.hadron.ad.gt/api/v1/ 		141 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=288&_it=prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4e50f6369731d604310d1d5cc3f84a9c70b07f4267684d3a2ab33eacd81f24

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
810e2d4d19401e58-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
sync
eb2.3lift.com/ Frame 474C 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 04 Oct 2023 14:39:54 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame B7B5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
17072
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 04 Oct 2023 14:39:54 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 01 Oct 2023 09:55:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
173, 135868
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230039-FRA
X-Timer
S1696430394.481218,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 76F7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51923
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 04 Oct 2023 14:39:54 GMT
expires
Thu, 05 Oct 2023 05:05:17 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 398B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51923
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 04 Oct 2023 14:39:54 GMT
expires
Thu, 05 Oct 2023 05:05:17 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
load-cookie.html
elb.the-ozone-project.com/static/ 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391732&bidder=ozone
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfac3932e966c0873d6670efcbfe546f6b02d37dc79b014766b18041d1f50328

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 03 Oct 2023 10:42:33 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
810e2d4d598d23af-ZRH
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame F8E8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
17072
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 04 Oct 2023 14:39:54 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 01 Oct 2023 09:55:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
173, 135954
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230075-FRA
X-Timer
S1696430394.489385,VS0,VE0
sync
eb2.3lift.com/ Frame 6007 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 04 Oct 2023 14:39:54 GMT
load-cookie.html
elb.the-ozone-project.com/static/ Frame 3109 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45c0e6bfa1fcb1ea85c217ef2b4a3207a28bf5c8191803d13d6a782798d3b66

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
810e2d4d3dc901fc-ZRH
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 14:39:54 GMT
expires
0
last-modified
Tue, 03 Oct 2023 10:42:33 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
712068.gif
idsync.rlcdn.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/712068.gif?partner_uid=34cc14b8-f498-4f3c-ad04-c395ffd5712a&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5108559730125016522
49 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5108559730125016522
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-141
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5108559730125016522
Date
Wed, 04 Oct 2023 14:39:54 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=4675a75b-4262-489b-9956-4e00d71e4528&google_hm=NDY3NWE3NWItNDI2Mi00ODliLTk5NTYtNGUwMGQ3MWU0NTI4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBAkxFA4qEpg03bGRfTnWDo&google_cver=1&ssp=sonobi&bsw_param=4675a75b-4262-489b-9956-4e00d71e4528
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=&gdpr_consent=&us_privacy=
49 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-141
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 04 Oct 2023 14:39:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
c.gif
c.bing.com/ 		42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=STMS_pd&uid=34cc14b8-f498-4f3c-ad04-c395ffd5712a&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 49719416A9084AF6BEEFD78B63375C59 Ref B: ZRHEDGE1817 Ref C: 2023-10-04T14:39:54Z
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNBUUS3F-L-G04A&gdpr=0
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNBUUS3F-L-G04A&gdpr=0
Protocol
H2
Server
18.197.170.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-170-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNBUUS3F-L-G04A&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
generic
match.adsrvr.org/track/cmf/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
server
Kestrel
content-length
70
content-type
image/gif
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=b8Gt1GkdkdSRthLH0q5C&pi=sonobi&tc=1
49 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=b8Gt1GkdkdSRthLH0q5C&pi=sonobi&tc=1
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-141
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=b8Gt1GkdkdSRthLH0q5C&pi=sonobi&tc=1
pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT, Wed, 04 Oct 2023 14:39:54 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=676b3b9a-287d-4a47-b04b-9602ef896cfe&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=OVR1OXpJNHp4UTgyVU50S0ppZ194QQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEdbwo5GWssQpifOwc-Rub8&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=aqOaU9LBSw9J
49 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=aqOaU9LBSw9J
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-141
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=aqOaU9LBSw9J
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-b6f574bf6-f6rpt
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=d5cd2d15-0a4c-4481-a3ab-bf8382769834
49 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=d5cd2d15-0a4c-4481-a3ab-bf8382769834
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-141
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=d5cd2d15-0a4c-4481-a3ab-bf8382769834
Date
Wed, 04 Oct 2023 14:39:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
server
Kestrel
content-length
70
content-type
image/gif
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-141
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Wed, 04 Oct 2023 14:39:54 GMT
server
Apache-Coyote/1.1
content-length
0
ecm3
s.amazon-adsystem.com/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=34cc14b8-f498-4f3c-ad04-c395ffd5712a&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Oct 2023 14:39:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RXBEAJ8Y00SM5TD809J6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
match.bnmla.com/ 		0
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
33002871c65b860e5af646b691114a429475b4b35c33538c16287f20937e7c5d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 357F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4147951328006&version=m202309260101&ct=76&x=6&cor=4355175450309928400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
258.json
id5-sync.com/g/v2/ 		276 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
75f30ecfa18f9624c733d7e49fbb7e7026e1ab12c7389687a4ce4222396bd7f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Wed, 04 Oct 2023 14:39:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ Frame 3109 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
810e2d4e0935f0bf-CDG
cookie_sync
elb.the-ozone-project.com/ Frame 3109 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5a60f2190e333ff5ed63be506c8112b65d287aeed5562dedf783f8f56049e38

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
810e2d4dbe6e01fc-ZRH
expires
0
cookie_sync
elb.the-ozone-project.com/ Frame 42F5 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee812c52f65ce51ad07e28649637f05e8d525c5ecfb1796b10d8b5edfdae3607

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
810e2d4e0f0e01fc-ZRH
expires
0
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ Frame 42F5 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://www.file.io/
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
810e2d4e0938f0bf-CDG
async_usersync
ib.adnxs.com/ Frame B7B5 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
an-x-request-uuid
dc5bd755-7d82-4675-be69-cf171f25e8e6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F8E8 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
an-x-request-uuid
fa4d952c-a5e7-4dd5-a682-250307404e7e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B560 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9142203151122&version=m202309260101&ct=76&x=6&cor=17994456145118480000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame 3109
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-w2mB5EtE2uHcrnlToLaRDxaBv8AbllbLy71Mk58-~A&gdpr=0
0
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-w2mB5EtE2uHcrnlToLaRDxaBv8AbllbLy71Mk58-~A&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d4e4f8a01fc-ZRH
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-w2mB5EtE2uHcrnlToLaRDxaBv8AbllbLy71Mk58-~A&gdpr=0
date
Wed, 04 Oct 2023 14:39:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
www.file.io/cdn-cgi/ Frame 42F5 		500 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40911705ab9142b3dba4fb853310962c494694ac70e15dce99557475d35ea2db

Request headers

Referer
https://www.file.io/deleted/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type
application/json

Response headers

date
Wed, 04 Oct 2023 09:08:22 GMT
content-encoding
gzip
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
last-modified
Mon, 26 Jun 2023 15:59:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
19892
x-amz-server-side-encryption
AES256
etag
W/"5005913b9dde303ae1924b0487b70267"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
lsvoZrCGAw74Fv_yGukPHhq5VgQVB1EhhL45kVncmj2y5OJoR_3rLg==
pbs-user-sync
ads.stickyadstv.com/ Frame 5022 		322 B
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d76d07c667dab8d3ba7c32a38f291d3dfc46dc2e70d53995080eec9bf4620c70

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
322
Date
Wed, 04 Oct 2023 14:39:54 GMT
Expires
Wed, 04 Oct 2023 14:39:54 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1696430394602039-565
setuid
elb.the-ozone-project.com/ Frame 3109
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=227586578612158718
0
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=227586578612158718
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d4f79f701fc-ZRH
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=227586578612158718
date
Wed, 04 Oct 2023 14:39:54 GMT
server
nginx
content-length
0
content-type
text/plain
generic
match.adsrvr.org/track/cmf/ Frame B3E0
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTQ4NjM0ODI5YmU3OGVhOWZiYTBiZThiNTJiNGFlYzM=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIMjqKeLm_HNEHchtldSvXM&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Wed, 04 Oct 2023 14:39:54 GMT
server
Kestrel

