urlscan.io logo urlscan.io
SecurityTrails logo

www.file.io Open in urlscan Pro
18.238.80.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://file.io/vsSiRq5nSWrx
Effective URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Submission: On June 30 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 92 IPs in 7 countries across 72 domains to perform 313 HTTP transactions. The main IP is 18.238.80.10, located in United States and belongs to AMAZON-02, US. The main domain is www.file.io.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 26th 2023. Valid for: a year.
This is the only time www.file.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 45.55.107.24 14061 (DIGITALOC...)
39 18.238.80.10 16509 (AMAZON-02)
4 185.93.1.251 60068 (CDN77 _)
3 172.253.63.97 15169 (GOOGLE)
1 104.22.47.142 13335 (CLOUDFLAR...)
1 151.101.193.194 54113 (FASTLY)
2 74.125.192.101 15169 (GOOGLE)
2 173.194.205.155 15169 (GOOGLE)
5 216.239.38.178 15169 (GOOGLE)
1 104.26.3.70 13335 (CLOUDFLAR...)
2 104.18.23.145 13335 (CLOUDFLAR...)
3 108.138.115.149 16509 (AMAZON-02)
1 18.238.49.61 16509 (AMAZON-02)
1 54.229.120.84 16509 (AMAZON-02)
1 3 192.184.67.70 16509 (AMAZON-02)
8 173.194.175.157 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 2 50.16.197.56 14618 (AMAZON-AES)
1 108.138.106.59 16509 (AMAZON-02)
2 18.238.58.231 16509 (AMAZON-02)
3 23.207.2.36 16625 (AKAMAI-AS)
1 104.22.52.173 13335 (CLOUDFLAR...)
1 104.22.53.86 13335 (CLOUDFLAR...)
1 34.199.40.84 14618 (AMAZON-AES)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 18.238.55.87 16509 (AMAZON-02)
1 54.74.208.53 16509 (AMAZON-02)
1 104.244.42.3 13414 (TWITTER)
1 34.120.111.33 396982 (GOOGLE-CL...)
2 172.67.75.241 13335 (CLOUDFLAR...)
6 108.128.131.144 16509 (AMAZON-02)
5 207.65.37.179 62713 (AS-PUBMATIC)
6 172.64.144.78 13335 (CLOUDFLAR...)
3 147.28.146.89 54825 (PACKET)
3 135.148.2.48 16276 (OVH)
4 34.235.214.237 14618 (AMAZON-AES)
2 69.166.1.64 27630 (AS-XFERNET)
3 6 68.67.160.24 29990 (ASN-APPNEX)
8 3.218.122.15 14618 (AMAZON-AES)
1 35.80.197.229 16509 (AMAZON-02)
3 104.22.5.69 13335 (CLOUDFLAR...)
1 13.226.34.70 16509 (AMAZON-02)
11 209.85.232.113 15169 (GOOGLE)
6 9 3.33.220.150 16509 (AMAZON-02)
4 104.22.4.69 13335 (CLOUDFLAR...)
1 2 52.46.155.104 16509 (AMAZON-02)
1 173.194.175.156 15169 (GOOGLE)
6 173.194.66.154 15169 (GOOGLE)
1 172.217.197.132 15169 (GOOGLE)
2 23.220.138.160 16625 (AKAMAI-AS)
1 23.212.251.211 20940 (AKAMAI-ASN1)
14 23.198.214.145 20940 (AKAMAI-ASN1)
4 172.240.45.75 7979 (SERVERS-COM)
4 173.194.68.132 15169 (GOOGLE)
8 15 141.95.98.65 16276 (OVH)
3 162.19.138.118 16276 (OVH)
1 74.125.142.120 15169 (GOOGLE)
12 13.225.63.3 16509 (AMAZON-02)
2 142.251.174.157 15169 (GOOGLE)
1 173.194.68.105 15169 (GOOGLE)
3 3 35.169.74.221 14618 (AMAZON-AES)
1 1 178.250.1.9 44788 (ASN-CRITE...)
3 9 69.166.1.34 27630 (AS-XFERNET)
2 2 52.71.41.146 14618 (AMAZON-AES)
1 1 104.36.113.112 62713 (AS-PUBMATIC)
22 35.71.139.29 16509 (AMAZON-02)
3 74.119.117.25 19750 (AS-CRITEO)
4 52.223.22.214 16509 (AMAZON-02)
5 54.228.55.244 16509 (AMAZON-02)
2 74.119.117.17 19750 (AS-CRITEO)
1 2 35.244.193.51 15169 (GOOGLE)
2 23.220.136.208 16625 (AKAMAI-AS)
1 147.75.195.77 54825 (PACKET)
1 23.220.136.194 16625 (AKAMAI-AS)
1 52.34.45.222 16509 (AMAZON-02)
3 3 35.211.178.172 19527 (GOOGLE-2)
4 6 209.85.232.156 15169 (GOOGLE)
3 3 34.36.216.150 396982 (GOOGLE-CL...)
1 1 3.216.220.116 14618 (AMAZON-AES)
5 6 34.111.113.62 396982 (GOOGLE-CL...)
1 1 199.38.167.131 54312 (ROCKETFUEL)
1 1 216.200.232.249 6461 (ZAYO-6461)
1 1 54.147.209.196 14618 (AMAZON-AES)
2 34.235.229.79 14618 (AMAZON-AES)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 192.132.33.67 18568 (BIDTELLECT)
2 3 198.148.27.131 19189 (PULSEPOINT)
2 2 69.173.146.5 26667 (RUBICONPR...)
2 2 34.98.64.218 396982 (GOOGLE-CL...)
2 2 104.36.113.107 62713 (AS-PUBMATIC)
1 10 44.239.184.8 16509 (AMAZON-02)
1 1 172.240.155.108 7979 (SERVERS-COM)
1 51.222.39.184 16276 (OVH)
1 172.240.45.81 7979 (SERVERS-COM)
1 23.105.12.116 30633 (LEASEWEB-...)
1 2 63.251.28.230 26558 (FREEWHEEL)
9 96.46.186.182 7979 (SERVERS-COM)
1 1 3.209.177.222 14618 (AMAZON-AES)
1 1 184.25.47.188 16625 (AKAMAI-AS)
1 23.50.125.215 16625 (AKAMAI-AS)
1 1 34.200.65.202 14618 (AMAZON-AES)
2 2 34.225.177.85 14618 (AMAZON-AES)
1 1 8.2.110.134 46636 (NATCOWEB)
1 1 35.244.159.8 396982 (GOOGLE-CL...)
1 51.222.39.186 16276 (OVH)
1 1 68.67.161.182 29990 (ASN-APPNEX)
4 4 69.194.240.13 26120 (RHYTHMONE)
1 1 69.194.242.12 26120 (RHYTHMONE)
2 3 63.251.28.211 26558 (FREEWHEEL)
1 52.46.130.91 16509 (AMAZON-02)
1 44.221.33.54 14618 (AMAZON-AES)
1 34.36.214.49 396982 (GOOGLE-CL...)
2 69.194.240.11 26120 (RHYTHMONE)
1 45.55.126.71 14061 (DIGITALOC...)
1 69.173.151.96 26667 (RUBICONPR...)
1 96.46.186.15 ()
313 92
2    45.55.107.24 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
file.io
39    18.238.80.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-10.jfk52.r.cloudfront.net
www.file.io
4    185.93.1.251 (Chicago, United States)

ASN60068 (CDN77 _, GB)
PTR: 185-93-1-251.bunnyinfra.net
hb.vntsm.com
3    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
1    104.22.47.142 (None, )

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    151.101.193.194 (San Francisco, United States)

ASN54113 (FASTLY, US)
hb-vntsm-com.global.ssl.fastly.net
2    74.125.192.101 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f101.1e100.net
analytics.google.com
2    173.194.205.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f155.1e100.net
stats.g.doubleclick.net
5    216.239.38.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    104.18.23.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
3    108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    18.238.49.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-61.jfk52.r.cloudfront.net
cdn.exelator.com
1    54.229.120.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-120-84.eu-west-1.compute.amazonaws.com
p.cpx.to
3    192.184.67.70 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
8    173.194.175.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f157.1e100.net
securepubads.g.doubleclick.net
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
mydmp.exelator.com
1    108.138.106.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-59.jfk50.r.cloudfront.net
config.aps.amazon-adsystem.com
2    18.238.58.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-58-231.jfk52.r.cloudfront.net
aax.amazon-adsystem.com
3    23.207.2.36 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-2-36.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    104.22.52.173 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.199.40.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-40-84.compute-1.amazonaws.com
onsite-tag-logs.apps.nielsen.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    18.238.55.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-87.jfk52.r.cloudfront.net
secure-gl.imrworldwide.com
1    54.74.208.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-208-53.eu-west-1.compute.amazonaws.com
nmcsync.imrworldwide.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
2    172.67.75.241 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
6    108.128.131.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-131-144.eu-west-1.compute.amazonaws.com
track.venatusmedia.com
5    207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    172.64.144.78 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
3    147.28.146.89 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    135.148.2.48 (United States)

ASN16276 (OVH, FR)
PTR: ip48.ip-135-148-2.us
prg.smartadserver.com
4    34.235.214.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-214-237.compute-1.amazonaws.com
btlr.sharethrough.com
2    69.166.1.64 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
6    68.67.160.24 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
8    3.218.122.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-122-15.compute-1.amazonaws.com
tlx.3lift.com
1    35.80.197.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-197-229.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
3    104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    13.226.34.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-70.ewr53.r.cloudfront.net
rules.quantcount.com
11    209.85.232.113 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f113.1e100.net
fundingchoicesmessages.google.com
9    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
p.ad.gt
pixels.ad.gt
2    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    173.194.175.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f156.1e100.net
securepubads.g.doubleclick.net
6    173.194.66.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f154.1e100.net
pagead2.googlesyndication.com
1    172.217.197.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f132.1e100.net
35e1e44facb1dc778bd866c7884935d9.safeframe.googlesyndication.com
2    23.220.138.160 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-138-160.deploy.static.akamaitechnologies.com
tg1.aniview.com
play.aniview.com
1    23.212.251.211 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-251-211.deploy.static.akamaitechnologies.com
feed.avplayer.com
14    23.198.214.145 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-198-214-145.deploy.static.akamaitechnologies.com
player.avplayer.com
player.aniview.com
content1.avplayer.com
4    172.240.45.75 (United States)

ASN7979 (SERVERS-COM, US)
track4.aniview.com
4    173.194.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f132.1e100.net
tpc.googlesyndication.com
15    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
3    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    74.125.142.120 (United States)

ASN15169 (GOOGLE, US)
PTR: ie-in-f120.1e100.net
csi.gstatic.com
12    13.225.63.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-3.ewr53.r.cloudfront.net
ib.3lift.com
2    142.251.174.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f157.1e100.net
www.googleadservices.com
1    173.194.68.105 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f105.1e100.net
www.google.com
3    35.169.74.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-74-221.compute-1.amazonaws.com
ce.lijit.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
9    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    52.71.41.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-41-146.compute-1.amazonaws.com
match.prod.bidr.io
1    104.36.113.112 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
22    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    74.119.117.25 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
4    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
5    54.228.55.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-55-244.eu-west-1.compute.amazonaws.com
s.cpx.to
2    74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    23.220.136.208 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-136-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    147.75.195.77 (Parsippany, United States)

ASN54825 (PACKET, US)
sync.a-mo.net
1    23.220.136.194 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-136-194.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    52.34.45.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-45-222.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
3    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
6    209.85.232.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f156.1e100.net
cm.g.doubleclick.net
3    34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com
pixel-sync.sitescout.com
1    3.216.220.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-220-116.compute-1.amazonaws.com
sync.crwdcntrl.net
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    216.200.232.249 (Frederick, United States)

ASN6461 (ZAYO-6461, US)
sync.mathtag.com
1    54.147.209.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-209-196.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    34.235.229.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-229-79.compute-1.amazonaws.com
match.sharethrough.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.67.bidtellect.com
bttrack.com
3    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
2    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
10    44.239.184.8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-184-8.us-west-2.compute.amazonaws.com
ids.ad.gt
1    172.240.155.108 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
1    51.222.39.184 (Canada)

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net
onetag-sys.com
1    172.240.45.81 (United States)

ASN7979 (SERVERS-COM, US)
go1.aniview.com
1    23.105.12.116 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
2    63.251.28.230 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
9    96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
1    3.209.177.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-177-222.compute-1.amazonaws.com
ap.lijit.com
1    184.25.47.188 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-47-188.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    23.50.125.215 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-215.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    34.225.177.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-177-85.compute-1.amazonaws.com
ssp.disqus.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
1    68.67.161.182 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
4    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    69.194.242.12 (United States)

ASN26120 (RHYTHMONE, US)
ad.turn.com
3    63.251.28.211 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    44.221.33.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-221-33-54.compute-1.amazonaws.com
optimized-by.rubiconproject.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
2    69.194.240.11 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    45.55.126.71 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
ads.dxkulture.com
1    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    96.46.186.15 (None, )

ASN- ()
track1.avplayer.com
Apex Domain
Subdomains		 Transfer
46 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 646
ib.3lift.com — Cisco Umbrella Rank: 1720
eb2.3lift.com — Cisco Umbrella Rank: 452
80 KB
41 file.io
file.io — Cisco Umbrella Rank: 497098
www.file.io
944 KB
23 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 11444
track4.aniview.com — Cisco Umbrella Rank: 8083
player.aniview.com — Cisco Umbrella Rank: 1983
play.aniview.com — Cisco Umbrella Rank: 26732
go1.aniview.com — Cisco Umbrella Rank: 6114
sync.aniview.com — Cisco Umbrella Rank: 1950
s2s.aniview.com Failed
427 KB
17 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1806
a.ad.gt — Cisco Umbrella Rank: 2012
p.ad.gt — Cisco Umbrella Rank: 2224
ids.ad.gt — Cisco Umbrella Rank: 1764
pixels.ad.gt — Cisco Umbrella Rank: 2161
20 KB
17 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
cm.g.doubleclick.net — Cisco Umbrella Rank: 274
216 KB
16 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1098
id5-sync.com — Cisco Umbrella Rank: 570
45 KB
14 google.com
analytics.google.com — Cisco Umbrella Rank: 174
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
www.google.com — Cisco Umbrella Rank: 5
78 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
35e1e44facb1dc778bd866c7884935d9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
117 KB
11 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 3301
sync.go.sonobi.com — Cisco Umbrella Rank: 1211
10 KB
10 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 522
image6.pubmatic.com — Cisco Umbrella Rank: 1223
ads.pubmatic.com — Cisco Umbrella Rank: 621
image2.pubmatic.com — Cisco Umbrella Rank: 1054
6 KB
9 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 21786
player.avplayer.com — Cisco Umbrella Rank: 15634
content1.avplayer.com — Cisco Umbrella Rank: 23092
track1.avplayer.com
404 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 405
3 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 746
aax.amazon-adsystem.com — Cisco Umbrella Rank: 494
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
86 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 279
acdn.adnxs.com — Cisco Umbrella Rank: 632
secure.adnxs.com — Cisco Umbrella Rank: 527
8 KB
6 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 432
token.rubiconproject.com — Cisco Umbrella Rank: 511
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1311
eus.rubiconproject.com — Cisco Umbrella Rank: 648
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 7055
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1012
2 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 520
1 KB
6 criteo.com
dis.eu.criteo.com — Cisco Umbrella Rank: 10221
ads.us.criteo.com — Cisco Umbrella Rank: 3388
gum.criteo.com — Cisco Umbrella Rank: 493
1 KB
6 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1316
match.sharethrough.com — Cisco Umbrella Rank: 560
3 KB
6 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 5271
16 KB
6 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 35708
806 B
6 cpx.to
p.cpx.to — Cisco Umbrella Rank: 13973
s.cpx.to — Cisco Umbrella Rank: 11668
6 KB
5 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 678
2 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
23 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 830
pa.openx.net — Cisco Umbrella Rank: 4063
952 B
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1029
ap.lijit.com — Cisco Umbrella Rank: 842
2 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2105
ssbsync.smartadserver.com — Cisco Umbrella Rank: 811 Failed
17 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 784
sync.a-mo.net — Cisco Umbrella Rank: 1855
2 KB
4 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 37808
373 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1321
targeting.unrulymedia.com — Cisco Umbrella Rank: 836
764 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 523
2 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 659
3 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 759
1009 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 394
1 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 937
812 B
3 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1368
39 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1625
pixel.quantserve.com — Cisco Umbrella Rank: 1193
cms.quantserve.com — Cisco Umbrella Rank: 916
11 KB
3 exelator.com
cdn.exelator.com — Cisco Umbrella Rank: 57430
mydmp.exelator.com — Cisco Umbrella Rank: 41194
10 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
261 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1608
947 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 788
341 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 585
921 B
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1830
594 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 668
1 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4110
visitor.omnitagjs.com — Cisco Umbrella Rank: 812
500 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2773
24 KB
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1847
nmcsync.imrworldwide.com — Cisco Umbrella Rank: 12870
1 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 495
api.rlcdn.com Failed
823 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1374
104 B
2 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1738
48 KB
1 dxkulture.com
ads.dxkulture.com — Cisco Umbrella Rank: 6761
813 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1074
436 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 3341
623 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 471
413 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 2025
675 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1133
307 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 827
227 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1107
862 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 914
733 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 893
372 B
1 gstatic.com
csi.gstatic.com
234 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1607
1 KB
1 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 25748
8 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 986
395 B
1 nielsen.com
onsite-tag-logs.apps.nielsen.com — Cisco Umbrella Rank: 39197
264 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2074
12 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1092
898 B
1 fastly.net
hb-vntsm-com.global.ssl.fastly.net — Cisco Umbrella Rank: 58820
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 49282
662 B
0 yellowblue.io Failed
hb.yellowblue.io Failed
0 ymmobi.com Failed
gw-iad-bid.ymmobi.com Failed
0 dotomi.com Failed
proc.ad.cpe.dotomi.com Failed
313 72
Domain Requested by
39 www.file.io www.file.io
cadmus.script.ac
hb.vntsm.com
26 eb2.3lift.com www.file.io
cadmus.script.ac
15 id5-sync.com 8 redirects cadmus.script.ac
hb.vntsm.com
12 ib.3lift.com cadmus.script.ac
www.file.io
11 fundingchoicesmessages.google.com cadmus.script.ac
hb.vntsm.com
10 ids.ad.gt 1 redirects
9 sync.aniview.com www.file.io
9 sync.go.sonobi.com 3 redirects
9 match.adsrvr.org 6 redirects cadmus.script.ac
hb.vntsm.com
9 securepubads.g.doubleclick.net hb.vntsm.com
cadmus.script.ac
www.file.io
8 tlx.3lift.com hb.vntsm.com
www.file.io
7 player.aniview.com www.file.io
6 pixel.tapad.com 5 redirects
6 cm.g.doubleclick.net 4 redirects
6 pagead2.googlesyndication.com hb.vntsm.com
cadmus.script.ac
www.file.io
6 elb.the-ozone-project.com hb.vntsm.com
cadmus.script.ac
www.file.io
6 track.venatusmedia.com hb.vntsm.com
5 ads.stickyadstv.com 3 redirects www.file.io
cadmus.script.ac
5 s.cpx.to cadmus.script.ac
5 hbopenbid.pubmatic.com hb.vntsm.com
cadmus.script.ac
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.file.io
cadmus.script.ac
4 content1.avplayer.com
4 tpc.googlesyndication.com cadmus.script.ac
4 track4.aniview.com
4 ib.adnxs.com 1 redirects hb.vntsm.com
cadmus.script.ac
4 btlr.sharethrough.com hb.vntsm.com
4 hb.vntsm.com www.file.io
hb.vntsm.com
3 sync.1rx.io 3 redirects
3 secure.adnxs.com 3 redirects
3 u.openx.net 3 redirects
3 bh.contextweb.com 2 redirects
3 pixel-sync.sitescout.com 3 redirects
3 x.bidswitch.net 3 redirects
3 ads.us.criteo.com cadmus.script.ac
3 ce.lijit.com 3 redirects
3 lb.eu-1-id5-sync.com cadmus.script.ac
hb.vntsm.com
3 player.avplayer.com cadmus.script.ac
3 s.amazon-adsystem.com 1 redirects cadmus.script.ac
3 id.hadron.ad.gt hb.vntsm.com
3 prg.smartadserver.com hb.vntsm.com
3 prebid.a-mo.net hb.vntsm.com
www.file.io
3 secure.cdn.fastclick.net cadmus.script.ac
3 c.amazon-adsystem.com hb.vntsm.com
3 www.googletagmanager.com www.file.io
www.googletagmanager.com
cadmus.script.ac
2 targeting.unrulymedia.com cadmus.script.ac
2 ssp.disqus.com 2 redirects
2 onetag-sys.com www.file.io
2 image2.pubmatic.com 2 redirects
2 creativecdn.com 2 redirects
2 match.sharethrough.com
2 ads.pubmatic.com cadmus.script.ac
www.file.io
2 lexicon.33across.com 1 redirects
2 gum.criteo.com hb.vntsm.com
2 match.prod.bidr.io 2 redirects
2 www.googleadservices.com www.file.io
2 a.ad.gt cadmus.script.ac
hb.vntsm.com
2 apex.go.sonobi.com hb.vntsm.com
2 script.4dex.io cadmus.script.ac
2 idsync.rlcdn.com 2 redirects
2 aax.amazon-adsystem.com hb.vntsm.com
2 mydmp.exelator.com 1 redirects
2 i.clean.gg hb.vntsm.com
2 cadmus.script.ac hb.vntsm.com
cadmus.script.ac
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
cadmus.script.ac
2 file.io 1 redirects www.file.io
1 track1.avplayer.com player.avplayer.com
1 prebid-server.rubiconproject.com cadmus.script.ac
1 ads.dxkulture.com cadmus.script.ac
1 pa.openx.net www.file.io
1 optimized-by.rubiconproject.com cadmus.script.ac
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 cs.krushmedia.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 eus.rubiconproject.com www.file.io
1 secure-assets.rubiconproject.com 1 redirects
1 ap.lijit.com 1 redirects
1 go1.aniview.com hb.vntsm.com
1 play.aniview.com
1 pixels.ad.gt cadmus.script.ac
1 sync.colossusssp.com 1 redirects
1 token.rubiconproject.com 1 redirects
1 p.ad.gt cadmus.script.ac
1 pixel.rubiconproject.com 1 redirects
1 bttrack.com
1 ssbsync.smartadserver.com www.file.io
1 cms.quantserve.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.mathtag.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 visitor.omnitagjs.com cadmus.script.ac
1 acdn.adnxs.com cadmus.script.ac
1 sync.a-mo.net cadmus.script.ac
1 image6.pubmatic.com 1 redirects
1 dis.eu.criteo.com 1 redirects
1 www.google.com cadmus.script.ac
1 pixel.quantserve.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 feed.avplayer.com hb.vntsm.com
1 tg1.aniview.com cadmus.script.ac
1 35e1e44facb1dc778bd866c7884935d9.safeframe.googlesyndication.com cadmus.script.ac
1 rules.quantcount.com cadmus.script.ac
1 hb-api.omnitagjs.com hb.vntsm.com
1 cdn.edkt.io cadmus.script.ac
1 analytics.twitter.com
1 nmcsync.imrworldwide.com
1 secure-gl.imrworldwide.com
1 onsite-tag-logs.apps.nielsen.com cdn.exelator.com
1 cdn.id5-sync.com cadmus.script.ac
1 cdn.hadronid.net cadmus.script.ac
1 config.aps.amazon-adsystem.com cadmus.script.ac
1 secure.quantserve.com hb.vntsm.com
1 p.cpx.to hb.vntsm.com
1 cdn.exelator.com hb.vntsm.com
1 ad-delivery.net hb.vntsm.com
1 hb-vntsm-com.global.ssl.fastly.net hb.vntsm.com
1 hb.vntsm.io hb.vntsm.com
0 hb.yellowblue.io Failed cadmus.script.ac
0 s2s.aniview.com Failed cadmus.script.ac
0 gw-iad-bid.ymmobi.com Failed
0 api.rlcdn.com Failed hb.vntsm.com
0 proc.ad.cpe.dotomi.com Failed hb.vntsm.com
313 124
Subject Issuer Validity Valid
*.file.io
Amazon RSA 2048 M02		 2023-12-26 -
2025-01-23		 a year crt.sh
*.vntsm.com
R10		 2024-06-18 -
2024-09-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-07 -
2024-08-06		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-09 -
2024-12-10		 a year crt.sh
file.io
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
script.ac
E6		 2024-06-23 -
2024-09-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
cdn.exelator.com
Amazon RSA 2048 M02		 2023-10-09 -
2024-11-04		 a year crt.sh
p.cpx.to
Amazon RSA 2048 M03		 2024-04-24 -
2025-05-23		 a year crt.sh
quantserve.com
R10		 2024-06-24 -
2024-09-22		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2024-05-06 -
2024-08-04		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2024-05-29 -
2024-08-27		 3 months crt.sh
id5-sync.com
E1		 2024-06-04 -
2024-09-02		 3 months crt.sh
onsite-tag-logs.apps.nielsen.com
Amazon RSA 2048 M02		 2024-03-09 -
2025-04-07		 a year crt.sh
*.imrworldwide.com
Amazon RSA 2048 M03		 2024-06-05 -
2025-07-04		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
edkt.io
GTS CA 1D4		 2024-06-06 -
2024-09-04		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.venatusmedia.com
Amazon RSA 2048 M02		 2023-12-25 -
2025-01-22		 a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-19 -
2025-04-19		 a year crt.sh
the-ozone-project.com
WE1		 2024-06-18 -
2024-09-16		 3 months crt.sh
*.a-mo.net
R3		 2024-05-05 -
2024-08-03		 3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-08-02 -
2024-08-13		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-10		 a year crt.sh
*.omnitagjs.com
Amazon RSA 2048 M02		 2024-03-18 -
2025-04-17		 a year crt.sh
id.hadron.ad.gt
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
a.ad.gt
E6		 2024-06-09 -
2024-09-07		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-11 -
2024-09-11		 a year crt.sh
outstreamedia.com
R3		 2024-05-28 -
2024-08-26		 3 months crt.sh
*.avplayer.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-16 -
2024-10-15		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.id5-sync.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.googleadservices.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-25 -
2024-08-24		 3 months crt.sh
s.cpx.to
Amazon RSA 2048 M02		 2024-04-24 -
2025-05-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-01 -
2025-04-01		 a year crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.ad.gt
Amazon RSA 2048 M02		 2024-03-10 -
2025-04-08		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
pixels.ad.gt
E1		 2024-05-10 -
2024-08-08		 3 months crt.sh
*.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-09 -
2025-02-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-07 -
2025-04-03		 a year crt.sh
pa.openx.net
WR3		 2024-05-26 -
2024-08-24		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-30 -
2025-05-31		 a year crt.sh
ads.dxkulture.com
R3		 2024-05-26 -
2024-08-24		 3 months crt.sh
track1.avplayer.com
ZeroSSL RSA Domain Secure Site CA		 2024-04-11 -
2024-07-10		 3 months crt.sh

This page contains 42 frames:

Primary Page: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Frame ID: 95AEE9B3CEA59D150FE3B15C6E23DDDA
Requests: 228 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 335CCACF57787DDF17D38056359A9B86
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_pm-db5_n-Ogury_rbd_rx_snb_smrt_n-Rise_3lift_n-Outbrain&dcc=t
Frame ID: 61F66359F9AACEEB96417BDF6F0ABC48
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: E0A3FA9171E471780DC27E4440FC17DB
Requests: 1 HTTP requests in this frame

Frame: https://35e1e44facb1dc778bd866c7884935d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 373885D9848D6FF2793897CFD82562DC
Requests: 1 HTTP requests in this frame

Frame: https://ib.3lift.com/ttj?inv_code=venatusmedia_RON_HDX_PrebidServer
Frame ID: CC60FAC0BEAEB069AE098C1EE61A3DFE
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS1_8NARu73b5zZSZfq4cR6aNQ7xX-DcPQuIOIHjDr0o-yzhy_1cHuirnP3-jn5xjd-OuyHcMBV5D-AT3A_v9wHcRlF9zNAaKM_1zykM16Tbyc9tR-T3bJkpV8Y0kn_3-DAMapLQ_m5cnVxDdbtVGnqa2wqmJ8ZHW-DLvLzYhl6uMPYkqsVc456fJfIvPnxhwrCqrfZcjLBxlbVg7in8hSBFzYztUWkRrBJ9JLhlpgWLM2SMC51XQiQJva3fsAdqfqS-MhvCB39DA15S7PY8hsoMjjLP2AQWJkWXeOOovBzMdmTMYrW-81DdXR-K_U7qOpcAq3vQR7_XzBv0ziHAsGUzNnQuSsZ8RiSM9nHSsSwVOuMUqYAWQB2THPQ9d2b1Qc8BwDjLcu_rgoxbR8r1aUtDkckFtRiiZ4NQOreVYT7sn6bYL_CtV7NOc&sai=AMfl-YSpzpEOBjmBmM4MOSekK5qZd30QPWOPXGq3Zt2xCszaWoHnVFP6SV2N_WkooOlnnBUC0135iPsV8F7u9Sk3E28qGjbX25GcD2jw3o9wFVJNV574n38D_aHibFpHfzPFQltGcrp5wyZENgTwI83LRtX5-Ah90UKG43jkCmQZGdPR4SOV&sig=Cg0ArKJSzPlutF7I0_6_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 4E603BEF921B84835955C9013F219F27
Requests: 5 HTTP requests in this frame