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 04 Oct 2023 14:39:54 GMT
Expires
Wed, 04 Oct 2023 14:39:54 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1696430394757004-556
setuid
elb.the-ozone-project.com/ Frame 82B3 		0
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
810e2d4eb84a01fc-ZRH
content-length
0
date
Wed, 04 Oct 2023 14:39:54 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
setuid
elb.the-ozone-project.com/ Frame 42F5
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dconversant%...
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=368da48d5c701941&is_secure=true&version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-...
  • https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAIICO91l2DowNf_ivNAAAAAAA&expiration=1696516794
0
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAIICO91l2DowNf_ivNAAAAAAA&expiration=1696516794
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d50bc2c01fc-ZRH
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://elb.the-ozone-project.com/setuid?bidder=conversant&gdpr=0&gdpr_consent=&uid=AAAIICO91l2DowNf_ivNAAAAAAA&expiration=1696516794
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
setuid
elb.the-ozone-project.com/ Frame 3109
Redirect Chain
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=8cab3cf7-eaa7-45dd-a917-dd18974a702a
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=8cab3cf7-eaa7-45dd-a917-dd18974a702a
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d51de1e01fc-ZRH
content-length
0
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=8cab3cf7-eaa7-45dd-a917-dd18974a702a
Date
Wed, 04 Oct 2023 14:39:55 GMT
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
Content-Length
151
Content-Type
text/html; charset=utf-8
PrebidServer
crb.kargo.com/api/v1/dsync/ Frame 42F5 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.141.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-141-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
x-accel-expires
0
content-length
0
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 UTC
SPug
simage4.pubmatic.com/AdServer/ Frame 1661 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
elb.the-ozone-project.com/ Frame 42F5
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=227586578612158718
0
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=227586578612158718
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d51ee4e01fc-ZRH
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=227586578612158718
date
Wed, 04 Oct 2023 14:39:55 GMT
server
nginx
content-length
0
content-type
text/plain
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A63F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51922
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 04 Oct 2023 14:39:55 GMT
expires
Thu, 05 Oct 2023 05:05:17 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
elb.the-ozone-project.com/ Frame 42F5
Redirect Chain
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=8cab3cf7-eaa7-45dd-a917-dd18974a702a
0
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=8cab3cf7-eaa7-45dd-a917-dd18974a702a
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d529f6101fc-ZRH
content-length
0
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=8cab3cf7-eaa7-45dd-a917-dd18974a702a
Date
Wed, 04 Oct 2023 14:39:55 GMT
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
Content-Length
151
Content-Type
text/html; charset=utf-8
pbs-user-sync
ads.stickyadstv.com/ Frame 6778 		322 B
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d76d07c667dab8d3ba7c32a38f291d3dfc46dc2e70d53995080eec9bf4620c70

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
322
Date
Wed, 04 Oct 2023 14:39:55 GMT
Expires
Wed, 04 Oct 2023 14:39:55 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1696430395192098-503
PugMaster
image6.pubmatic.com/AdServer/ Frame A63F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33718741&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e4a97870a782fb577997ce5c52abc715ef303f1b1994283a0ad22bae3f1a1816

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 04 Oct 2023 14:39:55 GMT
content-length
1924
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 08B8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286113066477353110&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286113066477353110&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 04 Oct 2023 14:39:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286113066477353110&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 1E5B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5ae7f1d1-987f-4831-af60-32b85110345f&expires=1&user_group=2&ssp=pubmatic&bsw_param=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 14:39:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 04 Oct 2023 14:39:55 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4675a75b-4262-489b-9956-4e00d71e4528&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 9E0E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gXXf2Fl8XqJBI9dANIBNMMPOaYQ&gdpr=0&gdpr_consent=
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gXXf2Fl8XqJBI9dANIBNMMPOaYQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 04 Oct 2023 14:39:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gXXf2Fl8XqJBI9dANIBNMMPOaYQ&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 16A8 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 04 Oct 2023 14:39:55 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230122-FRA
x-timer
S1696430395.328038,VS0,VE92
Pug
simage2.pubmatic.com/AdServer/ Frame 323F
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 14:39:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 04 Oct 2023 14:39:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 083D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDUWJVN0tPdklBQUJrRkJ1Z2Fndw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AACQbU7KOvIAABkFBugagw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACQbU7KOvIAABkFBugagw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACQbU7KOvIAABkFBugagw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2762954008211025756&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACQbU7KOvIAABkFBugagw&gdpr=0&gdpr_consent=
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACQbU7KOvIAABkFBugagw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 04 Oct 2023 14:39:55 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACQbU7KOvIAABkFBugagw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
setuid
elb.the-ozone-project.com/ Frame 8228 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=844E5247-9E5D-4BC5-A15C-1075184A440C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
810e2d52cfbf01fc-ZRH
content-length
0
date
Wed, 04 Oct 2023 14:39:55 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A63F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hE5SR55dS8WhXBB1GEpEDA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:55 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=51922
accept-ranges
bytes
content-length
5606
expires
Thu, 05 Oct 2023 05:05:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame A63F
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Server
54.217.255.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-255-105.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.102
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.20.48
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame A63F
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2889393243
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2889393243
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
via
1.1 google
last-modified
Wed, 04 Oct 2023 14:39:55 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
via
1.1 google
last-modified
Wed, 04 Oct 2023 14:39:55 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2889393243
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame A63F
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=844E5247-9E5D-4BC5-A15C-1075184A440C
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
HTTP/1.1
Server
52.202.131.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-131-94.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 14:39:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 04 Oct 2023 14:39:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
844E5247-9E5D-4BC5-A15C-1075184A440C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A63F 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/844E5247-9E5D-4BC5-A15C-1075184A440C?gdpr=0&gdpr_consent=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:de3d:8205:f74c:2062 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame A63F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7295c288-d3d4-4622-8123-8de69b5313e4-651d793b-4348&gdpr=0&gdpr_consent=
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7295c288-d3d4-4622-8123-8de69b5313e4-651d793b-4348&gdpr=0&gdpr_consent=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:54 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7295c288-d3d4-4622-8123-8de69b5313e4-651d793b-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A63F
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1d02f2e232dc17f7&is_secure=true&networkId=17100&version=1&nuid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIg52X2ebBtgMMg344AAAAAAA&expiration=1696516795&nuid=844E5247-9E5D-4BC5-A15C-1075184A440C&...
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIg52X2ebBtgMMg344AAAAAAA&expiration=1696516795&nuid=844E5247-9E5D-4BC5-A15C-1075184A440C&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIg52X2ebBtgMMg344AAAAAAA&expiration=1696516795&nuid=844E5247-9E5D-4BC5-A15C-1075184A440C&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame A63F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3736268900511119604&gdpr=0&gdpr_consent=&us_privacy=
1 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3736268900511119604&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 14:39:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3736268900511119604&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame 0373
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Wed, 04 Oct 2023 14:39:55 GMT
server
Kestrel

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 04 Oct 2023 14:39:55 GMT
Expires
Wed, 04 Oct 2023 14:39:55 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Pragma
no-cache
Server
nginx
x-sticky-vk
1696430395251093-588
setuid
elb.the-ozone-project.com/ Frame FBA0 		0
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
810e2d52dfd701fc-ZRH
content-length
0
date
Wed, 04 Oct 2023 14:39:55 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
v1
match.sharethrough.com/universal/ Frame 42F5 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.170.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-170-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:55 GMT
setuid
elb.the-ozone-project.com/ Frame 42F5
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&us_privacy=pbs-ozone&ox_sc=1
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=615b4c19-fb97-4387-adff-7a3c10f94177
0
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=615b4c19-fb97-4387-adff-7a3c10f94177
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d53c97501fc-ZRH
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=615b4c19-fb97-4387-adff-7a3c10f94177
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
pbsync
usermatch.targeting.unrulymedia.com/ Frame 817F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-ozone&rurl=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26%24UID
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Wed, 04 Oct 2023 14:39:55 GMT
setuid
elb.the-ozone-project.com/ Frame 42F5
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=e1db7e18-621d-4993-944f-36112bb1169c
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=e1db7e18-621d-4993-944f-36112bb1169c
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d54aae001fc-ZRH
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=e1db7e18-621d-4993-944f-36112bb1169c
access-control-allow-origin
*
date
Wed, 04 Oct 2023 14:39:55 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
rum
elb.the-ozone-project.com/cdn-cgi/ Frame 3109 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=72fd7ce3-ac7c-43de-a5be-8dd2dede3a7d&publisherId=OZONEVEN0005&siteId=3500000651&cb=1696430391258&bidder=ozone
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type
application/json

Response headers

date
Wed, 04 Oct 2023 14:39:55 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://elb.the-ozone-project.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
810e2d54eb4801fc-ZRH
setuid
elb.the-ozone-project.com/ Frame 42F5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?uid=AACQbU7KOvIAABkFBugagw&bidder=beeswax
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?uid=AACQbU7KOvIAABkFBugagw&bidder=beeswax
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d556c2201fc-ZRH
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?uid=AACQbU7KOvIAABkFBugagw&bidder=beeswax
Date
Wed, 04 Oct 2023 14:39:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame 42F5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-w2mB5EtE2uHcrnlToLaRDxaBv8AbllbLy71Mk58-~A&gdpr=0
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-w2mB5EtE2uHcrnlToLaRDxaBv8AbllbLy71Mk58-~A&gdpr=0
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d55fce401fc-ZRH
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-w2mB5EtE2uHcrnlToLaRDxaBv8AbllbLy71Mk58-~A&gdpr=0
date
Wed, 04 Oct 2023 14:39:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/usync/ Frame 62BA 		2 KB
872 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: www.file.io
URL: https://www.file.io/deleted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
7d04fe4a9717f9687244b181d8c18dc9a0fbf87b843a0bcf6de62dc8ab9b8cae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
789
content-type
text/html
strict-transport-security
max-age=15552000
PugMaster
image6.pubmatic.com/AdServer/ Frame 90B2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80983633&p=159234&s=703967&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8eead6d3339b227df3a8caad4526ff35d337b4d53d36404ba2a483d5774edec5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 04 Oct 2023 14:39:55 GMT
content-length
1611
content-type
text/html; charset=UTF-8
setuid
elb.the-ozone-project.com/ Frame 62BA 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=onetag&gdpr=0&gdpr_consent=&uid=$UID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
810e2d569de201fc-ZRH
content-length
0
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1661 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6057713&p=159234&s=703967&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8eead6d3339b227df3a8caad4526ff35d337b4d53d36404ba2a483d5774edec5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 04 Oct 2023 14:39:57 GMT
content-length
1611
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 3B37
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1975632a7e0c4dada2b9356fbf50e3fc
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1975632a7e0c4dada2b9356fbf50e3fc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 14:39:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1975632a7e0c4dada2b9356fbf50e3fc
pragma
no-cache
server
Tengine
bridge
cm.adgrx.com/ Frame 2F95 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 04 Oct 2023 14:39:56 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-2
cm
ipac.ctnsnet.com/int/ Frame 8E2C 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 04 Oct 2023 14:39:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 9EBC
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730125016522
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730125016522
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 04 Oct 2023 14:39:55 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730125016522
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 28C5
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9192942573442099881
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9192942573442099881
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9192942573442099881
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pubmatic
ad.mrtnsvr.com/sync/ Frame 8B7D 		0
0
cookiesync
core.iprom.net/ Frame 99F7 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 04 Oct 2023 14:39:56 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-b3030ced4bf2@version_1.572
X-core-time
1ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 1941
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
810e2d5a6dd924c4-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
810e2d56eec924c4-ZRH
content-type
text/html
date
Wed, 04 Oct 2023 14:39:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
26
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 1893 		0
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 90B2 		0
0
prebid
sync.inmobi.com/ Frame 3616 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame D7B2 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75186826&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:55 GMT
content-length
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KDJB5247JB&gtm=45je3a20&_p=1394946623&cid=414785464.1696430390&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1696430390&sct=1&seg=0&dl=https%3A%2F%2Fwww.file.io%2Fdeleted%2F&dt=Deleted%20%7C%20file.io&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
page-data.json
www.file.io/page-data/login/ 		0
645 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:44:55 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
WJGFDDS57JG8K43B
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
24902
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
rsMkJz6QSeA2/AaWUklGQDNDN2JO05yi3anYkXeCyxbrS0f16dNUmLK/2rzGfjDElevdJK9z5G0=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
-2MDYfitABBlp5dj2v-Ppb2kyRhn9r9N-QYKdWy-tfhBIRhCxAgfmg==
page-data.json
www.file.io/page-data/developers/ 		0
675 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/deleted/
Origin
https://www.file.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:44:55 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
WJGDR2J19G8RHVHY
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
24902
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
lg/Z58vfMUYfZjcYXALjHuzrXUCuaEK9uOjts7DvU2qvBrdGQNYocFcNEJPlwOSprAPyizux1SU=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
a93PvojntsfT_S3mhIYKYyevi2tUTojIAK-mI05aCC-YbxYQzypkCA==
page-data.json
www.file.io/page-data/developers/ 		163 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:44:55 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
WJGDR2J19G8RHVHY
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
24902
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
lg/Z58vfMUYfZjcYXALjHuzrXUCuaEK9uOjts7DvU2qvBrdGQNYocFcNEJPlwOSprAPyizux1SU=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
t754N7WXo6_CBd5dnPef36tCjmrgBYPtli1uMmlaad9NtD-1_Pa1sA==
page-data.json
www.file.io/page-data/login/ 		135 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:44:55 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
WJGFDDS57JG8K43B
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
24902
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
rsMkJz6QSeA2/AaWUklGQDNDN2JO05yi3anYkXeCyxbrS0f16dNUmLK/2rzGfjDElevdJK9z5G0=
last-modified
Mon, 26 Jun 2023 16:00:03 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
hVa5M_JxhI2TSeihY69KonKX1IdJ-Gwibx7afz1rjNnibZmz0F8Zxg==
component---src-pages-developers-index-js-a7859f6a3a3afc3f07c9.js
www.file.io/ 		0
163 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-developers-index-js-a7859f6a3a3afc3f07c9.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 01:06:58 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
07ENGSTEJ05S8X8Q
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
739980
x-cache
Hit from cloudfront
x-amz-id-2
toKv7Q38Q3Z1d98qrvsQywAQ/xNnJPcbys6IS01Q/XYkH/kiA9a1eAk1bLRcbfQHALFdGHO4l7w=
last-modified
Mon, 26 Jun 2023 15:59:58 GMT
server
AmazonS3
etag
W/"1b4fa957d78fef16878e49afd25feb5a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
ymFkOy9PNPI6dUK8KXTkwIJybEg0PNo1tY4s-ykH1F6HJHhhSXVX4A==
component---src-pages-login-js-93413dd2e63f89832306.js
www.file.io/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-login-js-93413dd2e63f89832306.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.file.io/deleted/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 02:16:06 GMT
content-encoding
br
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-request-id
TZ1Z5M65JSHENJ33
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
age
6092632
x-cache
Hit from cloudfront
x-amz-id-2
R3fwSAFkORNpRzWdd5oFIyTF3lMbwEu4+dL50U+TgXp0c6UiOcrNZPX1xsKVxjGsJRQk1JQL2ORZDZ8Ky4E/TrhR8ix6Cf/VbXc+7v0qvL4=
last-modified
Mon, 26 Jun 2023 15:59:59 GMT
server
AmazonS3
etag
W/"0d7acf561dc45f8157c63d8060b79093"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
jMFZa3Oa0nYunUcVYS48Ese5Jn8J2COCjwG3ekP7NO1vY0jTWB0nGg==
ctrack
track1.avplayer.com/ 		0
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.avplayer.com/ctrack?pt=2&d66=8.4.2&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&r=www.file.io&sn=&cd1=&cd2=&cd3=&app=&test=&cb=1696430392702
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.75.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-75-193.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 04 Oct 2023 14:39:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame AD8B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95953537&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2e0bde5d7242be532d28ff66d0d79fa07ef97185da9ee3c8dfe5d1823fb9db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 04 Oct 2023 14:39:57 GMT
content-length
1421
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 85B9 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 04 Oct 2023 14:39:57 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 57C1
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=902c4555ce4360a6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=ec81b78f27a1fcadf328b5aa52c6240a&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRaXjWVVVjnWYUagU&gdpr=0&gdpr_consent=
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRaXjWVVVjnWYUagU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRaXjWVVVjnWYUagU&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 08B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 04 Oct 2023 14:39:57 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame B5B2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2640DB98C3844147BF9B3D3B71701BB7&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2640DB98C3844147BF9B3D3B71701BB7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 14:39:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 04 Oct 2023 14:39:57 GMT
expires
Tue, 03 Oct 2023 14:39:57 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2640DB98C3844147BF9B3D3B71701BB7&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 4EC1
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8584673287
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8584673287
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Wed, 04 Oct 2023 14:39:57 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 04 Oct 2023 14:39:57 GMT
etag
RXa5bc009a264f45178f25feca7a950cd5003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8584673287
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
mw
mwzeom.zeotap.com/ Frame AD8B 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=844E5247-9E5D-4BC5-A15C-1075184A440C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
810e2d5f19335b3e-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame AD8B
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=844E5247-9E5D-4BC5-A15C-1075184A440C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=844E5247-9E5D-4BC5-A15C-1075184A440C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=844E5247-9E5D-4BC5-A15C-1075184A440C&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:40:06 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:40:06 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=844E5247-9E5D-4BC5-A15C-1075184A440C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame AD8B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=844E5247-9E5D-4BC5-A15C-1075184A440C&gdpr=0&gdpr_consent=
  • https://spl.zeotap.com/?zdid=1332&zcluid=7453aedcc22fac7c
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=81fdaa4d-3c18-4e5f-4235-33814070e891&reqId=340ddec7-793f-43fa-7181-329988ba886a&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHfRl6wahJill44kdYav0lQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=81fdaa4d-3c18-4e5f-4235-33814070e891&reqId=340ddec7-793f-43fa-7181-329...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHfRl6wahJill44kdYav0lQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=81fdaa4d-3c18-4e5f-4235-33814070e891&reqId=340ddec7-793f-43fa-7181-329988ba886a&zcluid=7453aedcc22fac7c&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
810e2d5fe9c95b3e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHfRl6wahJill44kdYav0lQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=81fdaa4d-3c18-4e5f-4235-33814070e891&reqId=340ddec7-793f-43fa-7181-329988ba886a&zcluid=7453aedcc22fac7c&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AD8B
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7770374247560168041
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7770374247560168041
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 04 Oct 2023 14:39:57 GMT
an-x-request-uuid
9d05aa56-9e8a-4062-aa8a-a6481bae4a4c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7770374247560168041
x-proxy-origin
195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A63F 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 76F7 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58151207&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 04 Oct 2023 14:39:56 GMT
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 398B 		47 B
101 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68687814&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 04 Oct 2023 14:39:57 GMT
content-length
47
content-type
text/html; charset=UTF-8
track
track1.aniview.com/ Frame 9C1D 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.file.io&rs=www.file.io&sid=84254&t=1696430392&cip=195.206.105.132&sn=&tgt=0&osv=10&bv=117.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=38ec9aaf9c6c6673184c3d317ae8a5a4&d63=38ec9aaf9c6c6673184c3d317ae8a5a4&aafaid=&proto=https&uid=1696430392884-995932689369-001779-015-007148&cha=0.7&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.132&cb=8368221070&d39=&d65=&d66=8.4.2&d74=&d56=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=195.206.105.132&cd18=47.40440&cd17=8.43630&d9=1000&d37=realtime&pt=2&d66=8.4.2&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&cvid=63f7530d2bdf8c59ab0dcf13&cpid=611a1881cd22c87dcd063d22&str=viewable&cmssynd=%5B%5D&AV_WIDTH=440&AV_HEIGHT=247
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.90.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-90-67.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.file.io/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 04 Oct 2023 14:39:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 90B2 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 8093
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1975632a7e0c4dada2b9356fbf50e3fc
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1975632a7e0c4dada2b9356fbf50e3fc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 14:39:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1975632a7e0c4dada2b9356fbf50e3fc
pragma
no-cache
server
Tengine
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 1661 		0
0
bridge
cm.adgrx.com/ Frame 5E76 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 04 Oct 2023 14:39:58 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-2
cm
ipac.ctnsnet.com/int/ Frame 4AFB 		43 B
293 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 04 Oct 2023 14:39:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame F85E
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730125016522
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730125016522
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 04 Oct 2023 14:39:58 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559730125016522
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 7A72
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9192942573442099881
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9192942573442099881
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9192942573442099881
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pubmatic
ad.mrtnsvr.com/sync/ Frame 938C 		0
0
cookiesync
core.iprom.net/ Frame 299B 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 04 Oct 2023 14:39:58 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-2e329aab597b@version_1.572
X-core-time
0ms
X-server-arch
v2
i.match
a.tribalfusion.com/ Frame E283 		43 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
810e2d63d80124c4-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 04 Oct 2023 14:39:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 0407 		0
0
setuid
elb.the-ozone-project.com/ Frame D083 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=844E5247-9E5D-4BC5-A15C-1075184A440C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
810e2d65d85601fc-ZRH
content-length
0
date
Wed, 04 Oct 2023 14:39:58 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/video.mp4?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.file.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Range
bytes=1048576-