Frame: https://ib.3lift.com/ttj?inv_code=venatusmedia_RON_HDX_PrebidServer
Frame ID: FEA08EE1454C52BB01EADE009699159B
Requests: 6 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 816FA24CF300F8EEC0255B99CCC53C9E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C926240460F7D8504E72858AA1DCC72
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7184F6FF3915F565429A01F5A62CF8A1
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=AAABkGtJAsInPOg57gWSGPupeM7JpmS0SUQGbQ==&u=%7CFv7Snq6q1BZZfq2ZQ%2F0iz%2FQBxVWsbRNvv9cILcDo6k0%3D%7C&c1=mOd7Dh6zPV9mKlrlwmXIuWz5gKrlWe7tvP-K7M0GMKT2iFkJPUoPzd1ms0khpy4P0CFpQ2Sc-wAAIfq80rf-ZFXUh0qCYYxv08NR_dtC2HEoF19O6K9sx1ZuazZMETgm13Pz4e9mZJgTUlB1F3te3wvp_sLt6YT8pBW3-RKQjByssVi2u-kW-YfJU0bzHQfcp75hH1IXoJcZw9X_HFsYKKo5w-CprfTf19JVREwnifLc6m9EkrGRw6MkofRdxuIRvfr4j8EBvJBls6nAvdO8HNKowaWgsx2VTX4yPbGHReg8sy_4ru739ExUOT3L6dno8XV2WIumleT5H8OKXqdzpmwK2_MTVq_BmYft9UWd_TdS_pRhKRlMoAJ36EaiEX6IeAkmNFyc0LVO2DBQDHYXMEZgUVIyd5xALhfkxQVS2fDQz_kjA_j2B_GFYKj7j5SjqQ8NVHJ7h5-QkkclKot6C2JlYBuP_mJjtZ4kXLqerbY5K_7O_pmEhEa0grSw3sJaOnvlSivvFwGTKvrOalYCdFw-HAM5PX_B9lEIxazurkK5utyLMNnXaaCOy6BV6LGd_Dq_TYFsFq6Yw2J9GBM7ROZoi5yMiZJi1ky0v7z7t7jMK3RCkp29VYdBrh5aF3U42p7UpbPYHG35_BqBpxb_VrmtF-nDZ5b0uTBiqoEvb5U&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dvenatusmedia_RON_HDX_PrebidServer%26aid%3D39363111554813127848211%26rev%3Dcde9106%26pr%3D3.612%26bc%3DAAABkGtJAsInPOg57gWSGPupeM7JpmS0SUQGbQ%253D%253D%26bmid%3D2711%26biid%3D7907%26sid%3D64%26brid%3D1665%26adid%3D11388540%26crid%3D195298407%26ts%3D1719786865%26bcud%3D4200%26ss%3D20%26dmp_ids%3DCi5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%253D%253D%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D73363%26rdir%3D
Frame ID: CA1540AF29CF4EA8C0D8C036F2E08A95
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&gdpr=false&gpp_sid=-1&cb=67177
Frame ID: 0372DE90AD05572289A316A948D59754
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=AAABkGtJAsJ1XsXUWWGpK_CkiG0hBIQ5nCzYrw==&u=%7CFv7Snq6q1BZZfq2ZQ%2F0iz%2FQBxVWsbRNvv9cILcDo6k0%3D%7C&c1=mOd7Dh6zPV9mKlrlwmXIuWz5gKrlWe7tvP-K7M0GMKT2iFkJPUoPzd1ms0khpy4P0CFpQ2Sc-wAAIfq80rf-ZFXUh0qCYYxv08NR_dtC2HFH1OcpRgnWWOubCjYo8Lzp4J5_VoRbAUwc3sI4F6Sx27GTfFOldhBZdIkQk9KbNsXcNtG8zMtD-YDKdw2n5ecALADZDRsL7whuKuvb8k78hL3XUIatOIHzm_22BfqjxCJIK1DUXYx8xT5rmnnX9JjaJ0ZrZUx21RCVZk1vGVa6uYk24vQ2lBmonNcChEleWp_SXLH7sAK7GN4C6PJtnWC6jo6TLkKlV1__ENBm86eyY60IZfDy2dSPoJgISPiMQENa9V-d2Cpr9cVQMlLnRfQMzNir7L_d-xCB8Igz7kZaeD9AzEfgr_klX5tsgpSx8WWrORiPtIWYalH_94qLMChSLLSNxs5Kzppd_oOaFP8OWTaeQvYxSVZgqQeg0hyhqxcRILRwwjq-wLb72tz6jCkAsZ2euMdjSX7lmw3VN8dHgO9DNaU-nH9FMavtw4JRljZiCqcYL__AzBGPI6v-DmL0uXS7BffLWoPPSiA-bQ6FHw4bONNjdSDI-eYMKKySHzR1EbIrEORbYAV_k_wkebcEVBtLDvza0166PXRwIY0XSrFOhCUapM4T34PssPnUoG8&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dvenatusmedia_RON_HDX_PrebidServer%26aid%3D39363111554813127848210%26rev%3Dcde9106%26pr%3D3.612%26bc%3DAAABkGtJAsJ1XsXUWWGpK_CkiG0hBIQ5nCzYrw%253D%253D%26bmid%3D2711%26biid%3D7907%26sid%3D64%26brid%3D1665%26adid%3D11388540%26crid%3D195298407%26ts%3D1719786865%26bcud%3D4200%26ss%3D20%26dmp_ids%3DCi5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%253D%253D%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D50412%26rdir%3D
Frame ID: 1C97E8D5D0F472B4CDDD1A61834E65E2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&gdpr=false&gpp_sid=-1&cb=78506
Frame ID: 0C39B8867D74765DEBB9BC219392A26D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIDTq8zHw9AJMhfwXMbPfaRsAE8orXYOrXG3KlmDomw1NEaG30zVhSuNnFBj-QffqlvL9ianqMU_ueX7F6CD9ZJHveVzJhuLxt0UNbQ59RSk5orEJPI9kZNcw8Jj44B4rN_KOtb0DITVZEImzpvowHTrqlLV5Y3RO0Rt0qkfxReC2nr-78RlBiGW8QXBtt4KlJF9OQ4pjhQoKbJi3CAeWTsEV0yvivf_zWZ1vlMZfPoXdGAc0CNnQFgnebOzMa_GmftWy_sEX-ftERUWBJ67KPRH8KHXiF-y_h5Z5iJma6dW8A3zWFqMe5gei72vDeMuF_ZL8t-mKKQGq3GWmZZAXKxHEGGLMW8fwnMOBVhiKh6XVXzmtqka_DSSMKElR3-TBpYaXzo2T5pOye2itmX1DH_-GWsYpO7VnCMw4eRjEiyLE8oGQxYOAlteY&sai=AMfl-YTEsXgXPiwictFIEDyDUlAvyaaLEk4I2nY7W4xXles8VXG5Yz1_jnwiqTPizsORKFjr5La-9p3-7-K92vCqkBwUiZKr4Py0Dr5XPruZp1HuWJNZ7rZke26xJ3oHkIlr1naErex78j5Swm5vVbbSDlmeRqCE4zQiUUHigFEVckVuKu4Sg--KXjXgZcclJWtFRdfWC07bAVZQQGfSyZuyF_dSgnzJ8VGDdR7WZTxyzNIxwDA&sig=Cg0ArKJSzFNg8MQHE4evEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 165D36490E8A95E9CAE78E559590CFD7
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 7DE5D36C023722A3139BB496F60A02C9
Requests: 1 HTTP requests in this frame

Frame: https://ib.3lift.com/ttj?inv_code=venatusmedia_RON_HDX_PrebidServer
Frame ID: 2E64E56354D9B33931D6BDCA52A976EE
Requests: 6 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=AAABkGtJBJJi3BR40P7WVjLGphUY_uuacpRowA==&u=%7CFv7Snq6q1BZZfq2ZQ%2F0iz%2FQBxVWsbRNvv9cILcDo6k0%3D%7C&c1=mOd7Dh6zPV9mKlrlwmXIua1g3rBCPs9d9REyMlMVKNiOz8HOlEeHsJ6iinoKMhc8o2wjeGJ2lAIk3kCebAqrOtXxc5j0ut4AxU1H0qOKYDfbMRwHRH6WNP4dqy--PhrxT9l-vVYFyfh8YoyWMa3TemT14jl5rO3m_QVHskHJyY4S6LcPpnkIbqwxlAlbESru4KOScNz-lLfIiB2ZDJbTpMXtQFAhBElvQJrC4oH1wMXqCjfYGOys89nbfblYuujRCnMPjNgf40OJL0g3hwRvA9fVGCSZUDc5WYoDMPNYpCHujUSVShlaDJyD8mxQr5xxvYIwoWgyUYbnQwTpWZDpzV7KIMyUtXPw9AhnT_lHMwbC2AjImtGPRAXEXoUjaIoSNnTdjLITGbsdZbZXEUa5CQZ-aX_nunSJKFowUnryPIGtobrYVMxGFJ689mpkbg2kmlDd5d5FbR6SZucYzdMBS_3rJYdaaDzz7xO6puQbC-dPCEiJS1of4e57OlvTtuMyJegevDSuiCil8dro4fjIAt7b4Puf8nXxTEkiRGI0JP8CYg4tQ97KYXiI86ZDXrWZYgkMHf3N5F-SLXbOoBIGq21S-E_pJpZ8iUXTz8sgsj-eB4gkpqSn7iO7SmGBQBzh6tCSfFHRAhfRTD20vfAxB3ySaaHET4972aSNC3ishJ0&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dvenatusmedia_RON_HDX_PrebidServer%26aid%3D9529085240870157859950%26rev%3Dcde9106%26pr%3D1.917%26bc%3DAAABkGtJBJJi3BR40P7WVjLGphUY_uuacpRowA%253D%253D%26bmid%3D2711%26biid%3D7907%26sid%3D64%26brid%3D1665%26adid%3D11388540%26crid%3D195298407%26ts%3D1719786865%26bcud%3D2230%26ss%3D20%26dmp_ids%3DCi5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%253D%253D%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D24923%26rdir%3D
Frame ID: 30FCF7011809011132465F1507B52EF1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&gdpr=false&gpp_sid=-1&cb=11559
Frame ID: 912424DB62B3370C76A361D7BC08EDAB
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 6F203DC0FB894D32920FA8BE402B9272
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 713E04D9976C7A0690E374B4BAD914CA
Requests: 1 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=Ct8BSgt3d3cuZmlsZS5pb1ILYWFzLTY0Y2RkNzNaCHBiYTEuMy40agt3d3cuZmlsZS5pb_oBBjguMzguMOgCAYgD8bqHtAaoAz7qAyRjNDA0M2Y4Yi0wMGM0LTQ4MzAtYjQ1Ni1mOTFhMjc1MWUwNDaiBC5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4qgQDRENIsgUDVVNE6gUHZGVza3RvcPoFBGRjMTPABgDIBgGqBwN3ZWLKBwdmaWxlLmlv4AcBgggHZmlsZS5pbw
Frame ID: 1B5D730D1E017C814A9285824FE3AE49
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=242bc6b7-e220-4a8e-b275-d36c9fc2c508&publisherId=OZONEVEN0005&siteId=3500000651&cb=1719786865383&bidder=ozone
Frame ID: 0D49A9E4B9A833A63CF44EA4CD1D1D40
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7504EF03C7F94BAC3FD5DB151704B486
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Frame ID: FF75A68693D18309BA29F08A29C55A41
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Frame ID: 9F4F9C2734267B23CA2303C68006DCF2
Requests: 19 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Frame ID: 04E9BBB9142CD9CC8E3C4B3DDA136FD1
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=da751615b4715f17816d2e59386e1aed&gpp_sid=&gpp=&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: 7E9EEB109D7CAF693094CC76F4948F1B
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: C3F67DDBBEFADB2AD483E941AC1A1366
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D1%26key%3D
Frame ID: 41723B7E847C9EF03CCDEA1E2949D1C7
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=18&key=I6kKARZHnh-KrvfWTt2ZrUAe
Frame ID: D8D43EFDB148387DACA255E54F5EB963
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 5344180A9EC6685F12856A64A85FDB30
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-mKum5U9E2uJbZ8aArjBVG4Z4qRi16WgR~A&gdpr_in_effect=0
Frame ID: 0F77FAC1ACE1939FCF5C756B72693632
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZmU0MDNhYS04MDYxLTNiOWYtYmE4Zi04MTM2YWUwYTljYzIqlwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZHBvaW50P2F1aWQ9MTcxOTc4Njg4NDg4Ni0xNzIwMzAwNjcxMDgtMDAwMTUzLTAwMC0wMDQ1NTMmYmlkZGVybmFtZT01MiZrZXk9dWEtYmZlNDAzYWEtODA2MS0zYjlmLWJhOGYtODEzNmFlMGE5Y2MyMgISBjgC%26buyeruid%3D
Frame ID: 5FCB69C6124298DE12955934632861D5
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=62&key=47cb07ec-ef0a-5e29-b3a1-d757104e61bf
Frame ID: 5A6ECF726B7CE6E08D50EFDA50247F7D
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=215&auid=1719786884886-172030067108-000153-000-004553&gdpr=0&gdpr_consent=&ccpa=1---&key=808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553
Frame ID: 54D4FDD40F314811C7848085BE66DDF8
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=23&key=99b53b30-af15-4978-902a-2a80167b294f
Frame ID: BFE738AE397F1E7163740BC8F6973B33
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: AD1D5125FBDD852631FF7338B7ECDD7E
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=55&key=5167546006793024041
Frame ID: 8EAF352651CC9866EAE4EC60BDA2C2FD
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=200&key=RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005
Frame ID: CD05780D2F7341517AF7F44FFF8D931B
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 5818E81A7D109C00CD1DA756575C14E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download | file.io

Page URL History Show full URLs

  1. http://file.io/vsSiRq5nSWrx HTTP 307
    https://file.io/vsSiRq5nSWrx HTTP 302
    https://www.file.io/kNQn/download/vsSiRq5nSWrx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

313
Requests

88 %
HTTPS

0 %
IPv6

72
Domains

124
Subdomains

92
IPs

7
Countries

3282 kB
Transfer

13068 kB
Size

313
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://file.io/vsSiRq5nSWrx HTTP 307
    https://file.io/vsSiRq5nSWrx HTTP 302
    https://www.file.io/kNQn/download/vsSiRq5nSWrx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d HTTP 307
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
Request Chain 55
  • https://idsync.rlcdn.com/397416.gif?partner_uid=7c4e7b7609effd026b2016d727a03134 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=COigGBIrCicIARDaFRogN2M0ZTdiNzYwOWVmZmQwMjZiMjAxNmQ3MjdhMDMxMzQQABoNCPG6h7QGEgUI6AcQAEIASgA HTTP 307
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008jCTVVoh0fN2x5rEVI3GJ_BEIj2NcZrPe3uCXDph33hg
Request Chain 85
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_pm-db5_n-Ogury_rbd_rx_snb_smrt_n-Rise_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_pm-db5_n-Ogury_rbd_rx_snb_smrt_n-Rise_3lift_n-Outbrain&dcc=t
Request Chain 135
  • https://id5-sync.com/i/258/8.gif?o=api&id5id=ID5*jxhypmXRnkwQvqD03XNiFC5Fd22CrrnE-TTYs2d0AFSsk14CUJyqfqWDhhcFcSnV&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=4b61e104-667d-4651-90cf-d90331841c7e&ttl=%%TTL%% HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=4b61e104-667d-4651-90cf-d90331841c7e&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F1245%2F6%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=4b61e104-667d-4651-90cf-d90331841c7e&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F1245%2F6%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP 302
  • https://id5-sync.com/c/258/1245/6/3.gif?puid=I6kKARZHnh-KrvfWTt2ZrUAe&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/258/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/258/2/5/4.gif?puid=5167546006793024041&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F203%2F4%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/258/203/4/5.gif?puid=5659a91b-4893-4052-8e4b-9033aca7df97&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/258/434/3/6.gif?puid=4071189e-3a8f-4452-a438-7ba74a6daf36&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAS_eE7NA7sAABPrfasd9Q&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/258/429/1/8.gif?puid=6BD50DD9-CA19-4183-ADFE-249F4E5428CF&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5167546006793024041&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F1246%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/258/1246/0/9.gif?puid=I6kKARZHnh-KrvfWTt2ZrUAe&gdpr=0&gdpr_consent=
Request Chain 204
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=8.38.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=8.38.0&coppa=0&b=1&g=gQJgHVs3yYlumMrYytNwRmWZoS8NJfVAZKOkFbhYXUw%3D
Request Chain 216
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=b8a4102d-9c60-4f84-b8b7-370dd00c0149&google_hm=YjhhNDEwMmQtOWM2MC00Zjg0LWI4YjctMzcwZGQwMGMwMTQ5&gdpr_consent=&gdpr=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB9b_c-tF3UI10qQO6VX_sE&google_cver=1&ssp=sonobi&bsw_param=b8a4102d-9c60-4f84-b8b7-370dd00c0149&gdpr_consent=&gdpr=0 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=b8a4102d-9c60-4f84-b8b7-370dd00c0149&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 217
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553%26partner_url%3Dhttps%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dbs%2526nuid%253D5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553&gdpr=0&gdpr_consent=
Request Chain 218
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907238879410232
Request Chain 219
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=if&nuid=77b36681-dd77-4300-83b5-9a5fcf6194d3
Request Chain 220
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=VD1qssKFVsF4nEwfqpQz9orHC3I
Request Chain 221
  • https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=nuAFk8yyCpCF4AiRzbUQwMq3WcCF4wXGzec3C7Ed
Request Chain 223
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=4b61e104-667d-4651-90cf-d90331841c7e&gdpr=0&gdpr_consent=
Request Chain 224
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=hbDjNKd6WcpVc3W83Br5KsK7hQWTjn6eL0mSjKoVO7U&pi=sonobi&tc=1
Request Chain 226
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=4071189e-3a8f-4452-a438-7ba74a6daf36&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=U2N4dElKT21Zb1dtZ0tsTlZ0cmlhZw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESELxT9POFQ4UXtc7mDIl18EU&google_cver=1
Request Chain 227
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=4b61e104-667d-4651-90cf-d90331841c7e&pubid=116da9d98c HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=4071189e-3a8f-4452-a438-7ba74a6daf36 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=4071189e-3a8f-4452-a438-7ba74a6daf36 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=19f61bb4-b019-43aa-8c98-1ee7f72bf108%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4b61e104-667d-4651-90cf-d90331841c7e&ttd_puid=19f61bb4-b019-43aa-8c98-1ee7f72bf108%2C%2C
Request Chain 236
  • https://pixel.rubiconproject.com/token?pid=34010&customParamenters HTTP 302
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LY24P6VR-24-5ML&customParamenters=
Request Chain 237
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
  • https://s.cpx.to/sync?dsp_uid=CAESEH3eEmdqjUVI6dVjx2w_saE&dsp=dbm&google_cver=1
Request Chain 238
  • https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.cpx.to/sync?dsp=OPENX&dsp_uid=850a8f89-9b8c-416b-a7df-673193ba1fff
Request Chain 239
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=6BD50DD9-CA19-4183-ADFE-249F4E5428CF
Request Chain 243
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&adnxs_id=$UID&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&adnxs_id=5167546006793024041&gdpr=0
Request Chain 244
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001719786873-6XXAS4HK-CWM6&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=4b61e104-667d-4651-90cf-d90331841c7e&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
Request Chain 245
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001719786873-6XXAS4HK-CWM6 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=6BD50DD9-CA19-4183-ADFE-249F4E5428CF&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
Request Chain 246
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001719786873-6XXAS4HK-CWM6&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&rub=LY24P6VR-24-5ML&gdpr=0
Request Chain 247
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001719786873-6XXAS4HK-CWM6&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001719786873-6XXAS4HK-CWM6%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D19f61bb4-b019-43aa-8c98-1ee7f72bf108%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001719786873-6XXAS4HK-CWM6%252526tapad_id%25253D19f61bb4-b019-43aa-8c98-1ee7f72bf108%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5167546006793024041&pt=19f61bb4-b019-43aa-8c98-1ee7f72bf108%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001719786873-6XXAS4HK-CWM6%2526tapad_id%253D19f61bb4-b019-43aa-8c98-1ee7f72bf108%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&tapad_id=19f61bb4-b019-43aa-8c98-1ee7f72bf108
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001719786873-6XXAS4HK-CWM6 HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&google_gid=CAESECv82JKrL0-zOnyH3y4REUo&google_cver=1&google_ula=450542624,0
Request Chain 249
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001719786873-6XXAS4HK-CWM6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxOTc4Njg3My02WFhBUzRISy1DV002
Request Chain 250
  • https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001719786873-6XXAS4HK-CWM6&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001719786873-6XXAS4HK-CWM6 HTTP 302
  • https://ids.ad.gt/api/v1/colossus?cls_id=7f914aaa-9f97-4ffe-bff0-bf0ba1290bb3&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
Request Chain 252
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001719786873-6XXAS4HK-CWM6 HTTP 302
  • https://ids.ad.gt/api/v1/ppnt_match?uid=jtMniw1bYGBh&ev=1&pid=562316&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
Request Chain 271
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=0&_fw_gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=da751615b4715f17816d2e59386e1aed&gpp_sid=&gpp=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 274
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D18%26key%3D%24UID HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=18&key=I6kKARZHnh-KrvfWTt2ZrUAe
Request Chain 275
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 276
  • https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-mKum5U9E2uJbZ8aArjBVG4Z4qRi16WgR~A&gdpr_in_effect=0
Request Chain 277
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D52%26key%3DBUYERUID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZmU0MDNhYS04MDYxLTNiOWYtYmE4Zi04MTM2YWUwYTljYzIqlwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZHBvaW50P2F1aWQ9MTcxOTc4Njg4NDg4Ni0xNzIwMzAwNjcxMDgtMDAwMTUzLTAwMC0wMDQ1NTMmYmlkZGVybmFtZT01MiZrZXk9dWEtYmZlNDAzYWEtODA2MS0zYjlmLWJhOGYtODEzNmFlMGE5Y2MyMgISBjgB HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=4071189e-3a8f-4452-a438-7ba74a6daf36&r=Cid1YS1iZmU0MDNhYS04MDYxLTNiOWYtYmE4Zi04MTM2YWUwYTljYzIqlwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZHBvaW50P2F1aWQ9MTcxOTc4Njg4NDg4Ni0xNzIwMzAwNjcxMDgtMDAwMTUzLTAwMC0wMDQ1NTMmYmlkZGVybmFtZT01MiZrZXk9dWEtYmZlNDAzYWEtODA2MS0zYjlmLWJhOGYtODEzNmFlMGE5Y2MyMgISBjgB HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZmU0MDNhYS04MDYxLTNiOWYtYmE4Zi04MTM2YWUwYTljYzIqlwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZHBvaW50P2F1aWQ9MTcxOTc4Njg4NDg4Ni0xNzIwMzAwNjcxMDgtMDAwMTUzLTAwMC0wMDQ1NTMmYmlkZGVybmFtZT01MiZrZXk9dWEtYmZlNDAzYWEtODA2MS0zYjlmLWJhOGYtODEzNmFlMGE5Y2MyMgISBjgC%26buyeruid%3D
Request Chain 278
  • https://cs.krushmedia.com/c517e991b368016fcb5125d653c3e1e6.gif?puid=1719786884886-172030067108-000153-000-004553&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D62%26key%3D%5BUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=62&key=47cb07ec-ef0a-5e29-b3a1-d757104e61bf
Request Chain 279
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=136&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fbiddername%3D215%26auid%3D1719786884886-172030067108-000153-000-004553%26gdpr%3D0%26gdpr_consent%3D%26ccpa%3D1---%26key%3D%7BuserId%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=215&auid=1719786884886-172030067108-000153-000-004553&gdpr=0&gdpr_consent=&ccpa=1---&key=808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553
Request Chain 280
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D23%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=23&key=99b53b30-af15-4978-902a-2a80167b294f
Request Chain 282
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=55&key=5167546006793024041
Request Chain 283
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D200%26key%3D%5BRX_UUID%5D&cb=1719786886581 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8114487691 HTTP 302
  • https://sync.1rx.io/usersync/turn/4420355986258896720?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D200%26key%3DRX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=200&key=RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005
Request Chain 284
  • https://x.bidswitch.net/sync?ssp=themediagrid&user_id=1719786884886-172030067108-000153-000-004553&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=1---&bidswitch_ssp_id=themediagrid&bsw_custom_parameter=b8a4102d-9c60-4f84-b8b7-370dd00c0149&callback=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D257
Request Chain 285
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=24&pid=59c9148628a0612da3689288&key=b8a4102d-9c60-4f84-b8b7-370dd00c0149
Request Chain 286
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGE3NTE2MTViNDcxNWYxNzgxNmQyZTU5Mzg2ZTFhZWQ=&gdpr=&gdpr_consent=
Request Chain 287
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=da751615b4715f17816d2e59386e1aed&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ume36ef_7388117423431298763&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=null&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=4b61e104-667d-4651-90cf-d90331841c7e&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAS_eE7NA7sAABPrfasd9Q&dataProviderId=817&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZGE3NTE2MTViNDcxNWYxNzgxNmQyZTU5Mzg2ZTFhZWQ=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEElyvBW59ttvZgcVim5I8Oc&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/da751615b4715f17816d2e59386e1aed?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-won5IZBE2oP_kDd7YghSqzSozRVTq9GiPnAA9kAW~A HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=vMkTlLzJ1So37R5
Request Chain 288
  • https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=da751615b4715f17816d2e59386e1aed&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=

313 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request vsSiRq5nSWrx
www.file.io/kNQn/download/
Redirect Chain
  • http://file.io/vsSiRq5nSWrx
  • https://file.io/vsSiRq5nSWrx
  • https://www.file.io/kNQn/download/vsSiRq5nSWrx
373 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93a57aba9610c7dbf929c7978f9529890c32c01982d90ae75c6445c9a3e0fa58

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0, s-maxage=86400
content-encoding
br
content-type
text/html
date
Sun, 30 Jun 2024 22:34:25 GMT
etag
W/"b14b83ba0436ba886b73df37bb6eab3e"
last-modified
Tue, 21 Nov 2023 16:38:09 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-cf-id
Hkt7LxFEFuDW4sc_Jl5s_4Zf8j1MbGF-x06A8NShVvM0miJNjihTsA==
x-amz-cf-pop
JFK52-P5
x-amz-id-2
SRWYNqfzPZ4NINnFQLumkEJ5gHMiomzD9/Xm4iX7dvbAJOA3jwtgCTwZHdkMFkDYAaCrxVhIm2vEyjBzlvDlCdqkwdHa1nRR/P2ZdrqnPn0=
x-amz-request-id
5TA59F7RW8GWTWPN
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

Access-Control-Allow-Headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,PATCH,DELETE
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
Connection
keep-alive
Content-Length
136
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Jun 2024 22:34:23 GMT
Location
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Retry-After
1
Strict-Transport-Security
max-age=15724800; includeSubDomains
Vary
Accept
X-RateLimit-Limit
1
X-RateLimit-Remaining
7
X-RateLimit-Reset
2024-06-30T22:34:24.850Z
ad-manager.min.js
hb.vntsm.com/v3/live/ 		143 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.1.251 Chicago, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
185-93-1-251.bunnyinfra.net
Software
BunnyCDN-IL1-1029 /
Resource Hash
862831ec6ae883ff7d7ca6d9a0ab56daf485c4a01612b964feae4a0d85b9e9a0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
content-encoding
br
cdn-edgestorageid
941
x-amz-server-side-encryption
AES256
cdn-cachedat
06/27/2024 16:53:05
cdn-pullzone
131999
last-modified
Thu, 27 Jun 2024 13:41:14 GMT
server
BunnyCDN-IL1-1029
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"44372ace6f6270034664b63ca91ba4ab"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
a8cd63c28e5d31d1a8fd4202dc38b392
cdn-requestcountrycode
US
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		285 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7437ba35f0e3dae66bc90e8393f5ed55c5d04ec0cd0b743b26fa1d32a92ad857
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99847
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Jun 2024 22:34:24 GMT
app-ce1c3df6a1080a0c9f36.js
www.file.io/ 		759 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26501a1ea54927eb684a57374525d72bb7112e5036a8f73dfb9890a34fb08871

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Dec 2023 10:34:14 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
44VA4BJG4CSTX095
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
16027211
x-cache
Hit from cloudfront
x-amz-id-2
abGnmd0I1VhPWTDT48bU604G4Lx/NJN31iN42sOWkgXdbzZenSQRIDJiZNRGa/zgNDvFNgQr0Q8=
last-modified
Tue, 21 Nov 2023 16:38:06 GMT
server
AmazonS3
etag
W/"ee554025a765570fd938eaf7853e81ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
PGx2CyUcVN370T6H7zhFKoputD6PXk8pUwm8s_r5tpFrK9wFMweItA==
0eceb729-3d23d92b83ca9772b679.js
www.file.io/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/0eceb729-3d23d92b83ca9772b679.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
618f84de04f8a165a6d22328816b618433d49c5f50706d033436ea0cc0e1a9a0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Dec 2023 11:13:18 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
ZP20CRB81B62BW3M
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
15852066
x-cache
Hit from cloudfront
x-amz-id-2
ko55a+QlOsat9omVQJK0Sg6p0IdAcWZi9gYqQTfxfKpfMuYzAYiWRV8wbms85I/biLqdaad9W3o=
last-modified
Tue, 21 Nov 2023 16:38:01 GMT
server
AmazonS3
etag
W/"0a3f35f6211feffe573a08f983c2a35a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
oNhQNmnIBEFd5UMVa5tt9XKjtPP8IaKjmbnvtgz2v47DbOwvlV8UXg==
d6a9949e-c7fb26743b3df7c3d4f3.js
www.file.io/ 		48 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/d6a9949e-c7fb26743b3df7c3d4f3.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c99558fc6ef205ec358d6ac68ec549d6972949f3cdca2be0aed2a2b3c165c17f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 Nov 2023 16:38:38 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
W1DM2687ZHME3GH1
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
19202146
x-cache
Hit from cloudfront
x-amz-id-2
gTt+B0osSQqw/5q+otDs44vRMLZ2mWoE3aWLvlHIDyZg0QvqRgRuxMUwpx6jQPZO2C/BxFJAh8kPZySlcyxj7g==
last-modified
Tue, 21 Nov 2023 16:38:09 GMT
server
AmazonS3
etag
W/"8be798e491d64c90fb2668c241136d27"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
r6SuLJN5CH84vUohDXMOdGwEq8L5Ys-L4saddsKwY-Bfizj_GllDRQ==
e82996df-418a0be62c8cbbb8c8af.js
www.file.io/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e82996df-418a0be62c8cbbb8c8af.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9ae0cc0755ea3b042acde2932d6885c1dcbcc785cae4ec96958540302727b66

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 18:17:28 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
WCBX8D8Z0YPBQ1ZN
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
6668217
x-cache
Hit from cloudfront
x-amz-id-2
Tzsf7rENXnJSBuWY8Od8YTsfhpN4uRIOiucIoR8M89ZJPWCtyVdVuoWmlBr5Fx/eIUX/pqg+kNk=
last-modified
Tue, 21 Nov 2023 16:38:10 GMT
server
AmazonS3
etag
W/"41f1589b5b330e89885e93dcec06328c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
pEgqZWzgidG2kIJwP7cTIksxkcvXCEC8RAS_cHK8-uQJdKAMeHpTSA==
framework-2e81d87b28ccd7c06c04.js
www.file.io/ 		145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/framework-2e81d87b28ccd7c06c04.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57e30f191bec3bcb919f18dc014c7124dd24e9f0755f2abdde9ac3ccb8d161de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 22 Dec 2023 05:31:46 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
VZSVTRBBWBPSPDA8
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
16563758
x-cache
Hit from cloudfront
x-amz-id-2
936UD7uNrzoZj95sY0I5jl3hPqom9bYjlg2d0Bbw4AVgSeeNCSkTirXbWmx577COrz/J6cZpnDo=
last-modified
Tue, 21 Nov 2023 16:38:10 GMT
server
AmazonS3
etag
W/"d57e42a527da656114d580605cefa13e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
61frCfZ1Cz50DRZlkG9lu-4L_H7hLsNg-hzJGRXimTh0lXXzwNBC6g==
webpack-runtime-71df933e5e48a5ef88ea.js
www.file.io/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d37e09a9d86650a49b5dc628252f6d2f8cdde7aaf663a360a26ab64dc8d3e5cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 08:07:38 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
41Y38YDYDM9RB7C8
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
743207
x-cache
Hit from cloudfront
x-amz-id-2
vxzPMomWHBhlYVAICi0/tE7VGUw8SeioaGV3Di+Ns25R+ajH4ebdRg6smz6p7j2VzKixfBp+E0eP8wN46ObkvtwlFzaEq2GkryAUFB7+Bw4=
last-modified
Tue, 21 Nov 2023 16:38:15 GMT
server
AmazonS3
etag
W/"7cfe5fe97ffcc13e6e9a15122f587d3e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
-WxYlpWjbc3sggsrji1TpZZLGeGMmVA8YobTjeyqsUvxde67cXnNtw==
app-data.json
www.file.io/page-data/ 		50 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/app-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
003ebef3df0e3f053e8c9535b204beb9ed81b8d47dbad9d0551490c5ba754149

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 14:40:03 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
RAVA6SA4PJ7780RH
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
28462
x-cache
Hit from cloudfront
content-length
50
x-amz-id-2
Tx7x6wbReFYX9BbcNccwfiG8ISk44yFjvqt2CliPtBo5uQj7VxrPaXPWaa2vRtv8CR7QHkbjiIw=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"6b7f5842f65c183f487bba9ca61c4677"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
fm7Dg3BKgWMoDqyRyEKbdkhkXDWFwVptKyOnsY1V-7IyJOPXPy1EXQ==
page-data.json
www.file.io/page-data/downloadStopGap/ 		208 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/downloadStopGap/page-data.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 07:21:41 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
56W5SJEW7CBCPRVC
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
54764
x-cache
Hit from cloudfront
content-length
208
x-amz-id-2
bRbMiw0JoYygwIWBUnWkpYcqwczSqXo5PAbH7W09F5Go7pk/vohg1gApY6Ds64IFOsOZJsX2btmb7MmbW0kaMA==
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"a2bc2e30a9725de62058caf12cd11a0e"
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
jJ71qPxg2k9RWE95qt2i6u1fWptiGsgvI6N6djwHVF2JziY0ix9fOg==
6357fe75b1abda701427d92a.enc
hb.vntsm.com/v2/live/ 		35 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6357fe75b1abda701427d92a.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.1.251 Chicago, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
185-93-1-251.bunnyinfra.net
Software
BunnyCDN-IL1-1029 /
Resource Hash
d3b002436aee6955d8a1bf81271b370dc0d7d374d1983a962c46853b27128649

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
content-encoding
br
cdn-edgestorageid
871
x-amz-server-side-encryption
AES256
cdn-cachedat
06/27/2024 16:54:41
cdn-pullzone
131999
last-modified
Tue, 11 Jun 2024 09:32:37 GMT
server
BunnyCDN-IL1-1029
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"98b3ecacf63a1ee6b8528e28bc2640ac"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
0caa437158c7784645a63845bace4934
cdn-requestcountrycode
US
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
c16184b3-95b4c1d4f88fa26cbedb.js
www.file.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/c16184b3-95b4c1d4f88fa26cbedb.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17712c90e8473e3a5c2f70a4399e79ba0687d7be77d3aa642870f27a1c13da94

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 Nov 2023 16:38:39 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
ZTM28XBK127WQX6G
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
19202146
x-cache
Hit from cloudfront
x-amz-id-2
VWbyMvjcMqfHA4EdcQeu78eXI3Zse5ajXEYeHScA6S6tLeUjOeEgsIZIYvcCTorWPKprzXHIUHw=
last-modified
Tue, 21 Nov 2023 16:38:06 GMT
server
AmazonS3
etag
W/"99a1550c7fd59aef33e8474b7e4d41c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
d7LU8_q_Q43QyiYbnRKoNHoQ3BBcgje80N5V5LPVOyWZnL9g7AjjQA==
2cca2479-b6c05be52437560faaee.js
www.file.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/2cca2479-b6c05be52437560faaee.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3148b503996601811f2abcc09d7309d321d02d144c93243b4b914c00b36d87d7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Dec 2023 10:02:40 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
D96K0A13CPANHQ4R
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
15856305
x-cache
Hit from cloudfront
x-amz-id-2
+jXmsHIYCLCoQe096jt5/NzbnanJFWZ+Ev+jVqFR5deetQV06rcv1TpAyjBY2WDZsuamLTA9WcY=
last-modified
Tue, 21 Nov 2023 16:38:02 GMT
server
AmazonS3
etag
W/"6cd7fa0413645d437f12b65c8ca4d4bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
pmxKD_XblCxV8giNKmLCJAhymyMGJdmwMs-6UdDR4AYZLZnxYgDooA==
7ae2231b1295f47744064cafef681eeeabdf28c4-015e1d1647a984681642.js
www.file.io/ 		117 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/7ae2231b1295f47744064cafef681eeeabdf28c4-015e1d1647a984681642.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9d0a668bbfb705e317d51bfaabf290c28cca253877bc8ca0885af764860c945

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 Nov 2023 16:38:39 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
ZTM73K4NMTMD4Z19
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
19202146
x-cache
Hit from cloudfront
x-amz-id-2
Eu8fbE1VMIsIMwxRdlvFr70bcGfqKn40Js6vf6ll60vn+Xt3Gs3FikhxkyTHp1f3FJSyOVdNTE8=
last-modified
Tue, 21 Nov 2023 16:38:02 GMT
server
AmazonS3
etag
W/"1d960a13eec23d962cec4d1fb874ad24"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
8ZJJJ9tPc-sPSTx_42zPO6vahj63gNLTES5hTJIpx0o1ZOtEuPsOvQ==
d586fea45c8a80d9eaecf1d04f964b1ca23e203e-2e7296bc1aadb7b4e547.js
www.file.io/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/d586fea45c8a80d9eaecf1d04f964b1ca23e203e-2e7296bc1aadb7b4e547.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc77dc77f2acb1d2781f3d6a45131816596a2f47f90eb52bbbda7ff6dc22697a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 22 Dec 2023 05:31:47 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
NXKJ4P1W13MGWTQ7
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
16563758
x-cache
Hit from cloudfront
x-amz-id-2
zQ28OkXsByiwn2ytTZhf46YLMi+VSh0lxIEhxHY+t1hU61sbrJf3Sm8nmxBr935fVmloDzgS7JyyFsWNCgRxkPDklj1i2EC+MyjDJxQbr24=
last-modified
Tue, 21 Nov 2023 16:38:09 GMT
server
AmazonS3
etag
W/"22cfddc9a580e0d98dc0542be850ee73"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
-BvdmOcWyMR8BriJNLHDGYerOeBejAW858yYoqv9_hBiwhStFK3eAw==
71836864b7a2066d7d874ab5eea3f7769b0144c3-ebc51d1e381ba863cf3d.js
www.file.io/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/71836864b7a2066d7d874ab5eea3f7769b0144c3-ebc51d1e381ba863cf3d.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9aff67207c751e2410d82062275cbbce494d88e6a054b36eeb65fea942b92244

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Dec 2023 06:29:18 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
J3A5TCRKCPCT4BWV
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
15782707
x-cache
Hit from cloudfront
x-amz-id-2
XXNrJWdaX14UDARGQOPKJ3+wCJQrfxiqoTIqzxBIpIoG7lx8cZMYHAJfCTyw21esuHNxXKFTOFg=
last-modified
Tue, 21 Nov 2023 16:38:02 GMT
server
AmazonS3
etag
W/"fd22536429ef564a589e257edba4bb43"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
MLOPNCqV7YeWQCIicx0Hw9J3LmIRooma329CJt-DvRuqRZ87qYEPxQ==
ed516ccec82792e61eba5551e335b957b2d7d02c-a82720e411859fecd019.js
www.file.io/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/ed516ccec82792e61eba5551e335b957b2d7d02c-a82720e411859fecd019.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41cee572622e55c51a0229bd489312e2b9bcc0ac84d8001f4527d2cfc9700fb7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 Nov 2023 16:38:39 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
ZTM5KMS5XW5T8S1D
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
19202146
x-cache
Hit from cloudfront
x-amz-id-2
j36WjgTgqmsiPBnpMvF9bdDtPSzFJs5dIymcxpFOJ1NxUX1ev1M91t+07Q64KhbV/1V23lNr/UVWHvdW0ilPx8YWLxWx3Z+ZeVQbPThHeCg=
last-modified
Tue, 21 Nov 2023 16:38:10 GMT
server
AmazonS3
etag
W/"96772a03733ad2ba49633ced27df9c55"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
-wM4HmJIf-zJM2ljVvEw2SA2YPMYm8rv-UmFSmlFDaIIXqTlUCVmmw==
e98b170d240584cc273f592e36a9137245db2ee9-cd7fe7c06c1b5b4a3f14.js
www.file.io/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/e98b170d240584cc273f592e36a9137245db2ee9-cd7fe7c06c1b5b4a3f14.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62e078598c7c6f18e612a42a47e3daa3d56ee6825cf9ffcd1111f144b9b1a00a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 06:15:00 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
BR30FMYQ3HGFP9V0
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
4292365
x-cache
Hit from cloudfront
x-amz-id-2
F06A0UmQc8deMOdVvikFi87IaXbEJQgZH7y54AshZwDvWU0JlucfAr6l2X3OkoUCFJFfRdnsRMU=
last-modified
Tue, 21 Nov 2023 16:38:10 GMT
server
AmazonS3
etag
W/"6fc5a2a249a3590c4d95bddef5750e19"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
8_WB5wWDcLijpVsMAC7PtL6AozmxmLYVp8E361cLDhcv23uaNrMwrg==
03f9af1d91ffaa672a221f7c6442c75365c47a72-67f8c2204fcb87f4fd41.js
www.file.io/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/03f9af1d91ffaa672a221f7c6442c75365c47a72-67f8c2204fcb87f4fd41.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16dc6c08d1383ce96476fb0b651b79fbe89529d601bead76f00321c7d021104e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 13:47:28 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
Q2B6BB51QXER9BV3
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
1759617
x-cache
Hit from cloudfront
x-amz-id-2
McwUSsMvoRiz0lMkb43Bn9qm6YVHrX2bHRRjQcwsUtQobBkexMjTkJQmsQsW+aGe82OT1gj7tIA=
last-modified
Tue, 21 Nov 2023 16:38:01 GMT
server
AmazonS3
etag
W/"fe794b04548676b5edd051217791b3d5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
XlNaPW4EsF3HUmBUwm7m7n1iblR0WHpT3nJoCr9l7Bja4ncHfdfIBw==
component---src-pages-download-stop-gap-js-176f1428224f4956c814.js
www.file.io/ 		484 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-download-stop-gap-js-176f1428224f4956c814.js
Requested by
Host: www.file.io
URL: https://www.file.io/webpack-runtime-71df933e5e48a5ef88ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55e2bc0de80dec3d96b000d97adcb7a1cce1e7260555f4141f5677a91c730dbe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jan 2024 09:23:02 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
K0NSSKQKR26F5ZFH
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
15253883
x-cache
Hit from cloudfront
content-length
484
x-amz-id-2
8NlESvJysDv8ObsrB+flxE7Y74ScNnXWzxw5nIPzJVDSVj2wKRasderExQJRF5o26Eji1Gv9U4w=
last-modified
Tue, 21 Nov 2023 16:38:07 GMT
server
AmazonS3
etag
"9525d851171232c1012a3a1b9795a681"
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
vV1Dz3-PV4W7UCxXORkIUpCCe52UEA85f5OCbdyjJrceCMRZQIyDyQ==
1655680770.json
www.file.io/page-data/sq/d/ 		447 B
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1655680770.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 14:41:06 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
RAV9FMHPNJ3A76MJ
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
28399
x-cache
Hit from cloudfront
content-length
447
x-amz-id-2
9RqEWqzwQEBqiYduBxX0RFEPJUhz91VdMYSWhtqRwA98wwSaYnjsKcjRYZv9kE87MaTcWGTlFXM=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"c839c57483bd5d788408e7fc88e7cc8d"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
XCpycwcAI8RHtQ4MCVc_8TVVXyLAg31JfVLPGR321_bnHrzlt4O-8Q==
1810866655.json
www.file.io/page-data/sq/d/ 		2 KB
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/sq/d/1810866655.json
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 06:40:01 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
21BX62E85DR1J74E
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
57264
x-cache
Hit from cloudfront
x-amz-id-2
EMd2t1SfStaqiatgmsr09w5GP5/nixUmiYk4f1GiTqUMF5a2Z4JPMd/G0gc8s6SWFWBS+p03Hv8=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
W/"7bb0144e136507cd9bfbaceb72189d09"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
x-amz-cf-id
8QvOxPpireIVvtBiAURbYDfaeNu6duEf_Vm8Ur4Zlu_32lBpC2QyYg==
js
www.googletagmanager.com/gtag/ 		205 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-65658019-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
fabbf870587c20b6062a17691e53f7f443268bb45484b8b387ab6c19b8a9db2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75594
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Jun 2024 22:34:24 GMT
content.html
hb.vntsm.io/ 		32 B
662 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
cf-cache-status
HIT
x-amz-request-id
CR2CRMEYZEMW7SYM
age
6761
content-length
32
x-amz-id-2
56cptFxgC+Nxkjn9QxGIZLv8IiD37rl04QuV1rxa4xXpBPApk42nOQxLoO0Vwe78AisyfTuJMP4=
geo
US
geo-subdivision
US-NY
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c19f9eab921770-EWR
g.txt
hb-vntsm-com.global.ssl.fastly.net/v4/srv/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 30 Jun 2024 22:34:24 GMT
Via
1.1 varnish, 1.1 varnish
Venatus-CDN-HB-Rule-Version
1.1
Strict-Transport-Security
max-age=300
Age
6341
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Connection
keep-alive
X-IP
138.199.11.114
Content-Length
0
x-amz-id-2
UU9KzWMlBNA7mwQLY6Svc6/cWyHA4ZVxrX9SXQBOovyjgbyCjr0woPGySIXI47kLfkRFATzMmhfNr1LV8yC32oet0kR4nEcm
X-Served-By
cache-dub4333-DUB, cache-ewr18144-EWR
Geo-Sub
NY
Last-Modified
Tue, 02 Apr 2024 15:20:36 GMT
X-Timer
S1719786864.410921,VS0,VE0
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
X-Geo
US
X-Cache-Hits
37, 191
Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
www.file.io/static/ 		317 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file.io/static/Inter.var-c2fe3cb2b7c746f7966a973d869d21c3.woff2
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Origin
https://www.file.io
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Dec 2023 11:43:38 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
AYHKR8GE22ZH0QJ4
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
15850247
x-cache
Hit from cloudfront
content-length
324864
x-amz-id-2
9blKZBczbMNARjkFp+AOKEYL63clwZ181UFAmIN2EyoXJJ6aiFzlY3D+Gc0oddmkmmyWS6VBUVg=
last-modified
Tue, 21 Nov 2023 16:38:14 GMT
server
AmazonS3
etag
"8dd26c3dd0125fb16ce19b8f5e8273fb"
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
n6sl6qYmvDgmNjYvDwLg6BgC1xKbsphEMrGkApijQrznMoFB_bRCsw==
metadata
file.io/vsSiRq5nSWrx/ 		570 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://file.io/vsSiRq5nSWrx/metadata
Requested by
Host: www.file.io
URL: https://www.file.io/app-ce1c3df6a1080a0c9f36.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.55.107.24 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
3ce3a46873787073321f6a9d295a7f812911dec677e61a2bd371fbf5568ccbe9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 30 Jun 2024 22:34:24 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
ETag
W/"23a-HCSwehkEp0TlAQAE7ziVXH09vCc"
X-RateLimit-Remaining
6
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,PATCH,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset
X-RateLimit-Reset
2024-06-30T22:34:24.838Z
X-RateLimit-Limit
1
Connection
keep-alive
Access-Control-Allow-Headers
Cache-Control,Authorization,Content-Type,X-reqed-With,x-requested-with
Content-Length
570
Retry-After
0.361
ad-manager-bundle.min.js
hb.vntsm.com/ab/live/fatum/ 		1 MB
324 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.1.251 Chicago, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
185-93-1-251.bunnyinfra.net
Software
BunnyCDN-IL1-1029 /
Resource Hash
1b15244213ddd5961531ecee7af97945eefb265dd4c5d6229e94ed03d6e09a13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
content-encoding
br
cdn-edgestorageid
1068
x-amz-server-side-encryption
AES256
cdn-cachedat
06/27/2024 16:53:06
cdn-pullzone
131999
last-modified
Thu, 27 Jun 2024 13:29:17 GMT
server
BunnyCDN-IL1-1029
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"943e07e99482cd7a9079c869782b350d"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
f2e977389f1ea78238a30f9d73494fdd
cdn-requestcountrycode
US
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KDJB5247JB&gtm=45je46q0v9119119180za200&_p=1719786864120&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=641649692.1719786864&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&sid=1719786864&sct=1&seg=0&dl=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&dt=Download%20%7C%20file.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=false&tfd=674&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f101.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDJB5247JB&cid=641649692.1719786864&gtm=45je46q0v9119119180za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJB5247JB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65658019-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Jun 2024 21:59:54 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2070
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 30 Jun 2024 23:59:54 GMT
collect
www.google-analytics.com/j/ 		2 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1845988397&t=pageview&_s=1&dl=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&ul=en-us&de=UTF-8&dt=Download%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1915607221&gjid=1781551339&cid=641649692.1719786864&tid=UA-65658019-1&_gid=1261001861.1719786865&_r=1&gtm=457e46q0z89119119180za200zb9119119180&gcd=13l3l3l3l1&dma=0&tag_exp=0&jsscut=1&z=1974148046
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1845988397&t=pageview&_s=2&dl=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&dp=%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&ul=en-us&de=UTF-8&dt=Download%20%7C%20file.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=641649692.1719786864&tid=UA-65658019-1&_gid=1261001861.1719786865&gtm=457e46q0za200zb9119119180&gcd=13l3l3l3l1&dma=0&tag_exp=0&jsscut=1&z=1164452393
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 29 Jun 2024 22:35:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86351
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-65658019-1&cid=641649692.1719786864&jid=1915607221&gjid=1781551339&_gid=1261001861.1719786865&_u=YADAAUAAAAAAACAAI~&z=513234189
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Jun 2024 22:34:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame 335C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.1.251 Chicago, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
185-93-1-251.bunnyinfra.net
Software
BunnyCDN-IL1-1029 /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-cachedat
06/27/2024 16:53:05
cdn-edgestorageid
871
cdn-proxyver
1.04
cdn-pullzone
131999
cdn-requestcountrycode
US
cdn-requestid
960bdc812689ea8b5ca1f4abde39e563
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-status
200
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-encoding
br
content-type
text/html
date
Sun, 30 Jun 2024 22:34:24 GMT
etag
W/"d80b9831e6e7896aa97e84d70f49e545"
last-modified
Sun, 10 Sep 2023 14:04:21 GMT
server
BunnyCDN-IL1-1029
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-bl
0
px.gif
ad-delivery.net/ 		43 B
898 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1406771
x-guploader-uploadid
ABPtcPof8oVZy8f-YawZYTApO5mAq3xTkpTgU5AAGDdN2ngyWVPi1E3pZwAWofBj9c1HY-4-Yxw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWsOtJJitI1wqyYEbPfBm4EYTjQfXWoA4%2F7V4kwlUTjffNrKt6QAXJcSepayuitaV6Dxndgw1jWbUJZ5a0NBRYCNr2tmu45NcpHAs8yy1Ez%2FUvG89pDEy8gRiheUs4NGrw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
89c19fa0389732d0-EWR
expires
Mon, 01 Jul 2024 22:34:24 GMT
script.js
cadmus.script.ac/d1oykxszdrgjgl/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14e1d2d6a28bc45adc3582de9fa60440e534f3aed78eb56dc88109fa3fac033

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2024 17:11:36 GMT
server
cloudflare
age
0
etag
W/"6e3c0111469fc2e4d6ec11b2953056688cdba2f1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
89c19fa1da324244-EWR
apstag.js
c.amazon-adsystem.com/aax2/ 		310 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:38:37 GMT
content-encoding
gzip
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront), 1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jun 2024 23:08:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
3348
x-amz-server-side-encryption
AES256
etag
W/"ba6b386e5d42265c831a1ba06f75f187"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
gf1L83fNBNIb1jM7j9qVew8CTNusq67sVQBnc2Pctp5nXKQQVpyQEg==
static.min.js
cdn.exelator.com/build/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.exelator.com/build/static.min.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-61.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a84968788428f98d340f10ada89ecab924a68eea26aaafc0c424edc981a7697e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
13EhbDJXZCAdYoXnSII.9TQPnQd89SiV
content-encoding
gzip
via
1.1 7737ef6f12229d4564d45a2b0c059e2e.cloudfront.net (CloudFront)
date
Sun, 30 Jun 2024 09:30:30 GMT
last-modified
Mon, 05 Sep 2022 22:25:32 GMT
server
AmazonS3
x-amz-request-id
M769FVBPTQ8GHQ9G
x-amz-cf-pop
JFK52-P3
etag
W/"a427037ef1482423da13ad8bf262d61a"
age
47080
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
-4H96DtqGZcC9-fllDAQT_7e_YcHv43HAEi757CP-VTwDwrR6ODTKg==
x-amz-id-2
4s4gWnYukqVU5DKa3oU+eajg/Wquigrq2+8Dd5X9ZX83yTo/7R0w59s2yDkNkv3dY8omooDhAVI=
px.js
p.cpx.to/p/13058/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/13058/px.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.120.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-120-84.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1496cea08e7ac44104efe649a470e218e418b6a591d4d8442029bd72cd51e764

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
cache-control
public, max-age=2419200
content-length
4756
content-type
application/javascript; charset=UTF-8
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.67.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 07 Jul 2024 22:34:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f157.1e100.net
Software
cafe /
Resource Hash
a0c5fd9a868bc9bd662e0dbd696fbe93a21d99790dc593e772440a1a2fc00901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31480
x-xss-protection
0
server
cafe
etag
988 / 19904 / m202406250101 / config-hash: 14127960895537280856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Jun 2024 22:34:24 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 30 Jun 2024 22:34:25 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
mydmp.exelator.com/on-site-tag-load/
Redirect Chain
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
951 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
Protocol
H2
Server
50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-197-56.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
1a33db5f8a4f01546026230077598c9d2b4892a33089f5927f1402c506d2d8e2

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin
https://www.file.io
content-type
application/x-javascript;charset=UTF-8
cache-control
no-cache
access-control-allow-credentials
true

Redirect headers

date
Sun, 30 Jun 2024 22:34:25 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
access-control-allow-origin
https://www.file.io
content-type
image/gif;charset=UTF-8
cache-control
no-cache
access-control-allow-credentials
true
70247b00-ff8f-4016-b3ab-8344daf96e09
config.aps.amazon-adsystem.com/configs/ 		563 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-59.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
abce51476c992eaaacd53b9b0f4ef97b8d9ceaacad89e706a3bde801ed30e6e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:44:08 GMT
via
1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
3017
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
b89I8guR-lvfvA9FiaCdA5jx11F93IQcSHYMBPppUH1hH-pnphaGFg==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.file.io&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 19:47:19 GMT
via
1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
10026
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2353
x-amz-cf-id
gJCaGwtRuuQsfSfXT_lwB-MtXaxmdfA1epMCHVSIa1Kh3uVoFIO_-w==
bid
aax.amazon-adsystem.com/e/dtb/ 		176 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&pid=oyPBk9SkwQvm3&cb=0&ws=1600x1200&v=24.620.1905&t=3500&slots=%5B%7B%22sd%22%3A%22637370d898fb531abee85aab-1100%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22175459031%2FVM_6357fe75b1abda701427d92a%2FVM_637370d898fb531abee85aab%22%7D%2C%7B%22sd%22%3A%22637370bb889c301e8e7ad53d-1101%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22175459031%2FVM_6357fe75b1abda701427d92a%2FVM_637370bb889c301e8e7ad53d%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google+Chrome%22%2C%22version%22%3A%5B%22126%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%5D%7D%5D%7D%7D%7D&schain=1.0%2C1%21venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&sm=efc603d8-5f00-41c7-9c9f-2c8a668a3eb5&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A5100%7D&_c=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.58.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-58-231.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
d3a907d4b0f9a39e4a48b6599399231a99ad394959ee4e7ce781ad7ae3701950