Response headers

date
Wed, 04 Oct 2023 14:39:59 GMT
x-guploader-uploadid
ADPycduPNxSqtm0zerYRpjebM0nO-7fM7fqA7gkQMSl55cdph4kAVGkaHqOoI97UnCdEzVafgbf9rd4lZlciHl7gmAgSHSzDkNEq
x-goog-storage-class
STANDARD
Content-Range
bytes 1048576-16354256/16354257
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
15305681
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"556c15db3f672c7aa373111276da5a0c"
x-goog-generation
1677153097681732
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=q314DQ==, md5=VWwV2z9nLHqjcxESdtpaDA==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1696430399.dop270.fr8.t,1696430399.cds053.fr8.hn,1696430399.cds343.fr8.c
x-goog-stored-content-length
16354257
accept-ranges
bytes
SPug
simage4.pubmatic.com/AdServer/ Frame AD8B 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookiesyncendpoint
sync.aniview.com/ Frame B34C 		0
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1696430392884-995932689369-001779-015-007148&biddername=1&key=844E5247-9E5D-4BC5-A15C-1075184A440C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696430392884-995932689369-001779-015-007148%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.2.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-2-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Wed, 04 Oct 2023 14:39:59 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1661 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:39:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=2173
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture function| gtag object| dataLayer string| pagePath string| ___webpackCompilationHash object| ___chunkMapping object| __LOADABLE_LOADED_CHUNKS__ object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| mnet string| GoogleAnalyticsObject function| ga object| __VM number| gatsby_scroll_offset number| gatsby_scroll_duration object| __vm_add object| gaplugins object| gaData object| uponit object| apstag function| __tcfapi object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_js_reporting_queue object| _qevents undefined| google_measure_js_timing function| ha object| cnvr_launcher_options function| __tcfapiui function| __uspapi function| quantserve function| __qc object| ezt object| _qoptions object| hadron boolean| __halo_loaded__ object| ID5 object| __id5_instances object| PublisherCommonId object| conversant object| publink_options object| edktInitializor object| coreid object| au object| sas object| apntag object| _ADAGIO number| google_unique_id object| aniviewRenderer object| GoogleGcLKhOms object| aniplayerPos object| webpackChunk_aniview_player object| avContentPlayer object| VM_API object| googDdmPs object| storageAni object| google_image_requests object| freewheelssp_cache