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
timing-allow-origin
*
content-length
176
x-amz-cf-id
A6ba7BZmuoXrJG2bkpebco3JwiN8nzfX97Jiit9uTTHJJM-brI8Qig==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
date
Sun, 30 Jun 2024 16:46:11 GMT
x-amz-cf-pop
JFK50-P3
age
20895
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ZmjEKRCEf39SyYabqlC3frk_1JhbNMHs5E7NTF_kVblU_onofm5s8w==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.2.36 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-2-36.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 30 Jun 2024 22:49:25 GMT
hadron.js
cdn.hadronid.net/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&ref=&_it=amazon&partner_id=288
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNMNHQXA94JVW78
age
1466
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=432000
cf-ray
89c19fa2eae57c78-EWR
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
expires
Fri, 05 Jul 2024 22:34:25 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
D96RMKAYJ28MYGA1
age
3595
x-amz-server-side-encryption
AES256
x-amz-id-2
Ou3AmhmemQMoNsPp1ceyldUF6b7NGPVhGj72ZWdDU15UcwzKhEd7wZthn8Ar7mEooIIpkEnGd/o7oU7oRKAYpctoPNkoTdbL0YITmH/94os=
last-modified
Wed, 19 Jun 2024 08:15:00 GMT
server
cloudflare
etag
W/"7549ecdacdd2ca9502744f648799d58a"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
89c19fa2ee9c7d0b-EWR
expires
Sun, 30 Jun 2024 23:34:25 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.2.36 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-2-36.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Sun, 30 Jun 2024 22:49:25 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/ 		466 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f157.1e100.net
Software
cafe /
Resource Hash
ecfda2a1a2411ea1f4ad1904a83069d02229ef72ce33c2ba195e2d432ef12757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 19:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
9861
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148619
x-xss-protection
0
server
cafe
etag
15197200631174858937
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 30 Jun 2025 19:50:04 GMT
log
onsite-tag-logs.apps.nielsen.com/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://onsite-tag-logs.apps.nielsen.com/log
Requested by
Host: cdn.exelator.com
URL: https://cdn.exelator.com/build/static.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.40.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-40-84.compute-1.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://idsync.rlcdn.com/397416.gif?partner_uid=7c4e7b7609effd026b2016d727a03134
  • https://idsync.rlcdn.com/1000.gif?memo=COigGBIrCicIARDaFRogN2M0ZTdiNzYwOWVmZmQwMjZiMjAxNmQ3MjdhMDMxMzQQABoNCPG6h7QGEgUI6AcQAEIASgA
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008jCTVVoh0fN2x5rEVI3GJ_BEIj2NcZrPe3uCXDph33hg
44 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008jCTVVoh0fN2x5rEVI3GJ_BEIj2NcZrPe3uCXDph33hg
Protocol
H2
Server
18.238.55.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-87.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:28 GMT
via
1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
cf2--yqRMU_Cs-3XcS8TUibzyu4A3n4eBNZ5vOzGur3ryXdw_ZZqYA==
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date
Sun, 30 Jun 2024 22:34:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008jCTVVoh0fN2x5rEVI3GJ_BEIj2NcZrPe3uCXDph33hg
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
nmcsync.imrworldwide.com/ 		35 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmcsync.imrworldwide.com/?xuid=7c4e7b7609effd026b2016d727a03134
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.208.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-208-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:25 GMT
strict-transport-security
max-age=31536000
max-age
0
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
content-type
image/gif
p3p
P3P policyref="http://nmcsync.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
35
expires
0
adsct
analytics.twitter.com/i/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=7c4e7b7609effd026b2016d727a03134&p_id=28539
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
74
date
Sun, 30 Jun 2024 22:34:24 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
b6f1de0d9b0f883c
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
70fcf3a40fdb4839882fa8433a29ac4b7167adc30287d1d385e87287261d4236
content-length
43
edgekit.min.js
cdn.edkt.io/rNn9xk/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15092c79f371f7c16724c48298236db2e845980777554f304640224b08f68d8f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 03:42:09 GMT
content-encoding
gzip
age
67936
x-guploader-uploadid
ACJd0NoPa9nbE5nLkLjJIYKyiRA3YjOFQNIpXCYPe8sZedg0uGmG72e21SaetFipV8BlEU2W4pB-f7SO
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7644
last-modified
Thu, 27 Jun 2024 14:53:15 GMT
server
UploadServer
etag
"a43de6cc22790d4013b5480a3e1dca98"
x-goog-generation
1719499995666970
x-goog-hash
crc32c=PklF3w==, md5=pD3mzCJ5DUATtUgKPh3KmA==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
7644
accept-ranges
bytes
expires
Mon, 01 Jul 2024 03:42:09 GMT
localstore.js
script.4dex.io/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 30 Jun 2024 22:34:25 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 26 Jun 2024 15:51:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
369653
ETag
W/"00a8e13a83b2bbab51af8e55f52be363"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JL7jRe0oDUbvkIH1ulr%2B5Y1C5gYTuPrh04EhQnAH3p9X%2BzjyC85lTCWTFgOujF6%2FgvUqm2Vgmo%2FP1FTwT6l28QOen6e0nYCXd5Sh9MEegUtJe5cb38C4hLsfij0r6MJU"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
89c19fa33a97423f-EWR
track_enc
track.venatusmedia.com/dual/ 		16 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.131.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-131-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:25 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		23 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ed5f496f0622d4077d28e7faa4143f8e96556684d16623f3e9c01a0d3d499544

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
x-openrtb-version
2.3
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
elb.the-ozone-project.com/openrtb2/ 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5dad8fd1c5b9b9e72a5b6a8800c4a020732319fe258df1528262691bb5e2cc7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
89c19fa34cdc8c2f-EWR
expires
0
c
prebid.a-mo.net/a/ 		964 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ae9cce9feff9a918079fbf000ca8e0117b251fb3a9ec9a5c35a1ec9f084a42aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
58
content-length
485
v1
prg.smartadserver.com/prebid/ 		22 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
135.148.2.48 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip48.ip-135-148-2.us
Software
/
Resource Hash
54f24f2f2872bf3847fd19cb57c2ab27579891add4480d5452cb41c1f3b3531e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		22 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
135.148.2.48 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip48.ip-135-148-2.us
Software
/
Resource Hash
adbeada8c01262462b628a6868bfe065dfcf881fb1906ed2ba9479e4e58a09f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		484 B
589 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
cc98cc677b4c61d9355e20e3dcc9e4951077ad6fef064274e59692c7ddc9dede

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
access-control-allow-credentials
true
content-length
323
content-type
application/json; charset=utf-8
v1
btlr.sharethrough.com/universal/ 		766 B
590 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
2011648ca1a9842507fab6cb7e04703a2ddb176d0828afb61f108176f2b43831

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
access-control-allow-credentials
true
content-length
438
content-type
application/json; charset=utf-8
v1
btlr.sharethrough.com/universal/ 		805 B
601 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
4637d1b705d205538a0da9fa75d7b0d161ccaef6b8f490c8e8f39a19ef5024a8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
access-control-allow-credentials
true
content-length
449
content-type
application/json; charset=utf-8
v1
btlr.sharethrough.com/universal/ 		850 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
f63960e229b698e2cae4fde25c325448f9cb8764d89bd01eae1935c36ef2a8cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
access-control-allow-credentials
true
content-length
501
content-type
application/json; charset=utf-8
trinity.json
apex.go.sonobi.com/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2224b3a465041a6ff%22%3A%225c3986d1c2b45d45777d%7C970x250%2C728x90%2C970x90%2C300x250%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&s=593cb8ef-9de9-4278-ae17-f3724c83b883&pv=a1692e88-e601-4078-89bd-22377a4bc0dd&vp=desktop&lib_name=prebid&lib_v=8.38.0&us=8&iqid=%7B%22pcid%22%3A%22729d9282-1057-4e54-92e1-f4343fff88c0%22%2C%22pcidDate%22%3A1719786865141%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22file.io%22%2C%22publisher%22%3A%7B%22domain%22%3A%22file.io%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22126%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22242bc6b7-e220-4a8e-b275-d36c9fc2c508%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
2c7f27b038b4586c8a83a8371f83f2b94964056988ac5994a7345785460924bb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-22
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
542
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		254 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
284f79d739255f4afadd904e2e0d73db0fd83ba3d817f6142ba57d5253b71082
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:25 GMT
an-x-request-uuid
532d0800-2c43-4cb9-afca-211102a1cb1d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.11.114; 138.199.11.114; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
254
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		16 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.38.0&referrer=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.218.122.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-122-15.compute-1.amazonaws.com
Software
/
Resource Hash
f2c6f76872060ce9794a05714c3f1f9655763d9ccb59a7af5dc10ade7b79291f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
zstd
observe-browsing-topics
?1
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
4508
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
500 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&PageUrl=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&PageReferrer=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.197.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-197-229.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
6
content-length
0
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.2.36 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-2-36.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Sun, 30 Jun 2024 22:49:25 GMT
hadron.json
id.hadron.ad.gt/v1/ 		102 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.file.io&url=https://www.file.io/kNQn/download/vsSiRq5nSWrx
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a3c22471eb349be5aeff8928609c0fc5b80cc0f73a6ba3823e8808d54af1dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
89c19fa3abda4378-EWR
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.file.io&url=https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
89c19fa38b954378-EWR
content-length
0
content-type
application/json
date
Sun, 30 Jun 2024 22:34:25 GMT
debug
OPTIONS block
expires
Mon, 30 Jun 2025 22:34:25 GMT
server
cloudflare
rules-p-Hwnr8j7tWA3Nu.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-70.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:50:05 GMT
content-encoding
gzip
via
1.1 4e3df844337032b56b8434990b0f76ca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2661
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 23:45:13 GMT
server
AmazonS3
etag
W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
CnBb45dr20zhkYU8Nd_v-PFG3bkrd7L9Sa7WZuZOIeTzxH3qyZpYpQ==
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
192 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
89c19fa37c424244-EWR
content-length
3
adagio.js
script.4dex.io/a/latest/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9076524926d9f3a5a1d2e991f7d761c437b78d88ed573ec3d8c0ca90731068

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 30 Jun 2024 22:34:25 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
369641
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 26 Jun 2024 15:51:15 GMT
Server
cloudflare
ETag
W/"a839b76fac33043f9fbaf53b6518913f"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFvxOfcxIVkfJf63SOc1aMmht%2FRpI1Bv5c1gTR7UzBK%2FPIlpuZngWcv9uGRpSw2abY5PZW1wXJB7xcdmP7PnDImUCgVNu4vSBn%2Bpw4sa%2B1OjLI7aB1jhprt64kTrMd0s"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
89c19fa51f8b4268-EWR
21726375739
fundingchoicesmessages.google.com/i/ 		199 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/21726375739?ers=3
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
11a1435ee52c903ca4bb1b08d8210d7e0ca6f16926affe141a69c77c60c2b1a7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZwEbIIjZiveZBmLsG9UR7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZwEbIIjZiveZBmLsG9UR7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw1ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLh-LirfQubwIkr95YyKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6xmYxhcYAAAD-zo0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		0
0
getuidj
ib.adnxs.com/ 		29 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
db1b35effe55b2ab174de8fecc0e788d3549c66577d6ab80b36dd4910ee3afe5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:25 GMT
an-x-request-uuid
e67de0e8-8bb8-40b5-a099-fb56a7204b46
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.11.114; 138.199.11.114; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rid
match.adsrvr.org/track/ 		109 B
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e6e713c07c84b3ba39e13f6e1aa79463a0c893550a0839d83b2a652466988dda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:27 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 30 Jul 2024 22:34:27 GMT
288
a.ad.gt/api/v1/u/matches/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebea91d3ed3205c263c117ec09c5623646b69f056a1cbc4c40055b7ad764fc3a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 Jun 2024 22:29:29 GMT
server
cloudflare
age
26
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
89c19fd11d6d41b4-EWR
iu3
s.amazon-adsystem.com/ Frame 61F6
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_pm-db5_n-Ogury_rbd_rx_snb_smrt_n-Rise_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_pm-db5_n-Ogury_rbd_rx_snb_smrt_n-Rise_3lift_n-Outbrain&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_pm-db5_n-Ogury_rbd_rx_snb_smrt_n-Rise_3lift_n-Outbrain&dcc=t
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
346
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 30 Jun 2024 22:34:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZRVKT4BC6RQ1X4FHCN6P

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 30 Jun 2024 22:34:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-sharethrough_pm-db5_n-Ogury_rbd_rx_snb_smrt_n-Rise_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
53EM7YGXCCR5KC2SK5P0
AGSKWxXuq6_5sq5Yb_ouGbeucVtRGCt-reNoN2XsAgeitlr7YqR98ySXqsfcQY3R-0GWdK74ukdC82oeV_fIZyKMUDuh6DeCmCkUpx1LlX3LPRXX7ke4rrdJHy21iq6v1M2qSesCD2-Dow==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXuq6_5sq5Yb_ouGbeucVtRGCt-reNoN2XsAgeitlr7YqR98ySXqsfcQY3R-0GWdK74ukdC82oeV_fIZyKMUDuh6DeCmCkUpx1LlX3LPRXX7ke4rrdJHy21iq6v1M2qSesCD2-Dow==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5Nzg2ODY1LDQ0NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZmlsZS5pby9rTlFuL2Rvd25sb2FkL3ZzU2lScTVuU1dyeCIsbnVsbCxbWzgsIkJfb0VCc29ia0k4Il0sWzksImVuLVVTIl0sWzIyLCJmYWxzZSJdLFsxOSwiMiJdXV0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
bd0f62b52da741cb7272979508022fa0f075aaaa58a28db83501bf27fbf9d002
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZnlrcEFeKhWQQtbKKSaYdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZnlrcEFeKhWQQtbKKSaYdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw05BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLh-LirfQubwIXemU8YlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzIzM9QxM4wsMAPO5Oeg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame E0A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f156.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
2956
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28441
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 21:45:09 GMT
expires
Sun, 30 Jun 2024 22:35:09 GMT
last-modified
Mon, 24 Jun 2024 19:47:19 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406250101&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f154.1e100.net
Software
cafe /
Resource Hash
59c78797d7084c27934e635551fee1cb648ea355ca724194ad84d48dca29b13c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12604
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2482570818586793&correlator=1447020290478575&eid=31079956%2C31081525%2C31084501%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406250101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&gpp_sid=-1&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_637370d898fb531abee85aab%2CVM_637370bb889c301e8e7ad53d&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=970x250%7C970x90%7C728x90%7C300x250%7C336x280%2C970x250%7C728x90%7C970x90%7C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1719786865609&lmt=1700584689&adxs=315%2C315&adys=1413%2C213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&vis=1&psz=970x-1%7C970x-1&msz=970x-1%7C970x-1&fws=0%2C0&ohw=0%2C0&ga_vid=641649692.1719786864&ga_sid=1719786866&ga_hid=1845988397&ga_fc=true&topics=1&tps=1&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDI0MmJjNmI3LWUyMjAtNGE4ZS1iMjc1LWQzNmM5ZmMyYzUwOFgB&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719786864053&idt=1140&ppid=242bc6b7e2204a8eb275d36c9fc2c508&prev_scp=hb_pb%3D3.62%26hb_adid%3D637370d898fb531abee85aab-1100%26hb_iv%3D0%26sv%3D1%26re_ve%3D30a9a3e2-v8.38.0%26pg_ld_id%3D96775bfa-eca0-47d5-af5c-0eb43c6e6cba%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370d898fb531abee85aab%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dfalse%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2024-06-11%252009%253A32%253A35%26ta_si%3D728x90%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D097dc9e4-ef06-4559-b58c-fe0bbd7ca9b4%26tpcs%3Dunknown%26cdl%3D%26do%3Dfile.io%26bf_br%3D30059990%26af_im%3D39058894%7Chb_pb%3D3.62%26hb_adid%3D637370bb889c301e8e7ad53d-1101%26hb_iv%3D1%26sv%3D1%26re_ve%3D30a9a3e2-v8.38.0%26pg_ld_id%3D96775bfa-eca0-47d5-af5c-0eb43c6e6cba%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D637370bb889c301e8e7ad53d%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2024-06-11%252009%253A32%253A35%26ta_si%3D728x90%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D097dc9e4-ef06-4559-b58c-fe0bbd7ca9b4%26tpcs%3Dunknown%26cdl%3D%26do%3Dfile.io%26bf_br%3D30059990%26af_im%3D39058894&cust_params=testgroup%3D62&adks=3724057250%2C1393215030&frm=20&eoidce=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f157.1e100.net
Software
cafe /
Resource Hash
614b1e20764995f612e457e69606b7cbf0ff31172b4a6b85b089ae636727acd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19600
x-xss-protection
0
google-lineitem-id
4753039891,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138238778460,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
35e1e44facb1dc778bd866c7884935d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3738 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://35e1e44facb1dc778bd866c7884935d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.197.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 22:34:25 GMT
expires
Sun, 30 Jun 2024 22:34:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bid
aax.amazon-adsystem.com/e/dtb/ 		180 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&pid=oyPBk9SkwQvm3&cb=1&ws=1600x1200&v=24.620.1905&t=3500&slots=%5B%7B%22sd%22%3A%226373734998fb531abee85aca-1002%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22175459031%2FVM_6357fe75b1abda701427d92a%2FVM_6373734998fb531abee85aca%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%2C%22version%22%3A%5B%2210%22%2C%220%22%2C%220%22%5D%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Not%2FA%29Brand%22%2C%22version%22%3A%5B%228%22%2C%220%22%2C%220%22%2C%220%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%2C%220%22%2C%226478%22%2C%22126%22%5D%7D%2C%7B%22brand%22%3A%22Google+Chrome%22%2C%22version%22%3A%5B%22126%22%2C%220%22%2C%226478%22%2C%22126%22%5D%7D%5D%7D%7D%7D&schain=1.0%2C1%21venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&sm=efc603d8-5f00-41c7-9c9f-2c8a668a3eb5&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060f9iig7b968dhjjjj8kgiic898ff9a6ijo6uuq2g604kswwww4yquui464oo6e0%22%2C%22pubcommon%22%3A%22fb85143a-d891-4f7b-ac6f-d4f679baf904%22%7D%7D&_c=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.58.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-58-231.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
eb00c7150308a05bcbc4588a314a479b671b4b51f4ffa3b93132f8682d21142a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:25 GMT
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
timing-allow-origin
*
content-length
180
x-amz-cf-id
IN-5hmrO6cXTbcP1uwVLvTR2TZ7uGGDIUjepLZvWbnUE15TY0o56LA==
spt
tg1.aniview.com/api/adserver/ 		32 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=96775bfa-eca0-47d5-af5c-0eb43c6e6cba&AV_PLACEMENTID=6373750d98fb531abee85ae5
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.220.138.160 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-138-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
27ab5efb25da771eaeca1c206910a18f3dcd010f78d6eb8274b9d87f87c5f80b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-bamboo-c-skst
1
Date
Sun, 30 Jun 2024 22:34:25 GMT
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
Critical-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Connection
keep-alive
Content-Length
32642
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Allow-Credentials
false
Vary
Origin
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Expires
Sun, 30 Jun 2024 22:39:25 GMT
c
prebid.a-mo.net/a/ 		964 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
f885d151802fe1bfb1e8934f509ccec2ceed30c8fd61dc02322637ef0895b928

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:24 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
content-length
486
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
488ef78d5994c69552e00e801a786e5c9fb0a5e9746c3cd3437471269a6fd857
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:25 GMT
an-x-request-uuid
76a23788-91d8-428f-b389-013d009477cf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.11.114; 138.199.11.114; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
143
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		6 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dbfbd1761c76951810ffe8d82bd36cc4d71a60f38303c197fb6825cd3b182e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
89c19fa698538c2f-EWR
expires
0
auction
tlx.3lift.com/header/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.38.0&referrer=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&tmax=3500&gdpr=false
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.218.122.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-122-15.compute-1.amazonaws.com
Software
/
Resource Hash
2b30624a438ee8511adaffc6e5440787f752262285e372a4df150d6280a5197c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
zstd
observe-browsing-topics
?1
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2763
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
trinity.json
apex.go.sonobi.com/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22582b92efb392dac%22%3A%225c3986d1c2b45d45777d%7C160x600%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&s=816b24ac-b46e-46e8-a3fb-3a2bd2d52e1c&pv=a1692e88-e601-4078-89bd-22377a4bc0dd&vp=desktop&lib_name=prebid&lib_v=8.38.0&us=8&iqid=%7B%22pcid%22%3A%22729d9282-1057-4e54-92e1-f4343fff88c0%22%2C%22pcidDate%22%3A1719786865141%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22site%22%3A%7B%22domain%22%3A%22file.io%22%2C%22publisher%22%3A%7B%22domain%22%3A%22file.io%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx%22%2C%22mobile%22%3A0%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22126%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%226357fcceb1abda701427d928%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22242bc6b7-e220-4a8e-b275-d36c9fc2c508%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
22e38b509fcd6cf58f2f90b18fbf1bf2d1cd5b15f01d1709cf308e130efdbad6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-22
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
541
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
54 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
135.148.2.48 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip48.ip-135-148-2.us
Software
/
Resource Hash
79bbed73164193c229f135eb2be44af35044bdb845cec6ad0372901d9800c9e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.file.io
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
611a1881cd22c87dcd063d22
feed.avplayer.com/backend/api/playlist/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/api/playlist/611a1881cd22c87dcd063d22?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.211 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-251-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0d728dfa79038756273ea08258b696995fac825fa530a32ffac8a9aa902082a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
content-length
845
expires
Sun, 30 Jun 2024 23:34:26 GMT
avcplayer.js
player.avplayer.com/script/8.3/v/ 		536 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
35d2e15c09a0fcacb63f8fbce898dc170fe6fefac6902e76763d639e2ddd4886

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:41 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqemfkS7RaTxGtxv-pVpiP6wQE5rqc8pOSOpSEQe1HBBg0ToYpLVl926RfWNpTa0RMUyDKdKINzmA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
155132
last-modified
Wed, 22 May 2024 07:27:41 GMT
server
UploadServer
etag
"95e15ed575952aac83558c460243b630"
vary
Accept-Encoding
x-goog-generation
1716362861851096
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=F57Kwg==, md5=leFe1XWVKqyDVYxGAkO2MA==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=300
x-goog-stored-content-length
155132
accept-ranges
bytes
expires
Sun, 30 Jun 2024 22:39:41 GMT
track
track4.aniview.com/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track4.aniview.com/track?pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&cb=1719786865722&r=www.file.io&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d65=GoogleSignals&d66=8&d74=&e=playerLoaded&cpid=611a1881cd22c87dcd063d22&str=viewable
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2482570818586793&correlator=1447020290478575&eid=31079956%2C31081525%2C31084501%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406250101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&gpp_sid=-1&iu_parts=21726375739%3A22175459031%2CVM_6357fe75b1abda701427d92a%2CVM_6373734998fb531abee85aca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1719786865986&lmt=1700584689&adxs=45&adys=160&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&vis=1&psz=160x270&msz=160x250&fws=4&ohw=160&ga_vid=641649692.1719786864&ga_sid=1719786866&ga_hid=1845988397&ga_fc=true&topics=3&tps=3&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDI0MmJjNmI3LWUyMjAtNGE4ZS1iMjc1LWQzNmM5ZmMyYzUwOFgB&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719786864053&idt=1140&ppid=242bc6b7e2204a8eb275d36c9fc2c508&prev_scp=hb_pb%3D1.92%26hb_adid%3D6373734998fb531abee85aca-1002%26hb_iv%3D1%26sv%3D1%26re_ve%3D30a9a3e2-v8.38.0%26pg_ld_id%3D96775bfa-eca0-47d5-af5c-0eb43c6e6cba%26mo%3Dscan%26ac_id%3D6357fcceb1abda701427d928%26si_id%3D6357fe75b1abda701427d92a%26pl_id%3D6373734998fb531abee85aca%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2024-06-11%252009%253A32%253A35%26ta_si%3D160x600%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D097dc9e4-ef06-4559-b58c-fe0bbd7ca9b4%26tpcs%3Dunknown%26cdl%3D%26do%3Dfile.io%26st_ty%3Dvert%26bf_br%3D44832695%26af_im%3D47476494%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2&cust_params=testgroup%3D62&adks=395328347&frm=20&eoidce=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f157.1e100.net
Software
cafe /
Resource Hash
f2a18b531ff1414497daa7b9aa46711ea3e23fc744d50e0297f9da1f16be2c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19792
x-xss-protection
0
google-lineitem-id
4753033609
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138238778460
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Jun 2024 22:34:26 GMT
300x600-
fundingchoicesmessages.google.com/f/AGSKWxXi6VgFYaSRMvj0SkTL6buqjmj1dMxu7uj19olGPjtWsZKJSqM4t-_r9mVGi0zJERqSv-DpmGyLfpmPveXVho3NEt0iqmu8ytsuZoMULUribCRbjv33SyqK8OzdPoFXMHqwtydHAf7UWbvF34g0fHTxPfUv9... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXi6VgFYaSRMvj0SkTL6buqjmj1dMxu7uj19olGPjtWsZKJSqM4t-_r9mVGi0zJERqSv-DpmGyLfpmPveXVho3NEt0iqmu8ytsuZoMULUribCRbjv33SyqK8OzdPoFXMHqwtydHAf7UWbvF34g0fHTxPfUv94jb9RMGveWShdnEMalZd270MBLPGX2U/_/circads./apopwin./fwadmanager./ad_leaderboard./300x600-
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
ce256114c6eb1ceb2ec40927bff1f4eacfa720bd22cbb4e18349691db851a208
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1cHRvvi7P5GvIJtpBoDe1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1cHRvvi7P5GvIJtpBoDe1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLm-LSrfQubwI09cz2VNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAzMjMz1DEzjCwwAtkw5gw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f154.1e100.net
Software
cafe /
Resource Hash
aff29bea3eb01d73c6f9b5b41867f0d3a9cec6204e88822a99dd6fdbbcc34e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:11:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
1359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25678
x-xss-protection
0
server
cafe
etag
6704855416901562528
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 30 Jun 2024 23:11:47 GMT
AGSKWxXrAi1dhaxI5WbrH_G1qj1BUc04AcHwsY9woGZY67bS50KziPDNePKzLt_UdzjVhGWiONh13q66AUqfooYuZG9qj5qka7t8mp3HwLUaLjMppL6idoOQri6togLLnrBsPL-C0JVWiw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXrAi1dhaxI5WbrH_G1qj1BUc04AcHwsY9woGZY67bS50KziPDNePKzLt_UdzjVhGWiONh13q66AUqfooYuZG9qj5qka7t8mp3HwLUaLjMppL6idoOQri6togLLnrBsPL-C0JVWiw==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O8pPj_njPu2qnjSXpBPzHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-O8pPj_njPu2qnjSXpBPzHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfFpV_sWNoEZH-_lKLkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTAzMjcz0Ds_gCAwBGGivf"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXrAi1dhaxI5WbrH_G1qj1BUc04AcHwsY9woGZY67bS50KziPDNePKzLt_UdzjVhGWiONh13q66AUqfooYuZG9qj5qka7t8mp3HwLUaLjMppL6idoOQri6togLLnrBsPL-C0JVWiw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXrAi1dhaxI5WbrH_G1qj1BUc04AcHwsY9woGZY67bS50KziPDNePKzLt_UdzjVhGWiONh13q66AUqfooYuZG9qj5qka7t8mp3HwLUaLjMppL6idoOQri6togLLnrBsPL-C0JVWiw==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LoPpJGSOu1HusprLjD8wDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-LoPpJGSOu1HusprLjD8wDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfFpV_sWNoEbly_kKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTAzMjcz0Ds_gCAwBP2yv8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
bounce
id5-sync.com/ 		29 B
449 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.file.io
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
439076ab5f5d001d675bd42ff003bc465232c53571cd25e1a1358a71b890e3f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
AGSKWxXrAi1dhaxI5WbrH_G1qj1BUc04AcHwsY9woGZY67bS50KziPDNePKzLt_UdzjVhGWiONh13q66AUqfooYuZG9qj5qka7t8mp3HwLUaLjMppL6idoOQri6togLLnrBsPL-C0JVWiw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXrAi1dhaxI5WbrH_G1qj1BUc04AcHwsY9woGZY67bS50KziPDNePKzLt_UdzjVhGWiONh13q66AUqfooYuZG9qj5qka7t8mp3HwLUaLjMppL6idoOQri6togLLnrBsPL-C0JVWiw==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-a0ROC0XQibmQVobhUTDDYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-a0ROC0XQibmQVobhUTDDYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfFpV_sWNoEV_ddLlFyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJgZmRuZ6BWXyBAQAv5iuQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXrAi1dhaxI5WbrH_G1qj1BUc04AcHwsY9woGZY67bS50KziPDNePKzLt_UdzjVhGWiONh13q66AUqfooYuZG9qj5qka7t8mp3HwLUaLjMppL6idoOQri6togLLnrBsPL-C0JVWiw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXrAi1dhaxI5WbrH_G1qj1BUc04AcHwsY9woGZY67bS50KziPDNePKzLt_UdzjVhGWiONh13q66AUqfooYuZG9qj5qka7t8mp3HwLUaLjMppL6idoOQri6togLLnrBsPL-C0JVWiw==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vhpAu3N0Y-9_KCBycVepyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-vhpAu3N0Y-9_KCBycVepyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_FpV_sWNoETj482MSq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwMzI3M9A7P4AgMAX-Mr-g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWG0Zhuh5h2b927kyKkLSVg_x_FtY8ah-Ox14tZvTDW8bK_GQAHZH9rICTCZM3Ri2ghDcPhH6vNZNZVd_aFBdrwl_MJc6wawVjMxQAlvHSIuumqioDM6tbj8hJDXkasQI7ZYF2Vcg==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWG0Zhuh5h2b927kyKkLSVg_x_FtY8ah-Ox14tZvTDW8bK_GQAHZH9rICTCZM3Ri2ghDcPhH6vNZNZVd_aFBdrwl_MJc6wawVjMxQAlvHSIuumqioDM6tbj8hJDXkasQI7ZYF2Vcg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5Nzg2ODY2LDIyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmZpbGUuaW8va05Rbi9kb3dubG9hZC92c1NpUnE1blNXcngiLG51bGwsW1s4LCJCX29FQnNvYmtJOCJdLFs5LCJlbi1VUyJdLFsyMiwiZmFsc2UiXSxbMTksIjIiXV1d
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
a73c06aaf73db35a3172554f3f80dc0c7b8059dd9bfb2449744b16f7769d3901
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3Ynv00S16mDDNnzeoetmlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-3Ynv00S16mDDNnzeoetmlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLm-LSrfQubwIPWy5VKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgZmRuZ6BqbxBQYAw4E5wg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~ly24p2qz&ctx=0&met.9=1.105~2.12y
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.142.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ie-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ttj
ib.3lift.com/ Frame CC60 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=venatusmedia_RON_HDX_PrebidServer
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
/
Resource Hash
6509c2246867a22fb749ca7f309184efc76bdca164df1c1dbe178857016c5e9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:32:04 GMT
content-encoding
br
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
age
142
etag
W/"604f4ffbeb45995b700cabcf5966a56802d93733"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZaswbISMc55l35fIX4NQbc23DX5qsDqE8XzvWl8Hob5IVYwIFUtCFw==
wp.gif
elb.the-ozone-project.com/ Frame CC60 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/wp.gif?currency=USD&seat_id=&request_id=6ce78feb-4c82-4c4d-bad7-c1fc559dfd74&adunit=1101-637370bb889c301e8e7ad53d&size=970x250&adomain=%5Bgilt.com%5D&imp_id=128ab7cd619fb06&auction_id=&bid_id=39363111554813127848211&crid=2711_64_11388540&price=3.612&seat_name=triplelift&publisher_id=OZONEVEN0005&dealid=
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:26 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 30 Jun 2024 22:34:26 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
89c19faa7be88c2f-EWR
content-length
0
expires
Wed, 11 Nov 1998 11:11:11 GMT
notify
tlx.3lift.com/s2s/ Frame CC60 		37 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=3.612&ts=1719786865&aid=39363111554813127848211&ec=2711_64_11388540&n=GugFaHR0cHM6Ly9ydGIudXM1LnVzLmNyaXRlby5jb20vdHJpcGxlbGlmdG9ydGJiYW5uZXIvYXVjdGlvbi9ub3RpZnk%2FcHJvZmlsZT0yNzgmaW1wPUhOMzZvTTdQX3RCa3doenRSMHdqWXBJYTJzVVl2cVBUQXlBdlQ2Y2VRTkxBZk4wbjlzazhKZjJWdjVLaUQ1bi1EYW1aZ1dLTk9QUmdwQ2F5ZFVPYXp5LTVHZnd0b0xBci13R002YmpTbjdjNDVYakN2cUxESGZ4bzZDb1N2M0lCNmdqeU9UNlVoWGVCX3YzbHMwVkc4OHRiMWlUNkJrX2dIRW1DZUZMVWtmZDV3dEdSS0NtamFlYXg1YkV6NEJmNU5FSVNJQXd1TERpUHMtY3ZTRDdVMHhaQ2dNbzhOQTlUM0p3aEY0ZWxmMjB6aFN0YkZNa3QyTWg3QkZ3a0hxNE8wR2NSWi1pZFlvOWJuSC1hZ1hxU3BJd2NTMzBJZktSbUhna0c0WGN1cmRpV1dfQXdZZ0tWVWtZUDVWdEVjZDJ6dGFYcXF6cGw3UF9uWVlVdUNTWFJpRWlkQ1RyaXBVaktoOVl3blFRenloclN1WW40Z1Bld1F2M2xycDRVNmRuTnBmLUE2WUdRZV9SalJseFRGbjUwV2NBR2RNcVdtSUVrWmUxZlg2MWVQU0dvOEs5VThSY2xBMTJCREp3bW85RldMZmJHNnFvbXdPQUdqUHZuT3k0U0RRakluMHhxUGdwdk1INFpxSWtzc19HUEVKYkhIa0RjdFd3RzFZTXUzRlY5Z253S0V6MU9WNW43LXhjRl80ajdRUDVleXV5d3I0NDQ2NGtFRU1tNTFfUkVOMG9DdGxWSVV5UEM5WW5hbU1mcE13U0QtYVBoYWh3dVZjLVgxWnpYamNBZzNBbXFDcXNkb3pRZnBkMzZZa1ZPbE81al9ZYjZOQzM1ekhDY1dFMlJOb1FOV2NPSV9BT0JTaVRRSUtZLTRB8gLqAQgAEhczOTM2MzExMTU1NDgxMzEyNzg0ODIxMRgAIAEolxUwQEABSAFQAWAKaABwgQ2QAQCYAQCoAQC4ATLAAZwcyAHoIPABAPgB6CCAApwckQIAAAAAAADwP5kC7FG4HoXrwT%2BoAgCwAgPIAgTYAgD4AuM9gAPKB4gD%2BgGQAwKYAwGgAwG4A8ImyAMA0gMIMTEzODg1NDDgA%2BeIkF3pAwAAAAAAAAAA8APoIPkDAAAAAAAAAACABAOJBOxRuB6F68E%2FwARD0AQA2gQZMzkzNjMxMTE1NTQ4MTMxMjc4NDgyMTEgM%2BAEAPAEAfgCFIgDAJIDBDAxM2KYAwGgA6TAHKgDALoDDjEzOC4xOTkuMTEuMTE0
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.218.122.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-122-15.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 15 Oct 1992 20:10:00 GMT
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 4E60 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS1_8NARu73b5zZSZfq4cR6aNQ7xX-DcPQuIOIHjDr0o-yzhy_1cHuirnP3-jn5xjd-OuyHcMBV5D-AT3A_v9wHcRlF9zNAaKM_1zykM16Tbyc9tR-T3bJkpV8Y0kn_3-DAMapLQ_m5cnVxDdbtVGnqa2wqmJ8ZHW-DLvLzYhl6uMPYkqsVc456fJfIvPnxhwrCqrfZcjLBxlbVg7in8hSBFzYztUWkRrBJ9JLhlpgWLM2SMC51XQiQJva3fsAdqfqS-MhvCB39DA15S7PY8hsoMjjLP2AQWJkWXeOOovBzMdmTMYrW-81DdXR-K_U7qOpcAq3vQR7_XzBv0ziHAsGUzNnQuSsZ8RiSM9nHSsSwVOuMUqYAWQB2THPQ9d2b1Qc8BwDjLcu_rgoxbR8r1aUtDkckFtRiiZ4NQOreVYT7sn6bYL_CtV7NOc&sai=AMfl-YSpzpEOBjmBmM4MOSekK5qZd30QPWOPXGq3Zt2xCszaWoHnVFP6SV2N_WkooOlnnBUC0135iPsV8F7u9Sk3E28qGjbX25GcD2jw3o9wFVJNV574n38D_aHibFpHfzPFQltGcrp5wyZENgTwI83LRtX5-Ah90UKG43jkCmQZGdPR4SOV&sig=Cg0ArKJSzPlutF7I0_6_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Jun 2024 22:34:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240625/r20110914/ Frame 4E60 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240625/r20110914/abg_lite_fy2021.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f132.1e100.net
Software
cafe /
Resource Hash
cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 14:25:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
29352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9221
x-xss-protection
0
server
cafe
etag
14524351023591845701
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Jul 2024 14:25:14 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4E60 		205 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f154.1e100.net
Software
cafe /
Resource Hash
fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
2753
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64706
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Jun 2024 22:48:33 GMT
pixel;r=1589585366;labels=All.Title.Download%2CAll.Type.website%2CAll.Description.Sharing%20files%20with%20file%20io%20is%20convenient%20%20anonymous%20and%20secure%20%20Just%20upload%20files%20and...
pixel.quantserve.com/ 		35 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1589585366;labels=All.Title.Download%2CAll.Type.website%2CAll.Description.Sharing%20files%20with%20file%20io%20is%20convenient%20%20anonymous%20and%20secure%20%20Just%20upload%20files%20and%20share%20the%20links%20via%20email%20%20SMS%20%20Slack%20%20Discord%20%20etc%20%20Easy-to-use%20REST%20API%2CAll.Description.Sharing%20files%20with%20file%20io%20is%20convenient%20%20anonymous%20and%20secure%20%20Just%20upload%20files%20and%20share%20the%20links%20via%20email%20%20SMS%20%20Slack%20%20Discord%20%20etc%20%20Easy-to-use%20REST%20API%2CAll.Url.https%3A%2F%2Ffile%20io%2FvsSiRq5nSWrx;rf=0;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx;uht=2;fpan=1;fpa=P0-353304688-1719786865182;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;us_privacy=1---;gpp_sid=-1;ref=;d=file.io;dst=0;et=1719786866254;tzo=600;ogl=url.https%3A%2F%2Ffile%252Eio%2FvsSiRq5nSWrx%2Ctitle.Download%2Cdescription.Sharing%20files%20with%20file%252Eio%20is%20convenient%252C%20anonymous%20and%20secure%252E%20Just%20upload%20file%2Cimage.https%3A%2F%2Fwww%252Efile%252Eio%2Fimages%2Fog-img%252Epng%2Ctype.website;ses=964eb661-615f-4cf6-bd75-af70ead4ded8;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.67.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:26 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["+qmp9SokPePaWTd68/oFhg=="],"pcode":["p-Hwnr8j7tWA3Nu"]},{"label":["smf8mB/7jMgAKtSI4NHIBQ=="],"pcode":["p-Hwnr8j7tWA3Nu"]},{"label":["+FW0/y91gq4cqWDetTbUBg=="],"pcode":["p-Hwnr8j7tWA3Nu"]},{"label":["1lEH6vxZZiOBcEz6rv+Tcg=="],"pcode":["p-Hwnr8j7tWA3Nu"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ttj
ib.3lift.com/ Frame FEA0 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=venatusmedia_RON_HDX_PrebidServer
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
/
Resource Hash
6509c2246867a22fb749ca7f309184efc76bdca164df1c1dbe178857016c5e9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:32:04 GMT
content-encoding
br
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
age
142
etag
W/"604f4ffbeb45995b700cabcf5966a56802d93733"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZaswbISMc55l35fIX4NQbc23DX5qsDqE8XzvWl8Hob5IVYwIFUtCFw==
wp.gif
elb.the-ozone-project.com/ Frame FEA0 		0
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/wp.gif?currency=USD&seat_id=&request_id=6ce78feb-4c82-4c4d-bad7-c1fc559dfd74&adunit=1100-637370d898fb531abee85aab&size=970x250&adomain=%5Bgilt.com%5D&imp_id=11715c27f019164&auction_id=&bid_id=39363111554813127848210&crid=2711_64_11388540&price=3.612&seat_name=triplelift&publisher_id=OZONEVEN0005&dealid=
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:26 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 30 Jun 2024 22:34:26 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
89c19faaec668c2f-EWR
content-length
0
expires
Wed, 11 Nov 1998 11:11:11 GMT
notify
tlx.3lift.com/s2s/ Frame FEA0 		37 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=3.612&ts=1719786865&aid=39363111554813127848210&ec=2711_64_11388540&n=Gt0FaHR0cHM6Ly9ydGIudXM1LnVzLmNyaXRlby5jb20vdHJpcGxlbGlmdG9ydGJiYW5uZXIvYXVjdGlvbi9ub3RpZnk%2FcHJvZmlsZT0yNzgmaW1wPVp0dkNTN3haNWV3eUJmWFRkdDd6WDNOSjJYQkx5YVpwY3MxMzc3M1BEaWd1bmZMYmxoRHlTTXhQZ2VKR3BYUWo4M0NBaFhROUVTc01sYV95eGZPQXVhTHoxdW9JVEFGYUp1SVVxRDF3aFdGNW1aX01nZ0xyamdDZ3k2RWIzWndPWk1YLWQtNGVqUDRQZTRjV2ZXRzVLQjhWSnNaNzQwSVpoSWRrYkdvVnF0bkJQc2FmRG9MandwZlhsNWZpSktNdGV0V0dmczFHVWdjd2pseV8xS2prUVdDckNLTVBmbWFwZ1VjRGhsRUVMcjlDZkNfY0J2SzE4a3R5QjFwNUpMMURoU2VjLVRubzlMMUtUdHRveWgwLUJsS0Nmb240NS1yU0JHc1ZSR1p5THNyNGV3a0UtcGxoem9vdk8yVGxtZndQbURtbmVIX25hZGxnTEU2emRNZmxFc3dmckVJaERZdkh4ODhydnBZaTlpQUsycTlZSTctSW1ZdG5FZTNoWXhqNDZsOU0zaml3d1dnTE4zRkY1QjNFQWptbms1UmFfdUhOUlRYQThFRVByaENuNVRhMU9FQmdHYUpySmNEUVpOT1kxUTZPZlg2eTdkN2pXOHY4clBnSHh2dE1rZkluZExpcHhRVmNoYTMybjNlamRaWmJ5dVN2VHdqblhRUTVFT1R5ODNRNEJ6dTYxRnNybjZTbVRmeTAxRzhQeG5iZDU0eld3dFoxNlA2NDJvQmNyXzN2SDZ1SmlpV1UzQ2I2VXV2bG56bWJCTnllamZrUVNYcTB6djBJT2FGV01lcERudW9ORDdhV3BzZWdSNjZDNjk2bUZXX2FmMi04ZHBjQkNlcEduTkdaVU4wc3FMWfIC6gEIABIXMzkzNjMxMTE1NTQ4MTMxMjc4NDgyMTAYACABKJcVMEBAAUgBUAFgCmgAcIENkAEAmAEAqAEAuAEywAGcHMgB6CDwAQD4AegggAKcHJECAAAAAAAA8D%2BZAuxRuB6F68E%2FqAIAsAICyAIE2AIA%2BALjPYADygeIA%2FoBkAMCmAMBoAMBuAPCJsgDANIDCDExMzg4NTQw4APniJBd6QMAAAAAAAAAAPAD6CD5AwAAAAAAAAAAgAQDiQTsUbgehevBP8AEQtAEANoEGTM5MzYzMTExNTU0ODEzMTI3ODQ4MjEwIDLgBADwBAH4AhSIAwCSAwQwMTNimAMBoAOkwByoAwC6Aw4xMzguMTk5LjExLjExNA%3D%3D
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.218.122.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-122-15.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 15 Oct 1992 20:10:00 GMT
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
track_enc
track.venatusmedia.com/dual/ 		16 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.131.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-131-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:26 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
track
track.venatusmedia.com/dfp/ 		16 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dfp/track
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.131.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-131-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:26 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
AGSKWxVvS6vDoLu_ATx5jVsC4855D497pfKehosu3YZ_nF-_uA0dPQ-BcMWrIvk2iwtDk8WUNmQ-FwEZgLIya8zH8buHdLoKeuBxv2TQSUqxn_gVrh8803Ff-VjSmvrOotDie-Kt44plRQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVvS6vDoLu_ATx5jVsC4855D497pfKehosu3YZ_nF-_uA0dPQ-BcMWrIvk2iwtDk8WUNmQ-FwEZgLIya8zH8buHdLoKeuBxv2TQSUqxn_gVrh8803Ff-VjSmvrOotDie-Kt44plRQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5Nzg2ODY2LDM5MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmZpbGUuaW8va05Rbi9kb3dubG9hZC92c1NpUnE1blNXcngiLG51bGwsW1s4LCJCX29FQnNvYmtJOCJdLFs5LCJlbi1VUyJdLFsyMiwiZmFsc2UiXSxbMTksIjIiXV1d
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
9136bade543711f30968a2e86342f889413086a172b7339ba2365b3579ce9294
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-x1vJp4chjen6kzv0jSH60A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-x1vJp4chjen6kzv0jSH60A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLh-LSrfQubwITW2ycYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzIzM9QxM4wsMAPM0OdI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
track.venatusmedia.com/dfp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dfp/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.131.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-131-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.file.io
access-control-max-age
3600
content-length
0
date
Sun, 30 Jun 2024 22:34:26 GMT
vary
Origin
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 816F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 22:34:26 GMT
etag
expires
Sun, 30 Jun 2024 22:34:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C92 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
489917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jun 2024 06:29:10 GMT
expires
Wed, 25 Jun 2025 06:29:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7184 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f105.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-psyJCFCF05dwJGDRKIfDVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-psyJCFCF05dwJGDRKIfDVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 22:34:26 GMT
expires
Sun, 30 Jun 2024 22:34:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxVFNHmS1LpB6QvusorpiwzDxuZ6FXasAiI4O9tqnX7ooUPlX1SMEZzEsPf6NGuDYLAkpQu391bThQpsQZO8g9WXDf10I1zeuYPfJ_1SBpSQkljaOOtG0kFVBTLkf_Vq6J3b7Yn8Lg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVFNHmS1LpB6QvusorpiwzDxuZ6FXasAiI4O9tqnX7ooUPlX1SMEZzEsPf6NGuDYLAkpQu391bThQpsQZO8g9WXDf10I1zeuYPfJ_1SBpSQkljaOOtG0kFVBTLkf_Vq6J3b7Yn8Lg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5Nzg2ODY2LDQ4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4tR0IiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZmlsZS5pby9rTlFuL2Rvd25sb2FkL3ZzU2lScTVuU1dyeCIsbnVsbCxbWzgsIkJfb0VCc29ia0k4Il0sWzksImVuLVVTIl0sWzIyLCJmYWxzZSJdLFsxOSwiMiJdXV0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
697aa3497442816bfe0b7d21e589a64380c82100c171ba862bc784f29d678575
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-63GhCYUEfluyAnxbkL5ukw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-63GhCYUEfluyAnxbkL5ukw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLh-LSrfQubwIu_-74wKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6xmYxhcYAAAcejqz"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
v3
id5-sync.com/gm/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
fb8e4d3ea8a06ffd5547cf08fc0614b9b8c0646133a64adf6bb37ba588d63b3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.file.io
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
AGSKWxV8xhIrNwwnMO-QgvhLdNKXn0XAqOP-o-ocXZYrygvpci_ZMyCkzRLWn_ahiS49Jj0NfHhJ0k1OSHxd-sENOm7ayA7hECvewQyLasSGhKJMnDz6rdQ57CciUwW_unyDpa-g4nLJfQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV8xhIrNwwnMO-QgvhLdNKXn0XAqOP-o-ocXZYrygvpci_ZMyCkzRLWn_ahiS49Jj0NfHhJ0k1OSHxd-sENOm7ayA7hECvewQyLasSGhKJMnDz6rdQ57CciUwW_unyDpa-g4nLJfQ==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MaXpS3N_29KNG1ePP6FWxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-MaXpS3N_29KNG1ePP6FWxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_FpV_sWNoGOb5PamZRckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiYGZkbmegVl8gQEATTUrsQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
9.gif
id5-sync.com/c/258/1246/0/
Redirect Chain
  • https://id5-sync.com/i/258/8.gif?o=api&id5id=ID5*jxhypmXRnkwQvqD03XNiFC5Fd22CrrnE-TTYs2d0AFSsk14CUJyqfqWDhhcFcSnV&gdpr_consent=undefined&gdpr=false
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=4b61e104-667d-4651-90cf-d90331841c7e&ttl=%%TTL%%
  • https://ce.lijit.com/merge?pid=27&3pid=4b61e104-667d-4651-90cf-d90331841c7e&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F1245%2F6%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://ce.lijit.com/merge?pid=27&3pid=4b61e104-667d-4651-90cf-d90331841c7e&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F1245%2F6%2F3.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/258/1245/6/3.gif?puid=I6kKARZHnh-KrvfWTt2ZrUAe&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/258/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/258/2/5/4.gif?puid=5167546006793024041&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F203%2F4%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/258/203/4/5.gif?puid=5659a91b-4893-4052-8e4b-9033aca7df97&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/258/434/3/6.gif?puid=4071189e-3a8f-4452-a438-7ba74a6daf36&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?puid=AAS_eE7NA7sAABPrfasd9Q&id5AccountNum=155&numCascadesAllowed=9
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/258/429/1/8.gif?puid=6BD50DD9-CA19-4183-ADFE-249F4E5428CF&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=5167546006793024041&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F258%2F1246%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/258/1246/0/9.gif?puid=I6kKARZHnh-KrvfWTt2ZrUAe&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/258/1246/0/9.gif?puid=I6kKARZHnh-KrvfWTt2ZrUAe&gdpr=0&gdpr_consent=
Protocol
H2
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 30 Jun 2024 22:34:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:32 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://id5-sync.com/c/258/1246/0/9.gif?puid=I6kKARZHnh-KrvfWTt2ZrUAe&gdpr=0&gdpr_consent=
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
bundle.js
ib.3lift.com/rev/cde9106036594f2633b4645cedf5d18126fb0ebe/dist/ Frame CC60 		204 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/cde9106036594f2633b4645cedf5d18126fb0ebe/dist/bundle.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fd505862e23d3e89042b2972baaad83bd1a70629a226c0ecd310df3b21ddeb8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 17:23:14 GMT
content-encoding
br
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 17:22:38 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
796273
etag
W/"5553266606bd08eb4a0aefdfd525ae0d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
xH3t9Ft0WIbhoQOuR7lpV2eNXzNW3Mwm_xgXezQJPXI05NM8bd5iBQ==
bundle.js
ib.3lift.com/rev/cde9106036594f2633b4645cedf5d18126fb0ebe/dist/ Frame FEA0 		204 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/cde9106036594f2633b4645cedf5d18126fb0ebe/dist/bundle.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fd505862e23d3e89042b2972baaad83bd1a70629a226c0ecd310df3b21ddeb8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 17:23:14 GMT
content-encoding
br
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 17:22:38 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
796273
etag
W/"5553266606bd08eb4a0aefdfd525ae0d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
xH3t9Ft0WIbhoQOuR7lpV2eNXzNW3Mwm_xgXezQJPXI05NM8bd5iBQ==
notify
tlx.3lift.com/s2s/ 		37 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=3.612&ts=1719786865&aid=39363111554813127848211&ec=2711_64_11388540&n=GugFaHR0cHM6Ly9ydGIudXM1LnVzLmNyaXRlby5jb20vdHJpcGxlbGlmdG9ydGJiYW5uZXIvYXVjdGlvbi9ub3RpZnk%2FcHJvZmlsZT0yNzgmaW1wPUhOMzZvTTdQX3RCa3doenRSMHdqWXBJYTJzVVl2cVBUQXlBdlQ2Y2VRTkxBZk4wbjlzazhKZjJWdjVLaUQ1bi1EYW1aZ1dLTk9QUmdwQ2F5ZFVPYXp5LTVHZnd0b0xBci13R002YmpTbjdjNDVYakN2cUxESGZ4bzZDb1N2M0lCNmdqeU9UNlVoWGVCX3YzbHMwVkc4OHRiMWlUNkJrX2dIRW1DZUZMVWtmZDV3dEdSS0NtamFlYXg1YkV6NEJmNU5FSVNJQXd1TERpUHMtY3ZTRDdVMHhaQ2dNbzhOQTlUM0p3aEY0ZWxmMjB6aFN0YkZNa3QyTWg3QkZ3a0hxNE8wR2NSWi1pZFlvOWJuSC1hZ1hxU3BJd2NTMzBJZktSbUhna0c0WGN1cmRpV1dfQXdZZ0tWVWtZUDVWdEVjZDJ6dGFYcXF6cGw3UF9uWVlVdUNTWFJpRWlkQ1RyaXBVaktoOVl3blFRenloclN1WW40Z1Bld1F2M2xycDRVNmRuTnBmLUE2WUdRZV9SalJseFRGbjUwV2NBR2RNcVdtSUVrWmUxZlg2MWVQU0dvOEs5VThSY2xBMTJCREp3bW85RldMZmJHNnFvbXdPQUdqUHZuT3k0U0RRakluMHhxUGdwdk1INFpxSWtzc19HUEVKYkhIa0RjdFd3RzFZTXUzRlY5Z253S0V6MU9WNW43LXhjRl80ajdRUDVleXV5d3I0NDQ2NGtFRU1tNTFfUkVOMG9DdGxWSVV5UEM5WW5hbU1mcE13U0QtYVBoYWh3dVZjLVgxWnpYamNBZzNBbXFDcXNkb3pRZnBkMzZZa1ZPbE81al9ZYjZOQzM1ekhDY1dFMlJOb1FOV2NPSV9BT0JTaVRRSUtZLTRB8gLqAQgAEhczOTM2MzExMTU1NDgxMzEyNzg0ODIxMRgAIAEolxUwQEABSAFQAWAKaABwgQ2QAQCYAQCoAQC4ATLAAZwcyAHoIPABAPgB6CCAApwckQIAAAAAAADwP5kC7FG4HoXrwT%2BoAgCwAgPIAgTYAgD4AuM9gAPKB4gD%2BgGQAwKYAwGgAwG4A8ImyAMA0gMIMTEzODg1NDDgA%2BeIkF3pAwAAAAAAAAAA8APoIPkDAAAAAAAAAACABAOJBOxRuB6F68E%2FwARD0AQA2gQZMzkzNjMxMTE1NTQ4MTMxMjc4NDgyMTEgM%2BAEAPAEAfgCFIgDAJIDBDAxM2KYAwGgA6TAHKgDALoDDjEzOC4xOTkuMTEuMTE0&b=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.218.122.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-122-15.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 15 Oct 1992 20:10:00 GMT
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848211&rev=cde9106&pr=un&bc=AAABkGtJAsInPOg57gWSGPupeM7JpmS0SUQGbQ%3D%3D&bmid=2711&biid=7907&sid=64&brid=1665&adid=11388540&crid=195298407&ts=1719786865&bcud=4200&ss=20&dmp_ids=Ci5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%3D%3D&unid=0&domain=www.file.io&ref=https%253A%252F%252Fwww.file.io%252FkNQn%252Fdownload%252FvsSiRq5nSWrx&rr=creative&fid=10&rb=0&g=0&tmplid=295279&cb=49179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pe
eb2.3lift.com/ 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848211&rev=cde9106&peid=1&fid=10&tid=0&cb=66814
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dyn
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dyn?long1=230710&string1=39363111554813127848211&string2=gpp_new&cb=73345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame CC60 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 02:17:53 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
72994
x-amz-cf-pop
EWR53-C1
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3125
x-amz-cf-id
QzNKh0_p4fRfhSek4kxuWXlLAu3I58p9Fbls93JuzHd12Idv_IjXPw==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame CC60 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 02:17:53 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
72994
x-amz-cf-pop
EWR53-C1
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3518
x-amz-cf-id
bjJGl1ZA7IZbThnxoS3uxmqgbfbwZWBeOSOrQFl3EpZgiLDxOol73g==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848211&rev=cde9106&cta_render_method=1&cta_render_text=&cb=31933
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
afr.php
ads.us.criteo.com/delivery/r/ Frame CA15 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=AAABkGtJAsInPOg57gWSGPupeM7JpmS0SUQGbQ==&u=%7CFv7Snq6q1BZZfq2ZQ%2F0iz%2FQBxVWsbRNvv9cILcDo6k0%3D%7C&c1=mOd7Dh6zPV9mKlrlwmXIuWz5gKrlWe7tvP-K7M0GMKT2iFkJPUoPzd1ms0khpy4P0CFpQ2Sc-wAAIfq80rf-ZFXUh0qCYYxv08NR_dtC2HEoF19O6K9sx1ZuazZMETgm13Pz4e9mZJgTUlB1F3te3wvp_sLt6YT8pBW3-RKQjByssVi2u-kW-YfJU0bzHQfcp75hH1IXoJcZw9X_HFsYKKo5w-CprfTf19JVREwnifLc6m9EkrGRw6MkofRdxuIRvfr4j8EBvJBls6nAvdO8HNKowaWgsx2VTX4yPbGHReg8sy_4ru739ExUOT3L6dno8XV2WIumleT5H8OKXqdzpmwK2_MTVq_BmYft9UWd_TdS_pRhKRlMoAJ36EaiEX6IeAkmNFyc0LVO2DBQDHYXMEZgUVIyd5xALhfkxQVS2fDQz_kjA_j2B_GFYKj7j5SjqQ8NVHJ7h5-QkkclKot6C2JlYBuP_mJjtZ4kXLqerbY5K_7O_pmEhEa0grSw3sJaOnvlSivvFwGTKvrOalYCdFw-HAM5PX_B9lEIxazurkK5utyLMNnXaaCOy6BV6LGd_Dq_TYFsFq6Yw2J9GBM7ROZoi5yMiZJi1ky0v7z7t7jMK3RCkp29VYdBrh5aF3U42p7UpbPYHG35_BqBpxb_VrmtF-nDZ5b0uTBiqoEvb5U&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dvenatusmedia_RON_HDX_PrebidServer%26aid%3D39363111554813127848211%26rev%3Dcde9106%26pr%3D3.612%26bc%3DAAABkGtJAsInPOg57gWSGPupeM7JpmS0SUQGbQ%253D%253D%26bmid%3D2711%26biid%3D7907%26sid%3D64%26brid%3D1665%26adid%3D11388540%26crid%3D195298407%26ts%3D1719786865%26bcud%3D4200%26ss%3D20%26dmp_ids%3DCi5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%253D%253D%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D73363%26rdir%3D
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.25 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 22:34:26 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Ryj305uaBpPzdDoRYGpXOGij9cm3YD8HhulAmti-Q5b8Gt0D5ursseFmriuB05_CpeEPTUE07Go0VncRTFMaQWZN38GSO2Xu1G4EQHHujKZpImqGxlpU82dli5n5DseIPBv5Q76Yzpo2eyCXHBnDk6KkAjpqsEVCjGwq6gD1XXS_-LVQ5UL63SFmv-fdQwNU2gCnxoitzF9Z10BvzYFbyxPsEhIBwulAkrnh7NTGb2sCJ9ylCz6aC3lZrpTJZD40xAGQaw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
155582380
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848211&rev=cde9106&pr=un&bc=AAABkGtJAsInPOg57gWSGPupeM7JpmS0SUQGbQ%3D%3D&bmid=2711&biid=7907&sid=64&brid=1665&adid=11388540&crid=195298407&ts=1719786865&bcud=4200&ss=20&dmp_ids=Ci5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%3D%3D&unid=0&domain=www.file.io&ref=https%253A%252F%252Fwww.file.io%252FkNQn%252Fdownload%252FvsSiRq5nSWrx&rr=creative&fid=10&rb=0&g=0&tmplid=295279&cb=75232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dr
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dr?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848211&rev=cde9106&disclosure_render_method=3&disclosure_render_text=Learn%20more&cb=88317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
eb2.3lift.com/ Frame 0372 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&gdpr=false&gpp_sid=-1&cb=67177
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1118
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 22:34:26 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
notify
tlx.3lift.com/s2s/ 		37 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=3.612&ts=1719786865&aid=39363111554813127848210&ec=2711_64_11388540&n=Gt0FaHR0cHM6Ly9ydGIudXM1LnVzLmNyaXRlby5jb20vdHJpcGxlbGlmdG9ydGJiYW5uZXIvYXVjdGlvbi9ub3RpZnk%2FcHJvZmlsZT0yNzgmaW1wPVp0dkNTN3haNWV3eUJmWFRkdDd6WDNOSjJYQkx5YVpwY3MxMzc3M1BEaWd1bmZMYmxoRHlTTXhQZ2VKR3BYUWo4M0NBaFhROUVTc01sYV95eGZPQXVhTHoxdW9JVEFGYUp1SVVxRDF3aFdGNW1aX01nZ0xyamdDZ3k2RWIzWndPWk1YLWQtNGVqUDRQZTRjV2ZXRzVLQjhWSnNaNzQwSVpoSWRrYkdvVnF0bkJQc2FmRG9MandwZlhsNWZpSktNdGV0V0dmczFHVWdjd2pseV8xS2prUVdDckNLTVBmbWFwZ1VjRGhsRUVMcjlDZkNfY0J2SzE4a3R5QjFwNUpMMURoU2VjLVRubzlMMUtUdHRveWgwLUJsS0Nmb240NS1yU0JHc1ZSR1p5THNyNGV3a0UtcGxoem9vdk8yVGxtZndQbURtbmVIX25hZGxnTEU2emRNZmxFc3dmckVJaERZdkh4ODhydnBZaTlpQUsycTlZSTctSW1ZdG5FZTNoWXhqNDZsOU0zaml3d1dnTE4zRkY1QjNFQWptbms1UmFfdUhOUlRYQThFRVByaENuNVRhMU9FQmdHYUpySmNEUVpOT1kxUTZPZlg2eTdkN2pXOHY4clBnSHh2dE1rZkluZExpcHhRVmNoYTMybjNlamRaWmJ5dVN2VHdqblhRUTVFT1R5ODNRNEJ6dTYxRnNybjZTbVRmeTAxRzhQeG5iZDU0eld3dFoxNlA2NDJvQmNyXzN2SDZ1SmlpV1UzQ2I2VXV2bG56bWJCTnllamZrUVNYcTB6djBJT2FGV01lcERudW9ORDdhV3BzZWdSNjZDNjk2bUZXX2FmMi04ZHBjQkNlcEduTkdaVU4wc3FMWfIC6gEIABIXMzkzNjMxMTE1NTQ4MTMxMjc4NDgyMTAYACABKJcVMEBAAUgBUAFgCmgAcIENkAEAmAEAqAEAuAEywAGcHMgB6CDwAQD4AegggAKcHJECAAAAAAAA8D%2BZAuxRuB6F68E%2FqAIAsAICyAIE2AIA%2BALjPYADygeIA%2FoBkAMCmAMBoAMBuAPCJsgDANIDCDExMzg4NTQw4APniJBd6QMAAAAAAAAAAPAD6CD5AwAAAAAAAAAAgAQDiQTsUbgehevBP8AEQtAEANoEGTM5MzYzMTExNTU0ODEzMTI3ODQ4MjEwIDLgBADwBAH4AhSIAwCSAwQwMTNimAMBoAOkwByoAwC6Aw4xMzguMTk5LjExLjExNA%3D%3D&b=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.218.122.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-122-15.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 15 Oct 1992 20:10:00 GMT
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848210&rev=cde9106&pr=un&bc=AAABkGtJAsJ1XsXUWWGpK_CkiG0hBIQ5nCzYrw%3D%3D&bmid=2711&biid=7907&sid=64&brid=1665&adid=11388540&crid=195298407&ts=1719786865&bcud=4200&ss=20&dmp_ids=Ci5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%3D%3D&unid=0&domain=www.file.io&ref=https%253A%252F%252Fwww.file.io%252FkNQn%252Fdownload%252FvsSiRq5nSWrx&rr=creative&fid=10&rb=0&g=0&tmplid=295279&cb=14187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pe
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848210&rev=cde9106&peid=1&fid=10&tid=0&cb=76437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dyn
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dyn?long1=230710&string1=39363111554813127848210&string2=gpp_new&cb=57090
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame FEA0 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 02:17:53 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
72994
x-amz-cf-pop
EWR53-C1
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3125
x-amz-cf-id
QzNKh0_p4fRfhSek4kxuWXlLAu3I58p9Fbls93JuzHd12Idv_IjXPw==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame FEA0 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 02:17:53 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
72994
x-amz-cf-pop
EWR53-C1
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3518
x-amz-cf-id
bjJGl1ZA7IZbThnxoS3uxmqgbfbwZWBeOSOrQFl3EpZgiLDxOol73g==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848210&rev=cde9106&cta_render_method=1&cta_render_text=&cb=93432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
afr.php
ads.us.criteo.com/delivery/r/ Frame 1C97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=AAABkGtJAsJ1XsXUWWGpK_CkiG0hBIQ5nCzYrw==&u=%7CFv7Snq6q1BZZfq2ZQ%2F0iz%2FQBxVWsbRNvv9cILcDo6k0%3D%7C&c1=mOd7Dh6zPV9mKlrlwmXIuWz5gKrlWe7tvP-K7M0GMKT2iFkJPUoPzd1ms0khpy4P0CFpQ2Sc-wAAIfq80rf-ZFXUh0qCYYxv08NR_dtC2HFH1OcpRgnWWOubCjYo8Lzp4J5_VoRbAUwc3sI4F6Sx27GTfFOldhBZdIkQk9KbNsXcNtG8zMtD-YDKdw2n5ecALADZDRsL7whuKuvb8k78hL3XUIatOIHzm_22BfqjxCJIK1DUXYx8xT5rmnnX9JjaJ0ZrZUx21RCVZk1vGVa6uYk24vQ2lBmonNcChEleWp_SXLH7sAK7GN4C6PJtnWC6jo6TLkKlV1__ENBm86eyY60IZfDy2dSPoJgISPiMQENa9V-d2Cpr9cVQMlLnRfQMzNir7L_d-xCB8Igz7kZaeD9AzEfgr_klX5tsgpSx8WWrORiPtIWYalH_94qLMChSLLSNxs5Kzppd_oOaFP8OWTaeQvYxSVZgqQeg0hyhqxcRILRwwjq-wLb72tz6jCkAsZ2euMdjSX7lmw3VN8dHgO9DNaU-nH9FMavtw4JRljZiCqcYL__AzBGPI6v-DmL0uXS7BffLWoPPSiA-bQ6FHw4bONNjdSDI-eYMKKySHzR1EbIrEORbYAV_k_wkebcEVBtLDvza0166PXRwIY0XSrFOhCUapM4T34PssPnUoG8&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dvenatusmedia_RON_HDX_PrebidServer%26aid%3D39363111554813127848210%26rev%3Dcde9106%26pr%3D3.612%26bc%3DAAABkGtJAsJ1XsXUWWGpK_CkiG0hBIQ5nCzYrw%253D%253D%26bmid%3D2711%26biid%3D7907%26sid%3D64%26brid%3D1665%26adid%3D11388540%26crid%3D195298407%26ts%3D1719786865%26bcud%3D4200%26ss%3D20%26dmp_ids%3DCi5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%253D%253D%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D50412%26rdir%3D
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.25 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 22:34:26 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=UmbrtJuaBpPzdDoRb6Hx6JzVyQPyqt3M7_13OOJUl7KCH_LSVt2OD6_2fXQ6E8BypwQEVLGPiKIm68pjE6rTKR62RnDpc2jrMmtDUuZR_4T479TC9Tq60qse5sYQYCshxn9luzgkvyir5t-VzGqBIFzXovarcJ6tWIeMFVUuUbRs5a8PCgxYS85lOHogqEe1in-P1kIM8s8KyxvxBe2SNCvEjShzZPETlRxY_rW8TxeGsrRr3dJy-w_liQhyGN-g0nkClg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
139889020
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848211&rev=cde9106&pr=3.612&bc=AAABkGtJAsInPOg57gWSGPupeM7JpmS0SUQGbQ%3D%3D&bmid=2711&biid=7907&sid=64&brid=1665&adid=11388540&crid=195298407&ts=1719786865&bcud=4200&ss=20&dmp_ids=Ci5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%3D%3D&unid=0&cepos=0&ceid=0&cb=63437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848210&rev=cde9106&pr=un&bc=AAABkGtJAsJ1XsXUWWGpK_CkiG0hBIQ5nCzYrw%3D%3D&bmid=2711&biid=7907&sid=64&brid=1665&adid=11388540&crid=195298407&ts=1719786865&bcud=4200&ss=20&dmp_ids=Ci5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%3D%3D&unid=0&domain=www.file.io&ref=https%253A%252F%252Fwww.file.io%252FkNQn%252Fdownload%252FvsSiRq5nSWrx&rr=creative&fid=10&rb=0&g=0&tmplid=295279&cb=57958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dr
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dr?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848210&rev=cde9106&disclosure_render_method=3&disclosure_render_text=Learn%20more&cb=90664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
eb2.3lift.com/ Frame 0C39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&gdpr=false&gpp_sid=-1&cb=78506
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1338
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 22:34:26 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