178 Cookies

Domain/Path Name / Value
cdn.edkt.io/check Name: 3pc
Value: 1
.file.io/ Name: _ga
Value: GA1.2.414785464.1696430390
.file.io/ Name: _gid
Value: GA1.2.731026119.1696430390
.file.io/ Name: _gat_gtag_UA_65658019_1
Value: 1
.quantserve.com/ Name: mc
Value: 651d7936-a9be4-038c1-b5024
.file.io/ Name: __qca
Value: P0-1805948172-1696430390536
.script.ac/ Name: __cf_bm
Value: 4lIqRyISCdMipTfzu5fXIdgA8c0Z6xwIk67REknq4dE-1696430390-0-AQwL3uBLKxnCrKBq6u6KKKn0Kxqqke0846p0VF+KGDOBBHzKiPJXW/BR8Iyu196YMncmVvHTeCjdQZhpa5T7hhI=
.adnxs.com/ Name: uuid2
Value: 7770374247560168041
.omnitagjs.com/ Name: ayl_visitor
Value: 37f3182e36c7a31e16455edc85f8b3d6
.sharethrough.com/ Name: stx_user_id
Value: f39ac6b0-61ae-454a-b73b-8b7e794d22eb
.go.sonobi.com/ Name: __uis
Value: 676b3b9a-287d-4a47-b04b-9602ef896cfe
.go.sonobi.com/ Name: _usd_file.io
Value: 49e58219-9fdd-4497-98a7-ded6773958df
.go.sonobi.com/ Name: __uih
Value: 1
.the-ozone-project.com/ Name: __cf_bm
Value: 0h75q4Hw9rkGdEamV.CJ8Uzwk7fD3CNbrnu.48iO3yE-1696430391-0-ASmotcq9xtPPFWA9oiQnJLkM2l/qrAXNFle6BP1IXnuh+2fvpEfT5KJ8Dajwf/C2mzkW9qoKhNXMlKeATRUB/Ko=
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0
.smartadserver.com/ Name: pid
Value: 2762954008211025756
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0&c=1&l=635210033&lo=90626159&lt=638320271911237699&o=1
.adnxs.com/ Name: icu
Value: ChkInZeIARAKGAIgAigCMLfy9agGOAJAAkgCELfy9agGGAE.
.amazon-adsystem.com/ Name: ad-id
Value: A_SXbWsdPkbEjq5TD4pCz4Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.360yield.com/ Name: tuuid
Value: e1db7e18-621d-4993-944f-36112bb1169c
.360yield.com/ Name: tuuid_lu
Value: 1696430391
.3lift.com/ Name: tluid
Value: 4419242845649292636937
.bidswitch.net/ Name: tuuid
Value: 4675a75b-4262-489b-9956-4e00d71e4528
.bidswitch.net/ Name: c
Value: 1696430391
.bidswitch.net/ Name: tuuid_lu
Value: 1696430391
.doubleclick.net/ Name: IDE
Value: AHWqTUlHvM_xmI3oFAEO7EKBx6O4FUw9b63DqCbdzcBN5PhMGr4LV5y1E5ZbyeES
.turn.com/ Name: uid
Value: 3736268900511119604
.rubiconproject.com/ Name: khaos
Value: LNBUUS3F-L-G04A
.file.io/ Name: _ga_KDJB5247JB
Value: GS1.1.1696430390.1.0.1696430392.58.0.0
.file.io/ Name: __gads
Value: ID=bb1ddc10220c2d2a:T=1696430391:RT=1696430391:S=ALNI_MYYnGibbS8KwTcwgtv6xciGduLyzA
.file.io/ Name: __gpi
Value: UID=00000c8df44185df:T=1696430391:RT=1696430391:S=ALNI_MbTxKiLICAofUiO2B97HI8B4DQ7SA
.doubleclick.net/ Name: APC
Value: AfxxVi5udoZUB8RCyTi4ZWuERcYu7Pgz-GNVS4IVeh4lHvOyEsuALw
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a5bc009a-264f-4517-8f25-feca7a950cd5-003%22%7D
ads.smartstream.tv/ Name: DID
Value: acaa4a2dd248a4f1d618b926cb5d9c51
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
cm.adsafety.net/ Name: UID
Value: CM1202310041466075c2fae167f254b3
.adsafety.net/ Name: cm_uid
Value: CM1202310041466075c2fae167f254b3
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvbEE0QklydWdPL1hJNmluVE1KcEJSYzdOcmxKaStqSitkZG5zREd4VkVhMEEvQkU1VmlzRlRPMnAzOGhCY0YyQ2ZLUXRrSlBTUzQ2SmlGMFJqZW4vZDd1enl3aTdFUWE4bFYwSlZhZGJPQ2FoM3JkK2xOSWhUcWt4S3A2R0ttby9SUU9BakxJejZ4dko4Z1B6VXRTZlJqNVFDK1daWm5TbXhxQlc1dVgvamdLT1JPcS90SnBadDJTTWl1eEJOSzY0bTZZOTdPWnlnSG94TUc1SThXd090NTJQVndhQWFUL3pqdGdWKzNGZldYdmtVOHROZTlSSXJET2VMUjFFTmYvemNXUkMyRUFKQjZOOGlVbHFxblVyeWpxRVZvOEFPenVOb21FTGgxRWpyZzBrbmpUdkZGSFR2bHZWQVJiRzVKVWRnPT0%3D
.yahoo.com/ Name: A3
Value: d=AQABBDh5HWUCEBjJ0EZGiShwGfVs0LNcYmAFEgEBAQHKHmUnZbtj0CMA_eMAAA&S=AQAAAsPTzZgV4-nKpRtfGg6mihA
.adnxs.com/ Name: anj
Value: dTM7k!M40DF7/.XF']wIg2In2fr7oM!]tbP6j2F-.aDyjByG0>mtJ'q4h6p?>#Qsjm<%x.D+t4O2*h-fQEVk`!)wV[?C0`x
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxOQlVVUzNGLUwtRzA0QSIsImV4cGlyZXMiOiIyMDI0LTAxLTAyVDE0OjM5OjUyWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEwLTA0VDE0OjM5OjUyWiJ9
.linkedin.com/ Name: bcookie
Value: "v=2&21a5019d-d9fb-4649-856f-5f56129e08eb"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTY0MzAzOTI7MjswMjHnkM0Db67Sd8Ylk4H/3VWBA/kRlionnhUcreSPg6Yb4w==
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2595:u=1:x=1:i=1696430392:t=1696516792:v=2:sig=AQHFLiRaVj17oE8Qts9U8YL2QcgC6cG0"
.tapad.com/ Name: TapAd_TS
Value: 1696430392843
.tapad.com/ Name: TapAd_DID
Value: 0aef8822-d243-40ff-bb92-44366b1d680f
.bidr.io/ Name: bito
Value: AACQbU7KOvIAABkFBugagw
.bidr.io/ Name: bitoIsSecure
Value: ok
.primis.tech/ Name: csuuid
Value: 651d7938d6fe6
.sxp.smartclip.net/ Name: uuid
Value: 3ec20948-3879-1d65-2c6b-918bbe274f18
.criteo.com/ Name: uid
Value: 6c2f42a1-1374-41df-9180-a1c84fec9c21
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 844E5247-9E5D-4BC5-A15C-1075184A440C
.sxp.smartclip.net/ Name: dspuuid
Value: 10.CAESEN2YaOO-hUq90ql2eL64sOI
.sxp.smartclip.net/ Name: psyn
Value: 19634.10
.quantserve.com/ Name: d
Value: EOcBCwGNKvijAA
.aniview.com/ Name: aniC
Value: 1696430392884-995932689369-001779-015-007148
.hb.yahoo.net/ Name: data-mag
Value: LNBUUS3F-L-G04A~~63
.simpli.fi/ Name: suid
Value: 2640DB98C3844147BF9B3D3B71701BB7
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-yit9kssnf8DRf3WUmSphxs8mL8fRfHnGzioRLONg&KRTB&19420-yit9kssnf8DRf3WUmSphxs8mL8fRfHnGzioRLONg&KRTB&22979-yit9kssnf8DRf3WUmSphxs8mL8fRfHnGzioRLONg&KRTB&23403-yit9kssnf8DRf3WUmSphxs8mL8fRfHnGzioRLONg
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPQ-Ka-DlLLLPhL5ATQo0-0&KRTB&23025-CAESEPQ-Ka-DlLLLPhL5ATQo0-0&KRTB&23386-CAESEPQ-Ka-DlLLLPhL5ATQo0-0
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7770374247560168041&KRTB&23339-7770374247560168041
.ipredictive.com/ Name: cu
Value: a5d22f64-9edc-41be-a923-f3b46ae971b3|1696430393239
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8175dfd8-597c-5ea2-4123-d74034804d30.YODzG1UmVFgArJtpijNWRI9XiE3qSnw4i%2FLl8aCCX8Q
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8175dfd8-597c-5ea2-4123-d74034804d30.YODzG1UmVFgArJtpijNWRI9XiE3qSnw4i%2FLl8aCCX8Q
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AgXXf2Fl8XqJBI9dANIBNMMPOaYQ.L3HX%2F%2Fu12ViW9%2F63LBD5J8CtWl3JClp1G5WT%2FBP3Mfw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AgXXf2Fl8XqJBI9dANIBNMMPOaYQ.L3HX%2F%2Fu12ViW9%2F63LBD5J8CtWl3JClp1G5WT%2FBP3Mfw
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHYRzuOX53P1rTccFBQy3a5PfTwDF8Zo8LRJc1iM9c1mEHwYBCC58vWoBjABOgRLGKL4QgS0qZXm.X%2FWwTHy9ffpSUkLVLXZn55InwaHcGX8Gox%2BGSifiqes
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHYRzuOX53P1rTccFBQy3a5PfTwDF8Zo8LRJc1iM9c1mEHwYBCC58vWoBjABOgRLGKL4QgS0qZXm.X%2FWwTHy9ffpSUkLVLXZn55InwaHcGX8Gox%2BGSifiqes
.ads.stickyadstv.com/ Name: UID
Value: 148634829be78ea9fba0be8b52b4aec3
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.adform.net/ Name: uid
Value: 227586578612158718
www.file.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.file.io/ Name: _pubcid
Value: 0fdd764f-f679-49c3-884c-a405bf0bb301
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-227586578612158718&KRTB&23263-227586578612158718&KRTB&23481-227586578612158718
.smartadserver.com/ Name: vs
Value: 321135=5657199&391280=5657199
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-35d8db48-ab35-3e70-a712-4c699231070f
.aniview.com/ Name: 1_C_55
Value: 7770374247560168041
sync.aniview.com/ Name: 1_C_55
Value: 7770374247560168041
.aniview.com/ Name: 1_C_9
Value: c478328da529e2ba086a7e1c54fc1
sync.aniview.com/ Name: 1_C_9
Value: c478328da529e2ba086a7e1c54fc1
.aniview.com/ Name: 1_C_3
Value: GDPR
sync.aniview.com/ Name: 1_C_3
Value: GDPR
.aniview.com/ Name: 1_C_105
Value:
sync.aniview.com/ Name: 1_C_105
Value:
.aniview.com/ Name: 1_C_5
Value: LNBUUS3F-L-G04A
sync.aniview.com/ Name: 1_C_5
Value: LNBUUS3F-L-G04A
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZR15OgAVNRlgagAN
.fwmrm.net/ Name: _uid
Value: umv1b41_7286683455218905426
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umv1b41_7286683455218905426
.ads.stickyadstv.com/ Name: MRM_UID
Value: umv1b41_7286683455218905426
www.file.io/ Name: _lr_retry_request
Value: true
www.file.io/ Name: _lr_env_src_ats
Value: false
.rubiconproject.com/ Name: audit
Value: 1|+JywBypJjRheFMXq3/Yv9wfyVNOJ77gZ+6pzDGKLgL2TGDRQ1IKx87wkL/b4UIJv+9Hxie0wsPsiZ07GJqnMnrT0MEv0F07O2IYsqV9mFR3dTza3m1n+GKZr5ZVxLWDe
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AACQbU7KOvIAABkFBugagw
.bing.com/ Name: MUID
Value: 2F4D60D66A2960EC230573766B726119
.c.bing.com/ Name: MR
Value: 0
.contextweb.com/ Name: V
Value: aqOaU9LBSw9J
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 1c0837f1ce7eeef0
.creativecdn.com/ Name: u
Value: b8Gt1GkdkdSRthLH0q5C
.creativecdn.com/ Name: ts
Value: 1696430394
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjA0MjUwNDM1MhLiM9TNMvUpcQlzMkoscQkHANKNgnclAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjA0MjUwNDM1MhLiM9TNMvUpcQlzMkoscQkHANKNgnclAAAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2eae:19e0~2eae:18z8~2eae:19bl~2eae"
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-w4mtySxE2oOaawh4c1MWKHqEgtFPQKjGTMqOkwdV~A
.the-ozone-project.com/ Name: ozone_uid
Value: 2WIqMZJlXb8MiWgpToovn3SFiFh
.audrte.com/ Name: arcki2
Value: bm8djcvXAfsQxq32Nk--lF7Xw!20220908!1696430394565!ip#195.206.105.132
.mfadsrvr.com/ Name: tuuid
Value: d5cd2d15-0a4c-4481-a3ab-bf8382769834
.mfadsrvr.com/ Name: c
Value: 1696430394
.mfadsrvr.com/ Name: tuuid_lu
Value: 1696430394
.mfadsrvr.com/ Name: ssh
Value: !sonobi,1696430394
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEIMjqKeLm_HNEHchtldSvXM
.audrte.com/ Name: arcki2_ddp2
Value: bm8djcvXAfsQxq32Nk--lF7Xw!20220908!1696430394721
.go.sonobi.com/ Name: __uir_bw
Value: 102630794772389418
.go.sonobi.com/ Name: __uin_bw
Value: 4675a75b-4262-489b-9956-4e00d71e4528
.go.sonobi.com/ Name: HAPLB8G
Value: s85141|ZR15P
.go.sonobi.com/ Name: __uir_pp
Value: 102630794772389418
.go.sonobi.com/ Name: __uin_pp
Value: aqOaU9LBSw9J
.go.sonobi.com/ Name: __uir_zt
Value: 102630794772389418
.go.sonobi.com/ Name: __uin_zt
Value: 5108559730125016522
.go.sonobi.com/ Name: __uir_rh
Value: 102630794772389418
.go.sonobi.com/ Name: __uin_rh
Value: b8Gt1GkdkdSRthLH0q5C
.audrte.com/ Name: arcki2_adform
Value: 227586578612158718!20220908!1696430394896
ads.avct.cloud/ Name: uuid
Value: 8cab3cf7-eaa7-45dd-a917-dd18974a702a
.audrte.com/ Name: arcki2_smart
Value: 2762954008211025756!20220908!1696430395061
.kargo.com/ Name: ktcid
Value: deb3047d-024e-00e0-578b-8d5ef61ad8da
.dotomi.com/ Name: DotomiTest
Value: 1d02f2e232dc17f7
.adfarm1.adition.com/ Name: UserID1
Value: 7286113066477353110
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3736268900511119604&KRTB&23150-3736268900511119604&KRTB&23527-3736268900511119604
.weborama.fr/ Name: AFFICHE_W
Value: Jy6lQFzPpLkn90
.sitescout.com/ Name: ssi
Value: 7295c288-d3d4-4622-8123-8de69b5313e4#1696430395410
.csync.loopme.me/ Name: viewer_token
Value: 6a7e41bb-8c8f-4981-b29d-50c2fba5af4d
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIg52X2ebBtgMMg344AAAAAAA&KRTB&22713-AAAIg52X2ebBtgMMg344AAAAAAA&KRTB&22715-AAAIg52X2ebBtgMMg344AAAAAAA&KRTB&23519-AAAIg52X2ebBtgMMg344AAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7286113066477353110&KRTB&23369-7286113066477353110
.nrich.ai/ Name: _nauid
Value: 5ae7f1d1-987f-4831-af60-32b85110345f
.openx.net/ Name: i
Value: 8b29fc8f-eb8f-4f99-9ca5-72c1f585b007%7C1696430395
.audrte.com/ Name: arcki2_pubmatic
Value: 844E5247-9E5D-4BC5-A15C-1075184A440C!20220908!1696430395385
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NjQzMDM5NTQ0MH0
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-gXXf2Fl8XqJBI9dANIBNMMPOaYQ&KRTB&23334-gXXf2Fl8XqJBI9dANIBNMMPOaYQ&KRTB&23417-gXXf2Fl8XqJBI9dANIBNMMPOaYQ&KRTB&23426-gXXf2Fl8XqJBI9dANIBNMMPOaYQ
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1n89|4is.0.CAESEEdbwo5GWssQpifOwc-Rub8|7LJ.0.676b3b9a-287d-4a47-b04b-9602ef896cfe|7dN.0.AACQbU7KOvIAABkFBugagw
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-7295c288-d3d4-4622-8123-8de69b5313e4-651d793b-4348&KRTB&23418-7295c288-d3d4-4622-8123-8de69b5313e4-651d793b-4348
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-4675a75b-4262-489b-9956-4e00d71e4528
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: ec81b78f27a1fcadf328b5aa52c6240a
.smartadserver.com/ Name: csync
Value: 94:ZR15OgAVNRlgagAN|127:AACQbU7KOvIAABkFBugagw|139:0|141:bm8djcvXAfsQxq32Nk--lF7Xw
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACQbU7KOvIAABkFBugagw
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5108559730125016522
.adx.opera.com/ Name: UID
Value: OPU1975632a7e0c4dada2b9356fbf50e3fc
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU1975632a7e0c4dada2b9356fbf50e3fc&KRTB&23485-OPU1975632a7e0c4dada2b9356fbf50e3fc&KRTB&23524-OPU1975632a7e0c4dada2b9356fbf50e3fc
.de17a.com/ Name: guid
Value: 1.9192942573442099881
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-9192942573442099881
.pubmatic.com/ Name: DPSync3
Value: 1697587200%3A245_241_235_227_226_219_197_201
ads.playground.xyz/ Name: connect.sid
Value: s%3ApKMbZii7Y_cdnmJ7osWS4VLlGNdfXzNA.RKp1MmOtol%2BXKVS1nssjUOsyO5sFfFfNFMOQRA085Nc
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a5bc009a-264f-4517-8f25-feca7a950cd5-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.onaudience.com/ Name: done_redirects219
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1696430397
.zeotap.com/ Name: zc
Value: 81fdaa4d-3c18-4e5f-4235-33814070e891
.zeotap.com/ Name: zsc
Value: %1Fy%0ET%D4Y%10t%F4%11%0D%D0%87S%0An%FC%A2%5EQt%AD%97%BFo%EAv%AE%05%81%BB%9Bv%D8%2A%A5%E0%24%89K%CAjEv%F3%06%0F%1Cw%EC%EE%A6%F0%D5%DEf%B2%E7%99%DD%24%25%E8%DAh%F4%B6%F0%DBl%89%F6M%14%8F%90%E6%88%016%C8%BB%E9
.semasio.net/ Name: SEUNCY
Value: 27EF5C35319EA653
.onaudience.com/ Name: cookie
Value: 902c4555ce4360a6
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-tk2EoAPtRaXjWVVVjnWYUagU
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1696451997840
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: SyncRTB3
Value: 1697587200%3A233_13_220_54_176_251_55_21_264_165_166_22_81_214_238_56_234_46_254_3_249_71_8_161%7C1696982400%3A223_2_15%7C1698969600%3A203%7C1697241600%3A63%7C1697673600%3A35
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlmYmxgbGlhYGq-ShTBNzE1MwYA3GaBziAAAAA
.ctnsnet.com/ Name: cid
Value: 2fc8067e0c4648ad8d61e0940a73dcdc
.pubmatic.com/ Name: PugT
Value: 1696430397
.tribalfusion.com/ Name: ANON_ID
Value: a1nteZbMwTkE6XlypqtMS13Za2EHTDbd6Xn2vAPq4hMjMdQi2BMd2TjX3FuHKZbfTd763tMDKVMQCdLVHyp7nFm3ZawE3xnZdORiI
elb.the-ozone-project.com/ Name: AWSALBTGCORS
Value: zbtnPzNcKEpqZBdAssUbuMszXRMsB4/xUIkmEUB8Z7HdFWmSxz0Naer71sZma0uEvLwsQC8NNglxH/lVjdcOq2BWHXkX/nOBv+pt+z4dB0VQ1t+NYWLdirtWNE97QU9FjGFIN+IQPutrm1fOK11+87T3Guh/A7VbVuLfD+hIHjXXdomALeA=
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiMjI3NTg2NTc4NjEyMTU4NzE4IiwiZXhwaXJlcyI6IjIwMjMtMTAtMThUMTQ6Mzk6NTUuMjE3MDU0MDU1WiJ9LCJiZWVzd2F4Ijp7InVpZCI6IkFBQ1FiVTdLT3ZJQUFCa0ZCdWdhZ3ciLCJleHBpcmVzIjoiMjAyMy0xMC0xOFQxNDozOTo1NS43Njg0NDgzNTVaIn0sImNvbnZlcnNhbnQiOnsidWlkIjoiQUFBSUlDTzkxbDJEb3dOZl9pdk5BQUFBQUFBIiwiZXhwaXJlcyI6IjIwMjMtMTAtMThUMTQ6Mzk6NTUuMDI1ODUyNDk1WiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiJlMWRiN2UxOC02MjFkLTQ5OTMtOTQ0Zi0zNjExMmJiMTE2OWMiLCJleHBpcmVzIjoiMjAyMy0xMC0xOFQxNDozOTo1NS42NjE5OTYwOVoifSwib25ldGFnIjp7InVpZCI6IiRVSUQiLCJleHBpcmVzIjoiMjAyMy0xMC0xOFQxNDozOTo1NS45NjAzMTI3NDdaIn0sIm9wZW54Ijp7InVpZCI6IjYxNWI0YzE5LWZiOTctNDM4Ny1hZGZmLTdhM2MxMGY5NDE3NyIsImV4cGlyZXMiOiIyMDIzLTEwLTE4VDE0OjM5OjU1LjUyOTA3MTkyM1oifSwicHVibWF0aWMiOnsidWlkIjoiODQ0RTUyNDctOUU1RC00QkM1LUExNUMtMTA3NTE4NEE0NDBDIiwiZXhwaXJlcyI6IjIwMjMtMTAtMThUMTQ6Mzk6NTguNDEzODAzMTEzWiJ9LCJ5YWhvb3NzcCI6eyJ1aWQiOiJ5LXcybUI1RXRFMnVIY3JubFRvTGFSRHhhQnY4QWJsbGJMeTcxTWs1OC1-QSIsImV4cGlyZXMiOiIyMDIzLTEwLTE4VDE0OjM5OjU1Ljg2NTYwMzU3OVoifX0sImJkYXkiOiIyMDIzLTEwLTA0VDE0OjM5OjU0LjYzNjA5NzkzNFoifQ==