securepubads.g.doubleclick.net/pcs/ Frame 165D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIDTq8zHw9AJMhfwXMbPfaRsAE8orXYOrXG3KlmDomw1NEaG30zVhSuNnFBj-QffqlvL9ianqMU_ueX7F6CD9ZJHveVzJhuLxt0UNbQ59RSk5orEJPI9kZNcw8Jj44B4rN_KOtb0DITVZEImzpvowHTrqlLV5Y3RO0Rt0qkfxReC2nr-78RlBiGW8QXBtt4KlJF9OQ4pjhQoKbJi3CAeWTsEV0yvivf_zWZ1vlMZfPoXdGAc0CNnQFgnebOzMa_GmftWy_sEX-ftERUWBJ67KPRH8KHXiF-y_h5Z5iJma6dW8A3zWFqMe5gei72vDeMuF_ZL8t-mKKQGq3GWmZZAXKxHEGGLMW8fwnMOBVhiKh6XVXzmtqka_DSSMKElR3-TBpYaXzo2T5pOye2itmX1DH_-GWsYpO7VnCMw4eRjEiyLE8oGQxYOAlteY&sai=AMfl-YTEsXgXPiwictFIEDyDUlAvyaaLEk4I2nY7W4xXles8VXG5Yz1_jnwiqTPizsORKFjr5La-9p3-7-K92vCqkBwUiZKr4Py0Dr5XPruZp1HuWJNZ7rZke26xJ3oHkIlr1naErex78j5Swm5vVbbSDlmeRqCE4zQiUUHigFEVckVuKu4Sg--KXjXgZcclJWtFRdfWC07bAVZQQGfSyZuyF_dSgnzJ8VGDdR7WZTxyzNIxwDA&sig=Cg0ArKJSzFNg8MQHE4evEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240625/r20110914/ Frame 165D 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240625/r20110914/abg_lite_fy2021.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f132.1e100.net
Software
cafe /
Resource Hash
cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 14:25:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
29352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9221
x-xss-protection
0
server
cafe
etag
14524351023591845701
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Jul 2024 14:25:14 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 165D 		205 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f154.1e100.net
Software
cafe /
Resource Hash
fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
2753
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64706
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Jun 2024 22:48:33 GMT
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 7DE5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 22:34:26 GMT
etag
expires
Sun, 30 Jun 2024 22:34:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ttj
ib.3lift.com/ Frame 2E64 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=venatusmedia_RON_HDX_PrebidServer
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
/
Resource Hash
6509c2246867a22fb749ca7f309184efc76bdca164df1c1dbe178857016c5e9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:32:04 GMT
content-encoding
br
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
age
142
etag
W/"604f4ffbeb45995b700cabcf5966a56802d93733"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZaswbISMc55l35fIX4NQbc23DX5qsDqE8XzvWl8Hob5IVYwIFUtCFw==
bundle.js
ib.3lift.com/rev/cde9106036594f2633b4645cedf5d18126fb0ebe/dist/ Frame 2E64 		204 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/cde9106036594f2633b4645cedf5d18126fb0ebe/dist/bundle.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fd505862e23d3e89042b2972baaad83bd1a70629a226c0ecd310df3b21ddeb8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 17:23:14 GMT
content-encoding
br
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 17:22:38 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
796273
etag
W/"5553266606bd08eb4a0aefdfd525ae0d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
xH3t9Ft0WIbhoQOuR7lpV2eNXzNW3Mwm_xgXezQJPXI05NM8bd5iBQ==
notify
tlx.3lift.com/s2s/ Frame 2E64 		37 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=1.917&ts=1719786865&aid=9529085240870157859950&ec=2711_64_11388540&n=Gt0FaHR0cHM6Ly9ydGIudXM1LnVzLmNyaXRlby5jb20vdHJpcGxlbGlmdG9ydGJiYW5uZXIvYXVjdGlvbi9ub3RpZnk%2FcHJvZmlsZT0yNzgmaW1wPVlRMFpUMzdpQWlJUjBXbFEzd3d0LU10TWdGQkIwSlM4ZUpfQkNhRDFRUFVQaXJuTzQtcUJwREJaVS1FVXdqeVp5M2ZnRkljT3VidmxhRFNYUGFKeEhNNUFoamZIRzVvRkpCVy1xVlkyWjhHT0N2TXBrU0RZZ3RSa0pkanRzUThfQ0N4RFNnYzVIdEVEeDZzaGdDT1hsX2xwbGIyb3l0MFJxenNSRTI4YjlGQUQ1dEN3aHpBY0VMa3p1XzNoczZsQUs0bjE3Z2ExdE80R2RzX2JENlB6Rll1bkM5VWRWaFpMR0tvaXgxQkRJTUdSTVlOcFJVTTNYYzAtaHBxUDhVdkUySkJONDJWY3VrYmNPRU93WEJ4aThFTExOdlp3Wkw5Z3dTR2Z6ZC1qcnltTHZSLVg5TDdXSUNWTktGRUVRR2tKekg1NnZEdmtKSmJRVlZMaERCYmI2U29WVzd2SmItTFhydTV1NHh4bWQtWHZjVnd2VE1YSTlvZFdSSHh0S1R2ME95ZWJyeVJreTREcnZFc3F1ZlNVSXliT284RzJ4MUd1bWtwSmhZZHJ4RWQ1UEQxT29oS3NxYTk1UllQM0VIOUpOZkdybXhxeGp4V3RNSzBxY2w3dXYteDMxbHZKOXlDdlhUby1tTlB2LUd2V185b3RGWXNjY0w0YjlBX2x0d1pWd1RLcmExYlZMWmJUb1MwaU15YXlTSzJ3cW4wcGtLOG9xSWpRUGNkeERVd3M2Sk9IUkxOcjhKVVF6Si04aXJuek1ienBHVTN2SWlnRWlQaVJjT2V3V1lGblAtWkhPQXNUUG5mUGd4YlJZY05KU0UtQUF2N1hZX3dYM3g3Q2M5N2h5d3I0OFlEaEhoNPIC6AEIABIWOTUyOTA4NTI0MDg3MDE1Nzg1OTk1MBgAIAEolxUwQEABSAFQAWAKaABwgQ2QAQCYAQCoAQC4ATLAAf0OyAG2EfABAPgBthGAAv0OkQIAAAAAAADwP5kC7FG4HoXrwT%2BoAgCwAgHIAgTYAgD4AuM9gAOgAYgD2ASQAwKYAwGgAwG4A8ImyAMA0gMIMTEzODg1NDDgA%2BeIkF3pAwAAAAAAAAAA8AO2EfkDAAAAAAAAAACABAOJBOxRuB6F68E%2FwAQt0AQA2gQYOTUyOTA4NTI0MDg3MDE1Nzg1OTk1MCAx4AQA8AQB%2BAIUiAMAkgMEMDEzYpgDAaADpMAcqAMAugMOMTM4LjE5OS4xMS4xMTQ%3D
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.218.122.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-122-15.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 15 Oct 1992 20:10:00 GMT
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
wp.gif
elb.the-ozone-project.com/ Frame 2E64 		0
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/wp.gif?currency=USD&seat_id=&request_id=b42770c4-b63a-40d4-bf27-65df5c643584&adunit=1002-6373734998fb531abee85aca&size=160x600&adomain=%5Bgilt.com%5D&imp_id=5468a6fe5097ff2&auction_id=&bid_id=9529085240870157859950&crid=2711_64_11388540&price=1.917&seat_name=triplelift-1&publisher_id=OZONEVEN0005&dealid=
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:26 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 30 Jun 2024 22:34:26 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
89c19fadcf508c2f-EWR
content-length
0
expires
Wed, 11 Nov 1998 11:11:11 GMT
notify
tlx.3lift.com/s2s/ 		37 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=1.917&ts=1719786865&aid=9529085240870157859950&ec=2711_64_11388540&n=Gt0FaHR0cHM6Ly9ydGIudXM1LnVzLmNyaXRlby5jb20vdHJpcGxlbGlmdG9ydGJiYW5uZXIvYXVjdGlvbi9ub3RpZnk%2FcHJvZmlsZT0yNzgmaW1wPVlRMFpUMzdpQWlJUjBXbFEzd3d0LU10TWdGQkIwSlM4ZUpfQkNhRDFRUFVQaXJuTzQtcUJwREJaVS1FVXdqeVp5M2ZnRkljT3VidmxhRFNYUGFKeEhNNUFoamZIRzVvRkpCVy1xVlkyWjhHT0N2TXBrU0RZZ3RSa0pkanRzUThfQ0N4RFNnYzVIdEVEeDZzaGdDT1hsX2xwbGIyb3l0MFJxenNSRTI4YjlGQUQ1dEN3aHpBY0VMa3p1XzNoczZsQUs0bjE3Z2ExdE80R2RzX2JENlB6Rll1bkM5VWRWaFpMR0tvaXgxQkRJTUdSTVlOcFJVTTNYYzAtaHBxUDhVdkUySkJONDJWY3VrYmNPRU93WEJ4aThFTExOdlp3Wkw5Z3dTR2Z6ZC1qcnltTHZSLVg5TDdXSUNWTktGRUVRR2tKekg1NnZEdmtKSmJRVlZMaERCYmI2U29WVzd2SmItTFhydTV1NHh4bWQtWHZjVnd2VE1YSTlvZFdSSHh0S1R2ME95ZWJyeVJreTREcnZFc3F1ZlNVSXliT284RzJ4MUd1bWtwSmhZZHJ4RWQ1UEQxT29oS3NxYTk1UllQM0VIOUpOZkdybXhxeGp4V3RNSzBxY2w3dXYteDMxbHZKOXlDdlhUby1tTlB2LUd2V185b3RGWXNjY0w0YjlBX2x0d1pWd1RLcmExYlZMWmJUb1MwaU15YXlTSzJ3cW4wcGtLOG9xSWpRUGNkeERVd3M2Sk9IUkxOcjhKVVF6Si04aXJuek1ienBHVTN2SWlnRWlQaVJjT2V3V1lGblAtWkhPQXNUUG5mUGd4YlJZY05KU0UtQUF2N1hZX3dYM3g3Q2M5N2h5d3I0OFlEaEhoNPIC6AEIABIWOTUyOTA4NTI0MDg3MDE1Nzg1OTk1MBgAIAEolxUwQEABSAFQAWAKaABwgQ2QAQCYAQCoAQC4ATLAAf0OyAG2EfABAPgBthGAAv0OkQIAAAAAAADwP5kC7FG4HoXrwT%2BoAgCwAgHIAgTYAgD4AuM9gAOgAYgD2ASQAwKYAwGgAwG4A8ImyAMA0gMIMTEzODg1NDDgA%2BeIkF3pAwAAAAAAAAAA8AO2EfkDAAAAAAAAAACABAOJBOxRuB6F68E%2FwAQt0AQA2gQYOTUyOTA4NTI0MDg3MDE1Nzg1OTk1MCAx4AQA8AQB%2BAIUiAMAkgMEMDEzYpgDAaADpMAcqAMAugMOMTM4LjE5OS4xMS4xMTQ%3D&b=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.218.122.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-122-15.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 15 Oct 1992 20:10:00 GMT
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=9529085240870157859950&rev=cde9106&pr=un&bc=AAABkGtJBJJi3BR40P7WVjLGphUY_uuacpRowA%3D%3D&bmid=2711&biid=7907&sid=64&brid=1665&adid=11388540&crid=195298407&ts=1719786865&bcud=2230&ss=20&dmp_ids=Ci5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%3D%3D&unid=0&domain=www.file.io&ref=https%253A%252F%252Fwww.file.io%252FkNQn%252Fdownload%252FvsSiRq5nSWrx&rr=creative&fid=10&rb=0&g=0&tmplid=295279&cb=45963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pe
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=9529085240870157859950&rev=cde9106&peid=1&fid=10&tid=0&cb=51449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dyn
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dyn?long1=230710&string1=9529085240870157859950&string2=gpp_new&cb=15746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 2E64 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 02:17:53 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
72994
x-amz-cf-pop
EWR53-C1
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3125
x-amz-cf-id
QzNKh0_p4fRfhSek4kxuWXlLAu3I58p9Fbls93JuzHd12Idv_IjXPw==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 2E64 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.63.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-3.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 02:17:53 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
72994
x-amz-cf-pop
EWR53-C1
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3518
x-amz-cf-id
bjJGl1ZA7IZbThnxoS3uxmqgbfbwZWBeOSOrQFl3EpZgiLDxOol73g==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=9529085240870157859950&rev=cde9106&cta_render_method=1&cta_render_text=&cb=84482
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
afr.php
ads.us.criteo.com/delivery/r/ Frame 30FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=AAABkGtJBJJi3BR40P7WVjLGphUY_uuacpRowA==&u=%7CFv7Snq6q1BZZfq2ZQ%2F0iz%2FQBxVWsbRNvv9cILcDo6k0%3D%7C&c1=mOd7Dh6zPV9mKlrlwmXIua1g3rBCPs9d9REyMlMVKNiOz8HOlEeHsJ6iinoKMhc8o2wjeGJ2lAIk3kCebAqrOtXxc5j0ut4AxU1H0qOKYDfbMRwHRH6WNP4dqy--PhrxT9l-vVYFyfh8YoyWMa3TemT14jl5rO3m_QVHskHJyY4S6LcPpnkIbqwxlAlbESru4KOScNz-lLfIiB2ZDJbTpMXtQFAhBElvQJrC4oH1wMXqCjfYGOys89nbfblYuujRCnMPjNgf40OJL0g3hwRvA9fVGCSZUDc5WYoDMPNYpCHujUSVShlaDJyD8mxQr5xxvYIwoWgyUYbnQwTpWZDpzV7KIMyUtXPw9AhnT_lHMwbC2AjImtGPRAXEXoUjaIoSNnTdjLITGbsdZbZXEUa5CQZ-aX_nunSJKFowUnryPIGtobrYVMxGFJ689mpkbg2kmlDd5d5FbR6SZucYzdMBS_3rJYdaaDzz7xO6puQbC-dPCEiJS1of4e57OlvTtuMyJegevDSuiCil8dro4fjIAt7b4Puf8nXxTEkiRGI0JP8CYg4tQ97KYXiI86ZDXrWZYgkMHf3N5F-SLXbOoBIGq21S-E_pJpZ8iUXTz8sgsj-eB4gkpqSn7iO7SmGBQBzh6tCSfFHRAhfRTD20vfAxB3ySaaHET4972aSNC3ishJ0&ct0=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dvenatusmedia_RON_HDX_PrebidServer%26aid%3D9529085240870157859950%26rev%3Dcde9106%26pr%3D1.917%26bc%3DAAABkGtJBJJi3BR40P7WVjLGphUY_uuacpRowA%253D%253D%26bmid%3D2711%26biid%3D7907%26sid%3D64%26brid%3D1665%26adid%3D11388540%26crid%3D195298407%26ts%3D1719786865%26bcud%3D2230%26ss%3D20%26dmp_ids%3DCi5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%253D%253D%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D24923%26rdir%3D
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.25 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 22:34:26 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Bchc2JuaBpPzdDoRxfLhTKaib5U0pqmyxoj-qfhvYSVdKzY8mLcMq6JmGyc5kKDeI1DgNSxjFp2EQiV3AMWcGWcj9D4kxTj5ynci0HeOXkSMUZw6h-40HvLYbvVzj74mRiw6q8gCN7XR_XVykmYFQ1AuapEzBU25Vjd4X2jOH0dTMhGEX-Gf0GlM4DskD1d83t_RKDS1ANnzxgWSr9tUCgKtd5oisbeCEjnd5uzm3NIoBQJM4vzPr7fwToFa3emb8rrnzQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
104772481
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=9529085240870157859950&rev=cde9106&pr=un&bc=AAABkGtJBJJi3BR40P7WVjLGphUY_uuacpRowA%3D%3D&bmid=2711&biid=7907&sid=64&brid=1665&adid=11388540&crid=195298407&ts=1719786865&bcud=2230&ss=20&dmp_ids=Ci5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%3D%3D&unid=0&domain=www.file.io&ref=https%253A%252F%252Fwww.file.io%252FkNQn%252Fdownload%252FvsSiRq5nSWrx&rr=creative&fid=10&rb=0&g=0&tmplid=295279&cb=86379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dr
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dr?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=9529085240870157859950&rev=cde9106&disclosure_render_method=3&disclosure_render_text=Learn%20more&cb=25740
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
eb2.3lift.com/ Frame 9124 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&gdpr=false&gpp_sid=-1&cb=11559
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1262
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 22:34:26 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
track_enc
track.venatusmedia.com/dual/ 		16 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.131.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-131-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:26 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
track
track.venatusmedia.com/dfp/ 		16 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dfp/track
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.131.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-131-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:26 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=9529085240870157859950&rev=cde9106&pr=1.917&bc=AAABkGtJBJJi3BR40P7WVjLGphUY_uuacpRowA%3D%3D&bmid=2711&biid=7907&sid=64&brid=1665&adid=11388540&crid=195298407&ts=1719786865&bcud=2230&ss=20&dmp_ids=Ci5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%3D%3D&unid=0&cepos=0&ceid=0&cb=65723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E60 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4E60 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDHHn1rO085n8ALhem2NknM9nTtJlxMon0HLn5B4Wi1qQTxl2Jkeji5JtTDEXToAeo1qYA1Y0FZXfYWazuzsIIdQI20QLkVz9RYfaVkf9w8O8gKQHWflxmX13arJDhccaY6A1Tdd7pcY_3iJ42U-vSyWsx0am8iaZdsdPQQYYXdWFgVwt5bvQZuIuHDZGz4pVYXuZsA5kS5fqyl3z8Pe7oJdacru1NjreQippbfBYU4LD7tBd9MfaxgLNE67skUx3yhsFlCQ15o7mjae1LJDZxWhAns0UFcgRWqgUE25nxzDYjYR2WplFoRM8RJHviYt2x4pVNXp5QJXWjd8s9sYOM9j5-tvtx_wfgL36uQ4WTvgEfJLLgrimB7coW9j75nXtcQdDmsurVtlR9eh7_DfHtEuykzbOxdwrk5oA1U2mRSOUfjajTiXO7aFUyAg&sai=AMfl-YR-4HRCF4evGqDYyxp90-mmjHyAeMQcpv0t0q1yGu5p6aOaJwYzO5teXIdd7EcRcJ_SF1V8lXQlgy6UogR7itd3UeL3CLsfTwEue_afrycjrpPyUTWdmcgZLS48TrdfLtOJHF8SaXN4QqG1zJ_J-gb7xG8jk_w9fkG_5CEBS3e2xrjq&sig=Cg0ArKJSzGAYPfJ3K-eREAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Jun 2024 22:34:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 165D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 165D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRjpHkElQV10fJXntrwDB_uxiYdIyRp_A9kiRmgtndh3xXIW7j_fmJpMu42LMyC0U-abKDQltRk-MkLUOT2sU8GlHmAKJMJEDqXFg4NzXCeF_30_cnVzgbv-cpxdCn5jThWVLQBQh7NxXs-8NZZCMT_B-tOd03FbMjKmZRjLaqyZVHaSUAJVn_zzKqxntWcCq1h62oaye34NzKoGfRavRDOaBwgbGN7L_i7N59oSMA6VDR9BfEeyiljrpYfAFJcDqV6YCZ0le_C-xtUpeZG2lB6k9k82p71fI5LHeG1F-6fkCMosECgaqLIfj4PXXBYSnN3EwreovvsvVWBLZh8Rvn0KA5Xo-HdkYja4MDQnVUYrQ6HC1b-U8rJqP-W4vcbdn3Bmawf0rVcbp9jH6OYqytbzD3uIaAdWdFuykNhusRQI0RRU60_6evBDqJBA&sai=AMfl-YSH8E5yaojR8P5kjR-MUAhaUEqK4UFllJqP9um3BmE8_IvenUWjBGtO5bdXhOG_OAflu06hYGpYLlGqTQm03clp0JogCCW5bqKW7GHzE51nIQMXfdk5bhhduJLLMctRDSgmI0nPA1eQacFsAV32p3-_fkf1Sl6FVoBb1z_egXftGOZkUpobGhm90cIKnciKuTslWkENPihwBRCil7WYACqnRebXebUXSieIpth_C7BJxEU&sig=Cg0ArKJSzC4aZZ8KRJQFEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&adurl=
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Jun 2024 22:34:27 GMT
page-data.json
www.file.io/page-data/about/ 		0
657 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Origin
https://www.file.io
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:24:37 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
1YYX88665ZW4A7HQ
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
4190
x-cache
Hit from cloudfront
content-length
147
x-amz-id-2
l8Eoz6MzGyyhB1ZRMxUYS11R5xqcOoTzHcZEGTT2ZzYwx532I42RlnMv2cXeajl2JNGePtSCPgg=
last-modified
Tue, 21 Nov 2023 16:38:11 GMT
server
AmazonS3
etag
"cfb91ae7cd0473e276a9361907a683fc"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
BR4DAm8-Fj9qlOWZpLkrhQjLGczU_VyydWp-b6DfBE2f5vvD2b1pBA==
page-data.json
www.file.io/page-data/signup/ 		0
662 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Origin
https://www.file.io
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 08:27:14 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
1GGMR59T95C416TT
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
50834
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
ga6rEWx060FtISNv8ruwt2JECf0XbgnJv1r/cyGplmA/23rIzaqh87fASSuqp7rPmd810C7iGswuWZQxFkxlOd2IhCZTR2TI
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
jDTjv8cRorjrgyADOo0t_DI8_-1sxDjhN02e1ERaEqySS0X64LexCg==
page-data.json
www.file.io/page-data/developers/ 		0
675 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Origin
https://www.file.io
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 09:20:03 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
2SFVTWY6SERAG3PF
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
47665
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
+V601dw1xuG/VbDOV7+bMyY4goyCe5ol1YVfqPXoKfSjV3LfmJ3mkFegxGEBoGi1na9BxoVt/No=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
5Zez8ECR-eHXZ4DWOdiZg6nizDKkacJmnH3a7LNeDNtSYA8DsSRW9A==
page-data.json
www.file.io/page-data/plans/ 		0
653 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Origin
https://www.file.io
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 09:33:26 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
EW7VKR3EQHD13EZF
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
46862
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
4Nb8wV/lUVQZv8kmeneLPJTzxyV5zuNcy1ObSKGpn8wnMqjYYho+ssf1T2pizLzWCEDaFCLVhWA=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
j-YhE6ksfvnv_Iajr625_r0fZB6m0HKGfowM4NFyo6Q6-h1mcm36iA==
page-data.json
www.file.io/page-data/developers/ 		163 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/developers/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 09:20:03 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
2SFVTWY6SERAG3PF
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
47665
x-cache
Hit from cloudfront
content-length
163
x-amz-id-2
+V601dw1xuG/VbDOV7+bMyY4goyCe5ol1YVfqPXoKfSjV3LfmJ3mkFegxGEBoGi1na9BxoVt/No=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"d7bc956a5292f7440e9ca53e421dd579"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
5Zez8ECR-eHXZ4DWOdiZg6nizDKkacJmnH3a7LNeDNtSYA8DsSRW9A==
page-data.json
www.file.io/page-data/about/ 		147 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/about/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:24:37 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
1YYX88665ZW4A7HQ
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
4190
x-cache
Hit from cloudfront
content-length
147
x-amz-id-2
l8Eoz6MzGyyhB1ZRMxUYS11R5xqcOoTzHcZEGTT2ZzYwx532I42RlnMv2cXeajl2JNGePtSCPgg=
last-modified
Tue, 21 Nov 2023 16:38:11 GMT
server
AmazonS3
etag
"cfb91ae7cd0473e276a9361907a683fc"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
BR4DAm8-Fj9qlOWZpLkrhQjLGczU_VyydWp-b6DfBE2f5vvD2b1pBA==
page-data.json
www.file.io/page-data/plans/ 		141 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/plans/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 09:33:26 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
EW7VKR3EQHD13EZF
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
46862
x-cache
Hit from cloudfront
content-length
141
x-amz-id-2
4Nb8wV/lUVQZv8kmeneLPJTzxyV5zuNcy1ObSKGpn8wnMqjYYho+ssf1T2pizLzWCEDaFCLVhWA=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"1022652c2bef86b84cb16cd11c50b2ca"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
j-YhE6ksfvnv_Iajr625_r0fZB6m0HKGfowM4NFyo6Q6-h1mcm36iA==
page-data.json
www.file.io/page-data/signup/ 		137 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/signup/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 08:27:14 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
1GGMR59T95C416TT
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
50834
x-cache
Hit from cloudfront
content-length
137
x-amz-id-2
ga6rEWx060FtISNv8ruwt2JECf0XbgnJv1r/cyGplmA/23rIzaqh87fASSuqp7rPmd810C7iGswuWZQxFkxlOd2IhCZTR2TI
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"68baf9ac2f5dcaef64744f1f45d71de0"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
jDTjv8cRorjrgyADOo0t_DI8_-1sxDjhN02e1ERaEqySS0X64LexCg==
component---src-pages-about-js-d5659205ab31e042f35a.js
www.file.io/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-about-js-d5659205ab31e042f35a.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 07:34:20 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
2FGBXF3Y1TN5F4M0
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
2646008
x-cache
Hit from cloudfront
x-amz-id-2
/2ChDY/fYGK7XGYlRGMq8gVpaxdPdMNaY7Y4b+ooNvle/lFWKgYdt0CyjT8OYWJUciZCRenNcmY=
last-modified
Tue, 21 Nov 2023 16:38:06 GMT
server
AmazonS3
etag
W/"427e2ebf785382e93e1575e427b3970a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
TRjh_ScnMwj8xwXzM9m8qgWHpyHe__epq5vnJ4T5izE1B06NlmM8ow==
component---src-pages-plans-index-js-a1b4f4dd8917abd3cd24.js
www.file.io/ 		0
967 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-plans-index-js-a1b4f4dd8917abd3cd24.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 Nov 2023 16:54:37 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
F9YKVKZ3QP2XX2X1
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
19114791
x-cache
Hit from cloudfront
content-length
473
x-amz-id-2
o3iGsTu9APx8ig4hbhP7tN6bsb76h7mM/AFxfBQ6pHbBhvh/0dvTmkHgRVygn1lMConeUoUKq1M=
last-modified
Tue, 21 Nov 2023 16:38:08 GMT
server
AmazonS3
etag
"7145b9473a208226d7636a9a75abd75c"
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
A09kDJ2Z1JYdSH8fxsSYOufIYaODMrr0xdg_9NSMR-UVySzuwK8GWg==
component---src-pages-developers-index-js-a7859f6a3a3afc3f07c9.js
www.file.io/ 		0
163 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-developers-index-js-a7859f6a3a3afc3f07c9.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 05:06:49 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
HVBTJHDA32HHSQV1
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
5851659
x-cache
Hit from cloudfront
x-amz-id-2
Rfv6x0WHxjW/NwM7ks/8Ya/IjunsyFImlShfL4OjcAwfG7S8psgzIITTNujf5fFFuMLi8zAox+Y=
last-modified
Tue, 21 Nov 2023 16:38:07 GMT
server
AmazonS3
etag
W/"1b4fa957d78fef16878e49afd25feb5a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
5g3RdqT_s6iTVorCTiRQmpXm8BW_AMGW1QvBjZrZZh1DPE5gZgrG4g==
component---src-pages-signup-js-fd1b49bd14e389fae668.js
www.file.io/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-signup-js-fd1b49bd14e389fae668.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Dec 2023 10:06:27 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
HK2DXMG7PE9YG9M9
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
15856080
x-cache
Hit from cloudfront
x-amz-id-2
0CamyXo686Cd172uNRLvsL22qIzZHhosf33ikSoO5RCsnl0NlAUN8EEA4O5/o7SVZI6LaFjaAAU=
last-modified
Tue, 21 Nov 2023 16:38:09 GMT
server
AmazonS3
etag
W/"ff348576400c36f50f410e7387c7ce32"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
VsUfoLT0xs9cE-c0WI9aGhLW1RZO7oK81nVmFdnd_e6fLarFwMgUVA==
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=39363111554813127848211&rev=cde9106&pr=3.612&bc=AAABkGtJAsInPOg57gWSGPupeM7JpmS0SUQGbQ%3D%3D&bmid=2711&biid=7907&sid=64&brid=1665&adid=11388540&crid=195298407&ts=1719786865&bcud=4200&ss=20&dmp_ids=Ci5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%3D%3D&unid=0&cepos=0&ceid=0&cb=77094
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
fire.js
s.cpx.to/ 		43 B
620 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=13058&url=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&hn_ver=76&fid=1b8e730c-2613-442e-a134-3661b5c35220&dsp=pub_common&dsp_uid=fb85143a-d891-4f7b-ac6f-d4f679baf904&dsp=TTD&dsp_uid=4b61e104-667d-4651-90cf-d90331841c7e&dsp=app_nexus&dsp_uid=5167546006793024041
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.55.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-55-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fc403cbd4ade5637b8d40b560048594868cf987b378c1e71337fd25f8481d8de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Jun 2024 22:34:31 GMT
observe-browsing-topics
?1
vary
Origin
p3p
CP="NOI DEV ADM"
access-control-allow-origin
https://www.file.io
access-control-allow-credentials
true
content-length
43
expires
Sun, 30 Jun 2024 22:34:31 GMT
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=venatusmedia_RON_HDX_PrebidServer&aid=9529085240870157859950&rev=cde9106&pr=1.917&bc=AAABkGtJBJJi3BR40P7WVjLGphUY_uuacpRowA%3D%3D&bmid=2711&biid=7907&sid=64&brid=1665&adid=11388540&crid=195298407&ts=1719786865&bcud=2230&ss=20&dmp_ids=Ci5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4EjEKCXB1YmNvbW1vbhIkMjQyYmM2YjctZTIyMC00YThlLWIyNzUtZDM2YzlmYzJjNTA4EjgKA2xybRIxWFkyNjkwSFZ4SWpBRHpCdGtUQ1F2M0toUjlMVEhkSjJ4endpejZRR0JydlJCbXJFVQ%3D%3D&unid=0&cepos=0&ceid=0&cb=85469
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 30 Jun 2024 22:34:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
254565
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=8.38.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=8.38.0&coppa=0&b=1&g=gQJgHVs3yYlumMrYytNwRmWZoS8NJfVAZKOkFbhYXUw%3D
42 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=8.38.0&coppa=0&b=1&g=gQJgHVs3yYlumMrYytNwRmWZoS8NJfVAZKOkFbhYXUw%3D
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:29 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 30 Jun 2024 22:34:29 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.file.io
location
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=8.38.0&coppa=0&b=1&g=gQJgHVs3yYlumMrYytNwRmWZoS8NJfVAZKOkFbhYXUw%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
json
gum.criteo.com/sid/ 		325 B
638 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.file.io%2F&domain=www.file.io&cw=1&lsw=1&gdpr=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c45bab8ef64de3fb489a29cce849b32856df092bbebe55b21551705ddf333485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
615846
expires
0
prebid
id5-sync.com/api/config/ 		167 B
444 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
f109fb86a2063da780a15199ec713f0446549160684bc05c3ef6829652dd428d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		108 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
42216924c4617484773478a725bcce3ef169766044d3e0f5b0923aa110e9b59d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:28 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 30 Jul 2024 22:34:28 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
213 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=288&_it=prebid&t=1&src=id&gdpr=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d95141288765628f6b70a23af724709cfcae903e9907d65552dc38fd5ff2dc5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:28 GMT
content-encoding
br
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
89c19fb8b9c24378-EWR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
sync
eb2.3lift.com/ Frame 6F20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1277
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 22:34:28 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 713E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.136.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-136-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=137391
content-encoding
gzip
content-length
5492
content-type
text/html
date
Sun, 30 Jun 2024 22:34:28 GMT
expires
Tue, 02 Jul 2024 12:44:19 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isyn
sync.a-mo.net/ Frame 1B5D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=Ct8BSgt3d3cuZmlsZS5pb1ILYWFzLTY0Y2RkNzNaCHBiYTEuMy40agt3d3cuZmlsZS5pb_oBBjguMzguMOgCAYgD8bqHtAaoAz7qAyRjNDA0M2Y4Yi0wMGM0LTQ4MzAtYjQ1Ni1mOTFhMjc1MWUwNDaiBC5odHRwczovL3d3dy5maWxlLmlvL2tOUW4vZG93bmxvYWQvdnNTaVJxNW5TV3J4qgQDRENIsgUDVVNE6gUHZGVza3RvcPoFBGRjMTPABgDIBgGqBwN3ZWLKBwdmaWxlLmlv4AcBgggHZmlsZS5pbw
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.77 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
656
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 22:34:28 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
load-cookie.html
elb.the-ozone-project.com/static/ Frame 0D49 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=242bc6b7-e220-4a8e-b275-d36c9fc2c508&publisherId=OZONEVEN0005&siteId=3500000651&cb=1719786865383&bidder=ozone
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89c19fbf3fc74384-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 22:34:29 GMT
expires
0
last-modified
Wed, 26 Jun 2024 09:16:12 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7504 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.136.194 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-136-194.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 30 Jun 2024 22:34:44 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 01 Jul 2024 22:34:46 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
isync
visitor.omnitagjs.com/visitor/ Frame FF75 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.45.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-45-222.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1592
content-type
text/html; charset=UTF-8
date
Sun, 30 Jun 2024 22:34:44 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
x-kong-upstream-latency
12
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=b8a4102d-9c60-4f84-b8b7-370dd00c0149&google_hm=YjhhNDEwMmQtOWM2MC00Zjg0LWI4YjctMzcwZGQwMGMwMTQ5&...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB9b_c-tF3UI10qQO6VX_sE&google_cver=1&ssp=sonobi&bsw_param=b8a4102d-9c60-4f84-b8b7-370dd00c0149&gdpr_consent=&gdpr=0
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=b8a4102d-9c60-4f84-b8b7-370dd00c0149&gdpr=0&gdpr_consent=&us_privacy=
49 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=b8a4102d-9c60-4f84-b8b7-370dd00c0149&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:34 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-22
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=b8a4102d-9c60-4f84-b8b7-370dd00c0149&gdpr=0&gdpr_consent=&us_privacy=
Date
Sun, 30 Jun 2024 22:34:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D...
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553&gdpr=0&gdpr_consent=
49 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553&gdpr=0&gdpr_consent=
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:34 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-22
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 30 Jun 2024 22:34:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907238879410232
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907238879410232
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:44 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-22
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=968907238879410232
Date
Sun, 30 Jun 2024 22:34:44 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=if&nuid=77b36681-dd77-4300-83b5-9a5fcf6194d3
49 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=if&nuid=77b36681-dd77-4300-83b5-9a5fcf6194d3
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:34 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-22
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Jun 2024 22:34:31 GMT
Strict-Transport-Security
31536000
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
all
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin
Server
MT3 1637 26565ec master ord ord-pixel-x54 config_version:"691"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=if&nuid=77b36681-dd77-4300-83b5-9a5fcf6194d3
Cache-Control
no-cache,no-store,must-revalidate
Keep-Alive
timeout=360
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=VD1qssKFVsF4nEwfqpQz9orHC3I
49 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=VD1qssKFVsF4nEwfqpQz9orHC3I
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:34 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-22
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=VD1qssKFVsF4nEwfqpQz9orHC3I
Date
Sun, 30 Jun 2024 22:34:31 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=nuAFk8yyCpCF4AiRzbUQwMq3WcCF4wXGzec3C7Ed
68 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=nuAFk8yyCpCF4AiRzbUQwMq3WcCF4wXGzec3C7Ed
Protocol
H2
Server
34.235.229.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-229-79.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=nuAFk8yyCpCF4AiRzbUQwMq3WcCF4wXGzec3C7Ed
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
ssbsync.smartadserver.com/api/ 		0
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=4b61e104-667d-4651-90cf-d90331841c7e&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=4b61e104-667d-4651-90cf-d90331841c7e&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.235.229.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-229-79.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=4b61e104-667d-4651-90cf-d90331841c7e&gdpr=0&gdpr_consent=
date
Sun, 30 Jun 2024 22:34:28 GMT
server
Kestrel
content-length
323
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=hbDjNKd6WcpVc3W83Br5KsK7hQWTjn6eL0mSjKoVO7U&pi=sonobi&tc=1
49 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=hbDjNKd6WcpVc3W83Br5KsK7hQWTjn6eL0mSjKoVO7U&pi=sonobi&tc=1
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:30 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-22
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=hbDjNKd6WcpVc3W83Br5KsK7hQWTjn6eL0mSjKoVO7U&pi=sonobi&tc=1
pragma
no-cache
date
Sun, 30 Jun 2024 22:34:29 GMT, Sun, 30 Jun 2024 22:34:29 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookiesyncredir
bttrack.com/pixel/ 		35 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DFGhqNjC2WnFmmvNpTL32LMME%26source_user_id%3D%7Bglobalid%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.67 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.67.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Sun, 30 Jun 2024 22:33:49 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=4071189e-3a8f-4452-a438-7ba74a6daf36&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=U2N4dElKT21Zb1dtZ0tsTlZ0cmlhZw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESELxT9POFQ4UXtc7mDIl18EU&google_cver=1
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESELxT9POFQ4UXtc7mDIl18EU&google_cver=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f4dd65db4-4tq6p
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESELxT9POFQ4UXtc7mDIl18EU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=4b61e104-667d-4651-90cf-d90331841c7e&pubid=116da9d98c
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=4071189e-3a8f-4452-a438-7ba74a6daf36
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3061&partner_device_id=4071189e-3a8f-4452-a438-7ba74a6daf36
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=19f61bb4-b019-43aa-8c98-1ee7f72bf108%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4b61e104-667d-4651-90cf-d90331841c7e&ttd_puid=19f61bb4-b019-43aa-8c98-1ee7f72bf108%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4b61e104-667d-4651-90cf-d90331841c7e&ttd_puid=19f61bb4-b019-43aa-8c98-1ee7f72bf108%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:30 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4b61e104-667d-4651-90cf-d90331841c7e&ttd_puid=19f61bb4-b019-43aa-8c98-1ee7f72bf108%2C%2C
date
Sun, 30 Jun 2024 22:34:30 GMT
server
Kestrel
content-length
359
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e52a25dff4cb420d988e54a6f675994f6771bdd61906ed4bfb06418761f3649f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
258.json
id5-sync.com/g/v2/ 		580 B
991 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
f54a35a0864bbb5c6162283c63965101f951386e1414f5ce4e080a7399c4b51d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Jun 2024 22:34:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.file.io
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
page-data.json
www.file.io/page-data/login/ 		0
665 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Origin
https://www.file.io
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 10:41:38 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
42G21TEETXCKYRH0
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
42773
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
NnAL6gAwFNRXqdgQ1DrhQld8tdhWLiSqh+JWoQ+ipzOw8W+OhlFXEbYJL554bSwkzSJqR+nGJG6d4niKz2MtcAY7U4O1MRHT
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
QGzNODb4PthRLvQVOUtr5P_7WgXSXaRll-z0-h7fRL9tbPEpWD1uIQ==
page-data.json
www.file.io/page-data/index/ 		0
666 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Origin
https://www.file.io
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 17:59:58 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
E4T3JSJPADB11BV5
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
16473
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
rSIy0Q0pCnERVcrh98kmXoWxTdhjCaj9addbztvqAGVLcvBv459TxkWQcKJ5pWn/w74zZx89zks=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
pJPtaCYnZj2vJ79e7jdEXV7aGXmzkqc4Z-zsBt5BttIeSP8uClSzZg==
page-data.json
www.file.io/page-data/login/ 		135 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/login/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 10:41:38 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
42G21TEETXCKYRH0
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
42773
x-cache
Hit from cloudfront
content-length
135
x-amz-id-2
NnAL6gAwFNRXqdgQ1DrhQld8tdhWLiSqh+JWoQ+ipzOw8W+OhlFXEbYJL554bSwkzSJqR+nGJG6d4niKz2MtcAY7U4O1MRHT
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"4f561e1f747160f0e60849c13facafec"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
QGzNODb4PthRLvQVOUtr5P_7WgXSXaRll-z0-h7fRL9tbPEpWD1uIQ==
page-data.json
www.file.io/page-data/index/ 		154 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.file.io/page-data/index/page-data.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 17:59:58 GMT
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
E4T3JSJPADB11BV5
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
16473
x-cache
Hit from cloudfront
content-length
154
x-amz-id-2
rSIy0Q0pCnERVcrh98kmXoWxTdhjCaj9addbztvqAGVLcvBv459TxkWQcKJ5pWn/w74zZx89zks=
last-modified
Tue, 21 Nov 2023 16:38:12 GMT
server
AmazonS3
etag
"401beb30f0318595986e0b5ab983a5ad"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=86400
accept-ranges
bytes
x-amz-cf-id
pJPtaCYnZj2vJ79e7jdEXV7aGXmzkqc4Z-zsBt5BttIeSP8uClSzZg==
component---src-pages-login-js-93413dd2e63f89832306.js
www.file.io/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-login-js-93413dd2e63f89832306.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 17:28:04 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
QD7X9SH7K41B0K6B
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
5461587
x-cache
Hit from cloudfront
x-amz-id-2
HnhZO6vl1f+mjXoyGordLJgzOMnsKOqXjrSKe36ujrWLT/+ubOJDCInZopLSzlxYtEW1mjEND2o=
last-modified
Tue, 21 Nov 2023 16:38:08 GMT
server
AmazonS3
etag
W/"0d7acf561dc45f8157c63d8060b79093"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
tuqLcbRTCvD1aumLadx9fhVgwkyWmk2vPfGIA_Do9k0W5gFMIKgDdg==
component---src-pages-index-js-7c9738f2f01d69461917.js
www.file.io/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file.io/component---src-pages-index-js-7c9738f2f01d69461917.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/kNQn/download/vsSiRq5nSWrx
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Jan 2024 08:29:54 GMT
content-encoding
br
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
x-amz-request-id
J157AY6WQ1MEDF4T
x-amz-cf-pop
JFK52-P5
x-amz-server-side-encryption
AES256
age
14825077
x-cache
Hit from cloudfront
x-amz-id-2
EKJ9ic6zu892iOxOY8JSdoztzpE2HNb6l+JPD4DZLb09O85VnFIbyrHLuCJjNvhNzAQBsVc23ag=
last-modified
Tue, 21 Nov 2023 16:38:08 GMT
server
AmazonS3
etag
W/"deb0e4da83ab96b61be0acee8e705b59"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
YBZolUjIXOqV2-I4uaiMmFnaqFL8W0ick2X-koTyoyyVppoWxlSkMg==
sync
s.cpx.to/
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=34010&customParamenters
  • https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LY24P6VR-24-5ML&customParamenters=
0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LY24P6VR-24-5ML&customParamenters=
Protocol
H2
Server
54.228.55.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-55-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Sun, 30 Jun 2024 22:34:34 GMT
date
Sun, 30 Jun 2024 22:34:34 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