15 Console Messages

Source Level URL
Text
security warning URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@200..800&display=swap
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.file.io/deleted/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.file.io/deleted/main.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.file.io/879366/Enabler_01_250.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.file.io/deleted/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://www.file.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=2173
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idsync.rlcdn.com/712068.gif?partner_uid=34cc14b8-f498-4f3c-ad04-c395ffd5712a&gpp=&gpp_sid=
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://www.file.io/cdn-cgi/rum?
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
3365f209bbab38f41fd52e8a3343fb85.safeframe.googlesyndication.com
a.ad.gt
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.mrtnsvr.com
ad.sxp.smartclip.net
ad.turn.com
ad.yieldlab.net
ad2.360yield.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.smartstream.tv
ads.stickyadstv.com
ap.lijit.com
apex.go.sonobi.com
api.edkt.io
api.rlcdn.com
apps.sascdn.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cadmus.script.ac
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
ce.lijit.com
ced-ns.sascdn.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cmp.quantcast.com
cms.quantserve.com
config.aps.amazon-adsystem.com
content1.avplayer.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
crb.kargo.com
creativecdn.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsp.nrich.ai
eb2.3lift.com
elb.the-ozone-project.com
eus.rubiconproject.com
feed.avplayer.com
file.io
fonts.googleapis.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hb.vntsm.com
hb.vntsm.io
hb.yahoo.net
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
itx4.smartadserver.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
nep.advangelists.com
onetag-sys.com
optimized-by.rubiconproject.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
play.aniview.com
player.aniview.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
st.pubmatic.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
tg1.aniview.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
track1.aniview.com
track1.avplayer.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
usermatch.targeting.unrulymedia.com
visitor.omnitagjs.com
www.file.io
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www14.smartadserver.com
x.bidswitch.net
ad.mrtnsvr.com
api.rlcdn.com
cm-supply-web.gammaplatform.com
match.adsby.bidtheatre.com
match.bnmla.com
sync.inmobi.com
104.18.43.178
13.224.189.97
141.94.171.212
141.94.171.213
141.94.242.226
142.250.185.66
145.40.97.67
151.101.129.108
151.101.130.49
151.139.128.10
162.19.138.120
162.19.138.83
178.250.7.11
18.184.148.2
18.185.181.121
18.197.170.218
18.200.130.91
184.30.20.22
184.30.211.26
185.184.8.90
185.255.84.150
185.255.84.152
185.64.189.112
185.64.190.78
185.64.190.81
185.64.190.89
185.64.191.210
185.86.139.101
185.86.139.59
185.86.139.85
193.0.160.130
193.108.153.23
195.5.165.20
198.47.127.205
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
208.93.169.131
209.54.182.161
213.155.156.182
216.52.2.86
216.58.206.34
23.212.211.47
23.213.164.238
23.213.165.82
23.35.229.251
23.48.23.29
23.88.86.2
2600:1901:0:8344::
2600:9000:2127:7400:6:44e3:f8c0:93a1
2600:9000:2127:e000:9:46dc:4700:93a1
2600:9000:2251:f600:1a:5235:f980:93a1
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::6816:1957
2606:4700:10::6816:2f8e
2606:4700:10::6816:3456
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:20::681a:9a9
2606:4700:20::ac43:4513
2606:4700::6810:3865
2606:4700::6812:1691
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2006
2a00:1450:4001:806::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9c
2a02:2638:3::7
2a02:2638:d::d
2a02:26f0:480:15::213:7e50
2a02:26f0:7100::1720:eee1
2a02:26f0:e600:584::2c79
2a02:fa8:8806:13::1400
2a02:fa8:8806:13::1460
2a05:d018:d29:3605:de3d:8205:f74c:2062
3.120.6.97
3.234.75.193
3.33.220.150
3.69.181.172
3.75.62.37
3.76.141.3
34.102.253.54
34.111.113.62
34.111.129.221
34.120.111.33
34.120.63.153
34.231.5.229
34.249.114.3
34.95.69.49
35.156.50.67
35.157.200.21
35.186.193.173
35.186.194.101
35.204.74.118
35.214.190.171
35.227.252.103
35.244.159.8
35.244.174.68
37.157.3.26
37.157.6.237
37.252.172.123
44.198.90.67
44.217.2.23
44.218.84.96
46.228.174.117
5.196.111.65
51.68.39.188
51.89.9.253
52.2.79.180
52.202.131.94
52.206.108.195
52.211.174.80
52.222.208.154
52.45.228.151
52.94.222.140
54.217.255.105
54.229.130.135
54.237.21.81
63.251.14.14
63.251.232.170
65.9.93.173
65.9.95.30
69.16.175.42
69.166.1.32
69.166.1.66
69.173.144.137
69.173.144.138
69.173.144.165
69.173.151.100
76.223.111.18
77.243.51.122
82.145.213.8
85.114.159.118
89.163.240.122
91.210.226.72
98.98.134.242
02bc356eb76e07148556c04423a5b9fca14e665572e2b26a67ddd6e91f30f41e
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b8fc424a30155823507014515f450aed1c9c6a84cdb234cb1d066a79cdd68b
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e6793d503dab31054f9bd9fae79408db374713aa1b8524b678feb477e292b1e
0e7fe9d5cc55ddae9a867d72f398da2adb4f9d9eed7ad7a03f2c2ac73610b08f
0f3eb3b313bde55721c42f8e43e5c01476136dbe781d6f673fdaf828811451cb
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17712c90e8473e3a5c2f70a4399e79ba0687d7be77d3aa642870f27a1c13da94
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
183175d699512fcce37611f805e4f0990e58feb16bda6bc3853df6be050c7a64
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
1f61edf1b3d673b7159e25bc6bea22a83b1194c6e0bd335499d4f0afc7c1d5b6
227dfc9c1b39fbd23f9ba7c16aca7bdbdb64049217e7fb76e2aaff41958f0efb
2451fb3812f398b3504c2826c0608bb40250c681767da55e759af196d57194f3
255c230b3ccd6029e71b9df389e7ed54949b02f41a830c55a2b64013ca789cd9
258be9012d3f4b956b612bf93a5bd490204f773985851f32136fd6c5fd9f7fa8
26501a1ea54927eb684a57374525d72bb7112e5036a8f73dfb9890a34fb08871
29905a44e368760ee8deaccdd34a956b1d66e1fe4b798c602901080d7b3c5bb8
29d5354479b51a59429aceb202a9e68c5ad9050be0a43ab75bb149b9b3a3473c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ff96f5463d8be80b3da7cf76709b313ce09cbcf8b1a51c974bfaf89aab27652
3148b503996601811f2abcc09d7309d321d02d144c93243b4b914c00b36d87d7
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
33002871c65b860e5af646b691114a429475b4b35c33538c16287f20937e7c5d
33f65f1245679f52f9f196177f5c7708d897d43d47d9206de6d7583817c947c5
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177
35104952e90077aff9742cae7bd7b87b383de61158c412dfbf9794a428ad400f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38a94dca5d95c210a670a327db5f38030f7b42da54d7ee832a3dd77265b249a0
3a94920451e39bdc04dab7854584152e91f12d7d65b87d50e3da90bb54b4dc0a
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
3b9e90a5fbc13fff5ac8342cd2af0316342cf5070859cddb621b3ec1f94896b8
3bcdeca8663ebdc7388dd720fa7a0c6fff4363b578edd80fc786f08d9ef02fea
3c3ed4f0a8f1b65c20077534676ae3a2ddb1c1419f68ee83795a85cd2b93427f
3c99f1c14ef37296dc00166cbea46fb829461edd8a6717227a421201657abbd5
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de06d17189e15796e7e8f2640a21b655c2d1562e0fdb88df501f9f3138ad42b
3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1
3e6c6d6d94558f06d6d87ac3e06280b23ef3602176b8bf16c54eb14e2be4e9aa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3f2050cff45669548a88b99f5fe7144f2177c12e157f0cb6f931a3b4040236fe
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40911705ab9142b3dba4fb853310962c494694ac70e15dce99557475d35ea2db
41bd2a5675e793a19a555b166d4e73b888e4e1c68ab0e3bf3626a1d53b134c41
41cee572622e55c51a0229bd489312e2b9bcc0ac84d8001f4527d2cfc9700fb7
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4857c3f329de57cf39a5823125b7d9a9d4cbbb290284d940f2ebfa5880282e6a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4edd6bf62a26028d4999c3669b617e8b187187f5902d94a74f8499cbaf02f170
4f2e4e9b9cf3253423296719e2f93be860fe6e11ae54d3ae5e1986d8faf18914
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505951a64db6a022566f5a00c860ab78c11b99e53cc8f3ac2af43c87b93d0992
5074daa080e1caeef1da9f88d51ba9b05a569dc7362e260d931f932e89b2e44a
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e30f191bec3bcb919f18dc014c7124dd24e9f0755f2abdde9ac3ccb8d161de
58023857e618007c2eed153d50c90c290e31677b495ab330eb6480f729175557
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
5b0a63e2bd2d93ba8e217d90a29b48c3e0176a91b0e1eaa335bb83240103b92e
618f84de04f8a165a6d22328816b618433d49c5f50706d033436ea0cc0e1a9a0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
639ad05381102be1db5b007e62b776d0acd1b082a6f9412dedfe7490a81be12e
659e352c4ae83f9f32e7da63ec5a7ff152b5b2590d0df35cd181c160629f1b0e
6741ba37050e6f42390fa4ce19efe5f2760490a010d7b1c613cd0707df88e3e5
67ad3736df767da9e9f56e26b42da4db10b374c6b8d944a6a583f7683a4fec76
6a494581111c7a7e5ee358ae38e2d439bd7293a2a6d7207a9eed7be602188357
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be2b90cd65a5816c3b9c7e197f8a2981eb0f52866cc33be47e8d0f2c1be4ab8
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d6318c2a67407cf6bfe6d6f8c54ef7810f10269b3da9aeab21fcddca6f9c69c
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
7062ea887ccab5ead5bd1c6068b74d65390d6b97a233068e5f5a5896ae1524b8
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
726915cf649f0a4ef8aafb5779af17c1a81526f981ff266965ac5b819751892d
726bc88a18b1b1c7907ccf8fd3e312bd4bd7872d549ee68bd4bbc9f1307f33c0
73dcbada170d574260e860070597159c83851a7b526b0fba9dd497f1267a8254
75f30ecfa18f9624c733d7e49fbb7e7026e1ab12c7389687a4ce4222396bd7f4
778205696539bbda569700aca1c63d9382998926eb92f33f60a248a49715afe4
77bcb4c37f64db9971f05424bd125a9d48fa46729effa3c90cfa90bd6d705bd2
78cb75a64f2216af868c8c7fb05e9c31925cb96f5112abc4763baf1a583c6741
79bc00b1ba3e228fe806d7ddfc0bd9a9b9eb904701a35d6dc435932c0b17c1e3
7acf5f489a5fa3ce1693a93e611b5dda998576b37ce2269a28468ad932eefc9a
7af2480826101ec09f9c56ba13cd54222179507157669af69f06014c19e9275a
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb
7d04fe4a9717f9687244b181d8c18dc9a0fbf87b843a0bcf6de62dc8ab9b8cae
7f04f5b9ee8bfeaba95049646865e4163a92ba767cea569902e81a713c0301b2
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
8639ce828f1cb05ad3ff2981fed9243b3267b60e760e8b7af173821fa51aa599
86532733126528affb771ea7ca7b35d172d5dfc850aebaff0bfc6484cf5bea3e
86d79fadeb12670407bb6ee5291ec8e3eb44daf231af1e3932208dde47cf6425
87f760f3968573d056b5f11771b25c80a9db025f9fe1de433fb581cc426ad2ab
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b64e19e0439536b40f9a916285f5972a9eacba4946c229e426b24daf3441f05
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eead6d3339b227df3a8caad4526ff35d337b4d53d36404ba2a483d5774edec5
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9450c099d51617e0891ffa1d3613f809614b741e6d17fb5c2cafd910d07408b7
9585ba445527f611a6db8f10ee5f94e235eca02c4122021ba027425f83dece02
95ddf7325e3f43fd39b3e18752179f50926a90dc9d232d8e4b5bc912caeca3ca
97161b52bbb897b196b58f31c9ce8d660f913d58c9f0de57b31e175cd6bbec8b
97d9dfd8ffc1cb034055da0f01287531af2c4578292d84195a926f9ef304250e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99eb7e4f3f684c60ea2c6fbff817d1a2c393788871a1713df848210e6c87b1bc
9aff67207c751e2410d82062275cbbce494d88e6a054b36eeb65fea942b92244
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a3edbcf922580327075c17c9c271c4c0e7be382ce3aeb04b39f336c1c5ba63e7
a5a60f2190e333ff5ed63be506c8112b65d287aeed5562dedf783f8f56049e38
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7efc7b09232ae9af87d44a66d66a99500fbdf21af05e4172a02a7b50b3f9b8b
a9d0a668bbfb705e317d51bfaabf290c28cca253877bc8ca0885af764860c945
ac31065e47f40e77ea0fdb52a6da8a0965185f865c5e2a00e185c1b778f10eaf
ac6d745064a12deccd8622d1116b95fe023c54cf18623b3322c872472a2529b1
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b667bef0065942f85dd838063d3dade9621366ec6834cea88478da2f82eee717
b769093a19d592ca037d008dc4c9093c775f9aabe3dd94d8c5667f4ce678fe56
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
ba486f43f9263d607b547ebc3b7c0917663b78ccea1b8e3313efd3adc8519509
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc3577dd7a765efbd18c5a3948a149a2896452b4eca1a29faed7ba2e5dc3124
bc0232cf395ae26672ce695f7a3b2667df263ac62eed523d98260dde320c61ca
bce4bf1c170127b1c50ee9e5fc097505c58f72361ca1c606973d032296e16eae
bfac3932e966c0873d6670efcbfe546f6b02d37dc79b014766b18041d1f50328
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2e0bde5d7242be532d28ff66d0d79fa07ef97185da9ee3c8dfe5d1823fb9db6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99558fc6ef205ec358d6ac68ec549d6972949f3cdca2be0aed2a2b3c165c17f
ca4e50f6369731d604310d1d5cc3f84a9c70b07f4267684d3a2ab33eacd81f24
cc77dc77f2acb1d2781f3d6a45131816596a2f47f90eb52bbbda7ff6dc22697a
ce323e9fa7bc335c46aa84ed3abb5421f9b5e04fc9e0742505f9eeb111597884
ce608fb0a054d1044062f85e171dbc208afb3967ed0080041f15416a11726273
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d146611ef5bdf0fa751ab732161e1f81e1001041b615993b8cfa49e921fb1b8e
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d326e1b799f2e5c3a88a292f2cf5c480be98539f9a7b6ce61fbdb9b9c9bd2005
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d45c0e6bfa1fcb1ea85c217ef2b4a3207a28bf5c8191803d13d6a782798d3b66
d7589354b0a4a50002e110c2f12661dca930e8d6f91b798a4fe9ac61418de517
d76d07c667dab8d3ba7c32a38f291d3dfc46dc2e70d53995080eec9bf4620c70
d9ae0cc0755ea3b042acde2932d6885c1dcbcc785cae4ec96958540302727b66
da113d5c8af5bc0b2ef4a2ad0f7111caf9374be70bb5ee17ea2149bb66ae6ad2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e19a30d7d8b2a0a2d1b061e0d63cf287ed9df54c77d521548783a0d21f37eb46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f2ba27cc5045d65cae98b800470bdc7f5c046360c8b16ce25f3099e1090412
e45b98c9adfa705e68cb9500bc3af7f900882e753fde19705f7afc3d738fb18e
e46a8ec58514255aedae877395b5a33ecf0576eb368690b64802b1d4718627ad
e4a97870a782fb577997ce5c52abc715ef303f1b1994283a0ad22bae3f1a1816
e853a62d616234d773f6dbf597bf118e1f37f5d5ef412b41c9973d6aa1e66b66
e8d809e270139dfe43d1bee53acd3bb175dc134e438a4a639f0e2d611fa78432
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ee812c52f65ce51ad07e28649637f05e8d525c5ecfb1796b10d8b5edfdae3607
ef0adb856579b963b6049d94d5e020105cf548fd2356581f94a80b8c39da1074
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0086d67682118d47f856fa6d02a28b59249cd2b666db7ea7f4d96f1e522fd21
f0d518cc783c3c6bae38aebf7385b35aead21ffbd9e7f86282fa57c2211995fd
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
faf6dbe465a4d62df2472ca6a0069afb413923aea09c4f2dc85093b62dbcd794
fcb53e9eca28a1567402412c95c9a0f151e5b6d78f13febfc82fb35181033418
fd5b5d07b7a368f048906fa6ab245acc65b8de9ec709f8cf930b04a79db55e4a
fee3864ade0efb63463216c1d948e3f6ce4b856def993aa107faa2ba7a059969
ff8669288bfe4433f7c0eded5ebda72e7d9d13ec3e2a9f3d440548ed1a8e973d