Location
https://s.cpx.to/sync?dsp=rubicon&dsp_uid=LY24P6VR-24-5ML&customParamenters=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
91c229169a155ea648dbc4d59ef8a3c5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
  • https://s.cpx.to/sync?dsp_uid=CAESEH3eEmdqjUVI6dVjx2w_saE&dsp=dbm&google_cver=1
0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=CAESEH3eEmdqjUVI6dVjx2w_saE&dsp=dbm&google_cver=1
Protocol
H2
Server
54.228.55.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-55-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Sun, 30 Jun 2024 22:34:34 GMT
date
Sun, 30 Jun 2024 22:34:34 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/sync?dsp_uid=CAESEH3eEmdqjUVI6dVjx2w_saE&dsp=dbm&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
  • https://s.cpx.to/sync?dsp=OPENX&dsp_uid=850a8f89-9b8c-416b-a7df-673193ba1fff
0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=850a8f89-9b8c-416b-a7df-673193ba1fff
Protocol
H2
Server
54.228.55.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-55-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Sun, 30 Jun 2024 22:34:34 GMT
date
Sun, 30 Jun 2024 22:34:34 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

date
Sun, 30 Jun 2024 22:34:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=850a8f89-9b8c-416b-a7df-673193ba1fff
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=6BD50DD9-CA19-4183-ADFE-249F4E5428CF
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=6BD50DD9-CA19-4183-ADFE-249F4E5428CF
Protocol
H2
Server
54.228.55.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-55-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Sun, 30 Jun 2024 22:34:34 GMT
date
Sun, 30 Jun 2024 22:34:34 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=6BD50DD9-CA19-4183-ADFE-249F4E5428CF
date
Sun, 30 Jun 2024 22:34:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KDJB5247JB&gtm=45je46q0v9119119180za200&_p=1719786864120&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=641649692.1719786864&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1719786864&sct=1&seg=0&dl=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&dt=Download%20%7C%20file.io&_s=2&tfd=7576&_z=fetch
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f101.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
288
p.ad.gt/api/v1/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/288
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b324ac1e13644992d861fd2643c14699dca7eba929b7151f04417612f190da70

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 30 Jun 2024 22:26:17 GMT
server
cloudflare
age
245
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89c19fe50889c3fd-EWR
halo_match
ids.ad.gt/api/v1/ 		43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&halo_id=060f9iig7b968dhjjjj8kgiic898ff9a6ijo6uuq2g604kswwww4yquui464oo6e0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.184.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-184-8.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:34 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&adnxs_id=$UID&gdpr=0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&adnxs_id=5167546006793024041&gdpr=0
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&adnxs_id=5167546006793024041&gdpr=0
Protocol
H2
Server
44.239.184.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-184-8.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:34 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:34 GMT
an-x-request-uuid
08d1eb48-582d-4981-8d1b-08ac5b47166c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&adnxs_id=5167546006793024041&gdpr=0
x-proxy-origin
138.199.11.114; 138.199.11.114; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001719786873-6XXAS4HK-CWM6&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=4b61e104-667d-4651-90cf-d90331841c7e&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=4b61e104-667d-4651-90cf-d90331841c7e&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
Protocol
H2
Server
44.239.184.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-184-8.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:35 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=4b61e104-667d-4651-90cf-d90331841c7e&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
date
Sun, 30 Jun 2024 22:34:35 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001719786873-6XXAS4HK-CWM6
  • https://ids.ad.gt/api/v1/pbm_match?pbm=6BD50DD9-CA19-4183-ADFE-249F4E5428CF&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=6BD50DD9-CA19-4183-ADFE-249F4E5428CF&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
Protocol
H2
Server
44.239.184.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-184-8.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:34 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=6BD50DD9-CA19-4183-ADFE-249F4E5428CF&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
date
Sun, 30 Jun 2024 22:34:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rub_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001719786873-6XXAS4HK-CWM6&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&rub=LY24P6VR-24-5ML&gdpr=0
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&rub=LY24P6VR-24-5ML&gdpr=0
Protocol
H2
Server
44.239.184.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-184-8.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:35 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&rub=LY24P6VR-24-5ML&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
91c229169a155ea648dbc4d59ef8a3c5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001719786873-6XXAS4HK-CWM6&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001719786873...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D19f61bb4-b019-43aa-8c98-1ee7f72bf108%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5167546006793024041&pt=19f61bb4-b019-43aa-8c98-1ee7f72bf108%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&tapad_id=19f61bb4-b019-43aa-8c98-1ee7f72bf108
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&tapad_id=19f61bb4-b019-43aa-8c98-1ee7f72bf108
Protocol
H2
Server
44.239.184.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-184-8.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:32 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

date
Sun, 30 Jun 2024 22:34:32 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&tapad_id=19f61bb4-b019-43aa-8c98-1ee7f72bf108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&google_gid=CAESECv82JKrL0-zOnyH3y4REUo&google_cver=1&google_ula=450542624,0
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&google_gid=CAESECv82JKrL0-zOnyH3y4REUo&google_cver=1&google_ula=450542624,0
Protocol
H2
Server
44.239.184.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-184-8.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:34 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001719786873-6XXAS4HK-CWM6&google_gid=CAESECv82JKrL0-zOnyH3y4REUo&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001719786873-6XXAS4HK-CWM6
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxOTc4Njg3My02WFhBUzRISy1DV002
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxOTc4Njg3My02WFhBUzRISy1DV002
Protocol
H3
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcxOTc4Njg3My02WFhBUzRISy1DV002
date
Sun, 30 Jun 2024 22:34:34 GMT
server
nginx/1.24.0
content-length
453
content-type
text/html; charset=utf-8
colossus
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001719786873-6XXAS4HK-CWM6&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-...
  • https://ids.ad.gt/api/v1/colossus?cls_id=7f914aaa-9f97-4ffe-bff0-bf0ba1290bb3&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/colossus?cls_id=7f914aaa-9f97-4ffe-bff0-bf0ba1290bb3&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
Protocol
H2
Server
44.239.184.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-184-8.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:35 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 22:34:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
http://ids.ad.gt/api/v1/colossus?cls_id=7f914aaa-9f97-4ffe-bff0-bf0ba1290bb3&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
onetag-sys.com/match/ 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=180&uid=AU1D-0100-001719786873-6XXAS4HK-CWM6&redir=https://ids.ad.gt%2Fapi%2Fv1%2Fonetag_match%3Fid%3DAU1D-0100-001719786873-6XXAS4HK-CWM6%26onetag_id%3D%5Bonetag_id%5D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ppnt_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
  • https://ids.ad.gt/api/v1/ppnt_match?uid=jtMniw1bYGBh&ev=1&pid=562316&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ppnt_match?uid=jtMniw1bYGBh&ev=1&pid=562316&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
Protocol
H2
Server
44.239.184.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-184-8.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:34 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ids.ad.gt/api/v1/ppnt_match?uid=jtMniw1bYGBh&ev=1&pid=562316&id=AU1D-0100-001719786873-6XXAS4HK-CWM6
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f4dd65db4-s8rgn
expires
-1
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:24:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 30 Jun 2024 23:24:58 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 21:40:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 30 Jun 2024 22:40:33 GMT
js
www.googletagmanager.com/gtag/ 		252 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2ef3a4286faff633973c053b65a757db906d09239afbacfce62c5cca33df00d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90927
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Jun 2024 22:34:35 GMT
collect
a.ad.gt/api/v1/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:35 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
89c19fe56fe84269-EWR
vary
Origin
getpixels
pixels.ad.gt/api/v1/ 		0
89 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=a01175b5e4e39f0292d6039c8f3d339d&url=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&code=%27none%27
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
89c19fe57ebc427c-EWR
ui.js
player.avplayer.com/script/8.3/v/ 		401 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/ui.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
19ad3112b9e1c4418e64b5ab28b565ee92f4e437376e4c6f14c76b5206f1e8d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:41 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrST1Qxw1Wgqh3JIiuSuQXQf5lxb_7X0-RjEx1gioNQPNA_Ys9zOnO3IN8jb-ei6qcPnnzlMKXGlQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
91453
last-modified
Wed, 22 May 2024 07:27:42 GMT
server
UploadServer
etag
"554d4590a08f0d859ec734572a79625e"
vary
Accept-Encoding
x-goog-generation
1716362862037025
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=1I5sBg==, md5=VU1FkKCPDYWexzRXKnliXg==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=300
x-goog-stored-content-length
91453
accept-ranges
bytes
expires
Sun, 30 Jun 2024 22:39:41 GMT
sprite.svg
player.avplayer.com/script/8.3/v/assets/ 		15 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/assets/sprite.svg
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
2175ad8124e9bcb46467b188eb1e2c04c911b791251e8354ff7d6dc344f4a2ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
image/svg
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:42 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoIdJEemHZ6wdFZl0RryIhJ_mRbS7JUdT_XTQ5Ctb2PDyWdQk7iPF7T4YBTXpYz0m7uKxdgdVlebg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
4953
last-modified
Wed, 22 May 2024 07:27:41 GMT
server
UploadServer
etag
"3a8007e7557cd539370e46505d3c0666"
vary
Accept-Encoding
x-goog-generation
1716362861492751
content-type
image/svg+xml; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=ZkunJA==, md5=OoAH51V81Tk3DkZQXTwGZg==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, no-transform, max-age=300
x-goog-stored-content-length
4953
accept-ranges
bytes
expires
Sun, 30 Jun 2024 22:39:42 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 9F4F 		491 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
052982ec072f843935934487be0e2fc80143c086f0cc62e8e0a88a6f6518beec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 30 Jun 2024 22:34:44 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ACJd0NrGQLnvOYPH2LxK8BQT3AobWnNXtV03t79lGwO9Eq4R3toYsHsZ6wECXNMOjGo8RofUZ1E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
145501
Last-Modified
Wed, 26 Jun 2024 06:53:46 GMT
Server
UploadServer
ETag
"159b955844839c67dbbbffc03fc7c1e2"
Vary
Accept-Encoding
x-goog-generation
1719384826485233
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=o5buUA==, md5=FZuVWESDnGfbu//AP8fB4g==
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, no-transform, max-age=900
x-goog-stored-content-length
145501
Accept-Ranges
bytes
Expires
Sun, 30 Jun 2024 22:49:44 GMT
VenatusLogoVideoPlayer.png
play.aniview.com/5f2063121d82c82557194737/649e849ff783dea147003ee4/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.aniview.com/5f2063121d82c82557194737/649e849ff783dea147003ee4/VenatusLogoVideoPlayer.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.220.138.160 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-138-160.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
0e6793d503dab31054f9bd9fae79408db374713aa1b8524b678feb477e292b1e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 30 Jun 2024 22:34:45 GMT
X-GUploader-UploadID
ABPtcPodreFjHqb0YKvN6jElPPfmtHjVlseL6HnEjpspfZwvWzbU1FTQfPqq3_gI49TsGmRjXprEPC25ZjWhExfdEpsg4w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
22280
Last-Modified
Fri, 30 Jun 2023 07:30:46 GMT
Server
UploadServer
ETag
"828ea356e578f2461851df4c764afce2"
Vary
Origin
x-goog-generation
1688110246115598
x-goog-hash
crc32c=S2ZCWg==, md5=go6jVuV48kYYUd9Mdkr84g==
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type, range
Cache-Control
public, max-age=1800
Access-Control-Allow-Credentials
false
x-goog-stored-content-length
22280
Accept-Ranges
bytes
Expires
Sun, 30 Jun 2024 23:04:45 GMT
large-poster.jpg
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/large-poster.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
73dcbada170d574260e860070597159c83851a7b526b0fba9dd497f1267a8254

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:41 GMT
x-guploader-uploadid
ABPtcPqDmCrnfNYHAhYPGmCCd3sDBe7LOS5GHreRtw4v6FUs4qsJrO2GKga6K5vdx9K8axvAf4dKLcRISzUnaKnflyn7J1jfmRrM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
23486
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"bd3186ff36ffdfcf7f2ad985fa02f7ed"
x-goog-generation
1677153097278222
x-goog-hash
crc32c=tBzdQA==, md5=vTGG/zb/389/KtmF+gL37Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-goog-stored-content-length
23486
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 30 Jul 2024 22:34:41 GMT
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/video.mp4?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://www.file.io/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:41 GMT
x-guploader-uploadid
ABPtcPq-WZRJdGTFSO30h5l15Rh9ooc4xvm5i4FJexbXvSx3BJnHTGJj7xBnvwey2O-YH18gNmH2NclYtqnc5k0xdP5b
x-goog-storage-class
STANDARD
Content-Range
bytes 0-16354256/16354257
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
16354257
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"556c15db3f672c7aa373111276da5a0c"
x-goog-generation
1677153097681732
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=q314DQ==, md5=VWwV2z9nLHqjcxESdtpaDA==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-goog-stored-content-length
16354257
accept-ranges
bytes
expires
Tue, 30 Jul 2024 22:34:41 GMT
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/ 		131 KB
132 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/video.mp4?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
e19a30d7d8b2a0a2d1b061e0d63cf287ed9df54c77d521548783a0d21f37eb46

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://www.file.io/
Range
bytes=16220160-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:42 GMT
x-guploader-uploadid
ABPtcPq-WZRJdGTFSO30h5l15Rh9ooc4xvm5i4FJexbXvSx3BJnHTGJj7xBnvwey2O-YH18gNmH2NclYtqnc5k0xdP5b
x-goog-storage-class
STANDARD
Content-Range
bytes 16220160-16354256/16354257
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
134097
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"556c15db3f672c7aa373111276da5a0c"
x-goog-generation
1677153097681732
x-goog-hash
crc32c=q314DQ==, md5=VWwV2z9nLHqjcxESdtpaDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-goog-stored-content-length
16354257
accept-ranges
bytes
content-type
video/mp4
expires
Tue, 30 Jul 2024 22:34:42 GMT
video.mp4
content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://content1.avplayer.com/5f2063121d82c82557194737/videos/63f7530d2bdf8c59ab0dcf13/63f7533bbdc449913e0a4913/video.mp4?AV_TAGID=6374f8665f2f007d23421195&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&AV_TEMPID=62f50abe103ae32adf5785c8&AV_PUBLISHERID=5f2063121d82c82557194737&av_qd1=611a1881cd22c87dcd063d22&videoId=63f7530d2bdf8c59ab0dcf13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://www.file.io/
Range
bytes=65536-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:42 GMT
x-guploader-uploadid
ABPtcPq-WZRJdGTFSO30h5l15Rh9ooc4xvm5i4FJexbXvSx3BJnHTGJj7xBnvwey2O-YH18gNmH2NclYtqnc5k0xdP5b
x-goog-storage-class
STANDARD
Content-Range
bytes 65536-16354256/16354257
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
16288721
last-modified
Thu, 23 Feb 2023 11:51:37 GMT
server
UploadServer
etag
"556c15db3f672c7aa373111276da5a0c"
x-goog-generation
1677153097681732
x-goog-hash
crc32c=q314DQ==, md5=VWwV2z9nLHqjcxESdtpaDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-goog-stored-content-length
16354257
accept-ranges
bytes
content-type
video/mp4
expires
Tue, 30 Jul 2024 22:34:42 GMT
truncated
/ 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		398 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
go1.aniview.com/api/adserver/tag/ 		41 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=96775bfa-eca0-47d5-af5c-0eb43c6e6cba&AV_PLACEMENTID=6373750d98fb531abee85ae5&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&AV_CHANNELID=6374ee512c8ca8606841c0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track4.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.file.io&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=6374f8665f2f007d23421195&AV_TEMPLATE=62f50abe103ae32adf5785c8&AV_GPID=/5f2063121d82c82557194737/6374f8665f2f007d23421195/www.file.io&d36=6.2.218&responsive=1&sver=4&avtoken=884826&omv=1.0.1&AV_D65=GoogleSignals&AV_D66=8.5.6&clsid=933eb3f7-f764-4f30-927b-50603e609e09&rando=92&scnt=1&AV_WIDTH=440&AV_HEIGHT=247&AV_CCPA=1---&AV_DNT=0&cb=1719786884836&wfc=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.81 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9e110b3135505409a72f674d2572ac6e13437fa3ae503bcb23cabd3c2e852a49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:44 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
critical-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
alt-svc
h3=":443";ma=60;
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.file.io
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 19 Jun 2024 08:48:04 GMT
track
track4.aniview.com/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track4.aniview.com/track?r=www.file.io&sn=&ic=0&tgt=0&app=&wi=440&he=247&test=&d36=6.2.218&apppkg=&fv=1&proto=https&d65=GoogleSignals&d66=8.5.6&clsid=933eb3f7-f764-4f30-927b-50603e609e09&rando=92&scnt=1&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&e=inventory&vi=100&plt=2&cb=1719786884833
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:44 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 04E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.116 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
1102
content-type
text/html
date
Sun, 30 Jun 2024 22:34:44 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 7E9E
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3458&_fw_gdpr=0&_fw_gdpr_consent=&gpp=&gpp_sid=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=da751615b4715f17816d2e59386e1aed&gpp_sid=&gpp=&_fw_gdpr=0&_fw_gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=da751615b4715f17816d2e59386e1aed&gpp_sid=&gpp=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
date
Sun, 30 Jun 2024 22:34:46 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Sun, 30 Jun 2024 22:34:45 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=da751615b4715f17816d2e59386e1aed&gpp_sid=&gpp=&_fw_gdpr=0&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1719786885024002-1209
auto-user-sync
ads.stickyadstv.com/ Frame C3F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.230 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Date
Sun, 30 Jun 2024 22:34:45 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1719786885026049-13
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4172 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D1%26key%3D
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.136.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-136-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=137371
content-encoding
gzip
content-length
5492
content-type
text/html
date
Sun, 30 Jun 2024 22:34:48 GMT
expires
Tue, 02 Jul 2024 12:44:19 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame D8D4
Redirect Chain
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D18%26k...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=18&key=I6kKARZHnh-KrvfWTt2ZrUAe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=18&key=I6kKARZHnh-KrvfWTt2ZrUAe
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
date
Sun, 30 Jun 2024 22:34:46 GMT

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
content-length
0
date
Sun, 30 Jun 2024 22:34:45 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=18&key=I6kKARZHnh-KrvfWTt2ZrUAe
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5344
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Jun 2024 22:34:45 GMT
ETag
"28052a-10d-6142d69a886c0"
Last-Modified
Thu, 21 Mar 2024 15:32:19 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Jun 2024 22:34:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame 0F77
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-mKum5U9E2uJbZ8aArjBVG4Z4qRi16WgR~A&gdpr_in_effect=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-mKum5U9E2uJbZ8aArjBVG4Z4qRi16WgR~A&gdpr_in_effect=0
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
date
Sun, 30 Jun 2024 22:34:46 GMT

Redirect headers

age
0
content-length
0
date
Sun, 30 Jun 2024 22:34:45 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=78&key=y-mKum5U9E2uJbZ8aArjBVG4Z4qRi16WgR~A&gdpr_in_effect=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.121
strict-transport-security
max-age=31536000
0
prebid.a-mo.net/cchain/ Frame 5FCB
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D52%26key%3DBUYERUID
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1iZmU0MDNhYS04MDYxLTNiOWYtYmE4Zi04MTM2YWUwYT...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=4071189e-3a8f-4452-a438-7ba74a6daf36&r=Cid1YS1iZmU0MDNhYS04MDYxLTNiOWYtYmE4Zi04MTM2YWUwYTljYzIqlwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZH...
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZmU0MDNhYS04MDYxLTNiOWYtYmE4Zi04MTM2YWUwYTljYzIqlwFodHRwczovL3N5...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZmU0MDNhYS04MDYxLTNiOWYtYmE4Zi04MTM2YWUwYTljYzIqlwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZHBvaW50P2F1aWQ9MTcxOTc4Njg4NDg4Ni0xNzIwMzAwNjcxMDgtMDAwMTUzLTAwMC0wMDQ1NTMmYmlkZGVybmFtZT01MiZrZXk9dWEtYmZlNDAzYWEtODA2MS0zYjlmLWJhOGYtODEzNmFlMGE5Y2MyMgISBjgC%26buyeruid%3D
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
671
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 22:34:45 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store
content-length
0
date
Sun, 30 Jun 2024 22:34:46 GMT
expires
0
location
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZmU0MDNhYS04MDYxLTNiOWYtYmE4Zi04MTM2YWUwYTljYzIqlwFodHRwczovL3N5bmMuYW5pdmlldy5jb20vY29va2llc3luY2VuZHBvaW50P2F1aWQ9MTcxOTc4Njg4NDg4Ni0xNzIwMzAwNjcxMDgtMDAwMTUzLTAwMC0wMDQ1NTMmYmlkZGVybmFtZT01MiZrZXk9dWEtYmZlNDAzYWEtODA2MS0zYjlmLWJhOGYtODEzNmFlMGE5Y2MyMgISBjgC%26buyeruid%3D
pragma
no-cache
cookiesyncendpoint
sync.aniview.com/ Frame 5A6E
Redirect Chain
  • https://cs.krushmedia.com/c517e991b368016fcb5125d653c3e1e6.gif?puid=1719786884886-172030067108-000153-000-004553&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=62&key=47cb07ec-ef0a-5e29-b3a1-d757104e61bf
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=62&key=47cb07ec-ef0a-5e29-b3a1-d757104e61bf
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
date
Sun, 30 Jun 2024 22:34:46 GMT

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 30 Jun 2024 22:34:45 GMT
Expires
0
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=62&key=47cb07ec-ef0a-5e29-b3a1-d757104e61bf
Pragma
no-cache
Server
nginx
cookiesyncendpoint
sync.aniview.com/ Frame 54D4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=136&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fbiddername%3D215%26auid%3D1719786884886-172030067108-000153-0...
  • https://sync.aniview.com/cookiesyncendpoint?biddername=215&auid=1719786884886-172030067108-000153-000-004553&gdpr=0&gdpr_consent=&ccpa=1---&key=808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=215&auid=1719786884886-172030067108-000153-000-004553&gdpr=0&gdpr_consent=&ccpa=1---&key=808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
date
Sun, 30 Jun 2024 22:34:46 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0,no-cache,no-store
content-length
0
date
Sun, 30 Jun 2024 22:34:44 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=215&auid=1719786884886-172030067108-000153-000-004553&gdpr=0&gdpr_consent=&ccpa=1---&key=808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
via
1.1 google
cookiesyncendpoint
sync.aniview.com/ Frame BFE7
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=23&key=99b53b30-af15-4978-902a-2a80167b294f
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=23&key=99b53b30-af15-4978-902a-2a80167b294f
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
date
Sun, 30 Jun 2024 22:34:46 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Sun, 30 Jun 2024 22:34:45 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=23&key=99b53b30-af15-4978-902a-2a80167b294f
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame AD1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1074
content-type
text/html
strict-transport-security
max-age=15552000
cookiesyncendpoint
sync.aniview.com/ Frame 8EAF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=55&key=5167546006793024041
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=55&key=5167546006793024041
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
date
Sun, 30 Jun 2024 22:34:46 GMT

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
1540f2b9-1984-4deb-90d3-c6f4ffbb05d3
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 22:34:45 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=55&key=5167546006793024041
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
138.199.11.114; 138.199.11.114; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
cookiesyncendpoint
sync.aniview.com/ Frame CD05
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26bid...
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D200%26key%3D%5B...
  • https://ad.turn.com/r/cs?pid=45&rndcb=8114487691
  • https://sync.1rx.io/usersync/turn/4420355986258896720?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=200&key=RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=200&key=RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
date
Sun, 30 Jun 2024 22:34:47 GMT

Redirect headers

content-type
text/html
date
Sun, 30 Jun 2024 22:34:44 GMT
etag
RX4b264d96a1b341f2b99fa9418faa4a59005
location
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=200&key=RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
sync
gw-iad-bid.ymmobi.com/adx/user/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&user_id=1719786884886-172030067108-000153-000-004553&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=1---&bidswitch_ssp_id=themediagrid&bsw_custom_parameter=b8a4102d-9c60-4f84-b8b7-370dd00c0149&callback=https%3A...
0
0
cookiesyncendpoint
sync.aniview.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1719786884886-172030067108-000153-000-004553%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=24&pid=59c9148628a0612da3689288&key=b8a4102d-9c60-4f84-b8b7-370dd00c0149
0
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=24&pid=59c9148628a0612da3689288&key=b8a4102d-9c60-4f84-b8b7-370dd00c0149
Protocol
H2
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 30 Jun 2024 22:34:48 GMT
content-length
0

Redirect headers

Location
https://sync.aniview.com/cookiesyncendpoint?auid=1719786884886-172030067108-000153-000-004553&biddername=24&pid=59c9148628a0612da3689288&key=b8a4102d-9c60-4f84-b8b7-370dd00c0149
Date
Sun, 30 Jun 2024 22:34:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGE3NTE2MTViNDcxNWYxNzgxNmQyZTU5Mzg2ZTFhZWQ=&gdpr=&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGE3NTE2MTViNDcxNWYxNzgxNmQyZTU5Mzg2ZTFhZWQ=&gdpr=&gdpr_consent=
Protocol
H3
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 22:34:46 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGE3NTE2MTViNDcxNWYxNzgxNmQyZTU5Mzg2ZTFhZWQ=&gdpr=&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1719786886899030-127
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=da751615b4715f17816d2e59386e1aed&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ume36ef_7388117423431298763&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=null&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=4b61e104-667d-4651-90cf-d90331841c7e&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAS_eE7NA7sAABPrfasd9Q&dataProviderId=817&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZGE3NTE2MTViNDcxNWYxNzgxNmQyZTU5Mzg2ZTFhZWQ=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEElyvBW59ttvZgcVim5I8Oc&google_cver=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/da751615b4715f17816d2e59386e1aed?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-won5IZBE2oP_kDd7YghSqzSozRVTq9GiPnAA9kAW~A
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=vMkTlLzJ1So37R5
0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545
  • https://s.amazon-adsystem.com/ecm3?id=da751615b4715f17816d2e59386e1aed&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=da751615b4715f17816d2e59386e1aed&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 22:34:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K7WM9KGTVXT6TZX1YEYZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 22:34:46 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=da751615b4715f17816d2e59386e1aed&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1719786886893020-1180
track
track4.aniview.com/ 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track4.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=www.file.io&rs=www.file.io&sid=43887&t=1719786884&cip=138.199.11.114&sn=&tgt=0&osv=10&bv=126.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=a6d630153cfb88434b607cbc898343e8&d63=a6d630153cfb88434b607cbc898343e8&aafaid=&proto=https&uid=1719786884886-172030067108-000153-000-004553&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.218&cb=23762866724&d39=&d65=GoogleSignals&d66=8.5.6&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=138.199.11.114&cd18=40.71230&cd17=-74.00680&d9=0000&d22=5f2063121d82c82557194737&d24=6374ee512c8ca8606841c0a8&d37=realtime&AV_WIDTH=440&AV_HEIGHT=247&nid=5f2063121d82c82557194737&ncid=6374ee512c8ca8606841c0a8&e=request&cb=1719786885034&plt=2&asid=633be2470cbd4b48090dc596%2C5ffffc9e712b1564036ba7e2%2C5ff87336239c6c7fd600e1b5%2C5ff48b20d0a41e5853490d69%2C66213ddbdc48756e930b8fd5%2C65e98f07b1130a0a1d0a6e6b&ofpr=%2C3.25%2C3.25%2C3.25%2C3.25%2C3.25&fpo=%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:45 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
track
track4.aniview.com/ 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track4.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=www.file.io&rs=www.file.io&sid=43887&t=1719786884&cip=138.199.11.114&sn=&tgt=0&osv=10&bv=126.0&brn=Chrome&wi=440&he=247&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&d64=a6d630153cfb88434b607cbc898343e8&d63=a6d630153cfb88434b607cbc898343e8&aafaid=&proto=https&uid=1719786884886-172030067108-000153-000-004553&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&d35=&d36=6.2.218&cb=23762866724&d39=&d65=GoogleSignals&d66=8.5.6&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&cd20=6373750d98fb531abee85ae5&cd19=138.199.11.114&cd18=40.71230&cd17=-74.00680&d9=0000&d22=5f2063121d82c82557194737&d24=6374ee512c8ca8606841c0a8&d37=realtime&AV_WIDTH=440&AV_HEIGHT=247&&copid=5f2063121d82c82557194737&nid=59c9148628a0612da3689288&cocid=6374ee512c8ca8606841c0a8&ncid=5fad56bb6a4f3e0cc41067ef&coasid=631742cf4864f704787dda76&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=&d16=2&e=request&cb=1719786885034&plt=2&asid=663cb0e35b310c4804053be5%2C61fb88e45aa84d2e9700fb35%2C624c2b3983e10f33d76e8a24&ofpr=0.7%2C1%2C3&fpo=1%2C%2C&ri=1%2C1%2C1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.240.45.75 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 22:34:45 GMT
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443";ma=60;
content-length
0
avpb8.48.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9F4F 		352 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
b29027f5e7c5b3374f5530f61e19c89e5915142c4f13223e5f48ddfb1ef76cba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 30 Jun 2024 22:49:45 GMT
date
Sun, 30 Jun 2024 22:34:45 GMT
content-encoding
gzip
x-guploader-uploadid
ACJd0Nr-n8FbdW2MadBnCwNekVYtg9a3us-pNop-sWgC7XLNVyKgyzD9DFl8ca3MgzxM8kyPCfcmynbjOQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
110100
last-modified
Wed, 26 Jun 2024 06:53:47 GMT
server
UploadServer
etag
"86ae938224dc0ee19fe419b6a5f58aa2"
vary
Accept-Encoding
x-goog-generation
1719384826938985
x-goog-hash
crc32c=aHjZzg==, md5=hq6TgiTcDuGf5Bm2pfWKog==
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
110100
accept-ranges
bytes
quic-version
0x00000001
avpb8.48.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9F4F 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0a2.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
f4073940d3a4bf5b44f2065ad230c41c6f6343bcf04015ab21b5a4ebb64b5938

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 30 Jun 2024 22:49:45 GMT
date
Sun, 30 Jun 2024 22:34:45 GMT
content-encoding
gzip
x-guploader-uploadid
ACJd0Nr8ihv28zjaOLGt_za3erNJi-QINSOq_RsSgo-bHzVt9f-tIyxcW82sBEG10VmZBwvZrFspzk46Uw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
20369
last-modified
Wed, 26 Jun 2024 06:53:47 GMT
server
UploadServer
etag
"fe3a047ebcc13a925339925393bbc73b"
vary
Accept-Encoding
x-goog-generation
1719384826863720
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=HshBAw==, md5=/joEfrzBOpJTOZJTk7vHOw==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
20369
accept-ranges
bytes
quic-version
0x00000001
avpb8.48.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9F4F 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0a0.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
f80bd049512b884446db797cc3c8193aa1eb91a1f1aaf59829a5c0a8a12eb1a1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 30 Jun 2024 22:49:45 GMT
date
Sun, 30 Jun 2024 22:34:45 GMT
content-encoding
gzip
x-guploader-uploadid
ACJd0NrRYoNise22wePRT0wM0nXM0kJPfGJIOXj56HcMDHoymi_08pRHzNX8np_Vt8vJkfWXU38
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
24274
last-modified
Wed, 26 Jun 2024 06:53:47 GMT
server
UploadServer
etag
"7056b2e8472065906290b99801d6857d"
vary
Accept-Encoding
x-goog-generation
1719384826897276
x-goog-hash
crc32c=7PQLZw==, md5=cFay6EcgZZBikLmYAdaFfQ==
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
24274
accept-ranges
bytes
quic-version
0x00000001
avpb8.48.0a5.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9F4F 		80 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0a5.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
18ee0cebf25ae51aefa21befd2459e9cf3e5447fd0b42236a8cb340821b79a23

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 30 Jun 2024 22:49:45 GMT
date
Sun, 30 Jun 2024 22:34:45 GMT
content-encoding
gzip
x-guploader-uploadid
ACJd0Nra9GWEKUagvNgrpVKP2_lvS7IuXNmlh-6vba4BFvw94K0iaRvQcK_WSctIvw-aMQziXZ7YRULaRA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
24426
last-modified
Wed, 26 Jun 2024 06:53:47 GMT
server
UploadServer
etag
"3e7de436a03ce7d23a40bcff50f3dcb2"
vary
Accept-Encoding
x-goog-generation
1719384826912079
x-goog-hash
crc32c=muc/8Q==, md5=Pn3kNqA859I6QLz/UPPcsg==
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
24426
accept-ranges
bytes
quic-version
0x00000001
avpb8.48.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9F4F 		72 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0a1.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
61f429ff602005792e3f37ab914f227f85dc844252e520140c0362d383575f04

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 30 Jun 2024 22:49:45 GMT
date
Sun, 30 Jun 2024 22:34:45 GMT
content-encoding
gzip
x-guploader-uploadid
ACJd0NoptqFCzgPtq-0Ua543Ojn-I834BoqlPlnmeb6mfzoQMhR0NNzfVA-FirbQ4IaO818cNg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
23598
last-modified
Wed, 26 Jun 2024 06:53:47 GMT
server
UploadServer
etag
"c655ab5cc56aa2ca696d8319284e0d8b"
vary
Accept-Encoding
x-goog-generation
1719384826897036
x-goog-hash
crc32c=8Kckig==, md5=xlWrXMVqosppbYMZKE4Niw==
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
23598
accept-ranges
bytes
quic-version
0x00000001
avpb8.48.0a7.js
player.aniview.com/script/6.1/libs/prebid/ Frame 9F4F 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.48.0a7.js
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.198.214.145 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-214-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
48fbe032c62aaa1d0daca03b0ee2e9088f330d8513595107a3c19177af9e23a1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 30 Jun 2024 22:49:45 GMT
date
Sun, 30 Jun 2024 22:34:45 GMT
content-encoding
gzip
x-guploader-uploadid
ACJd0NoJik1Ngh3ABrJr_RYif1-urlk3-Wcb8Ct3uU7GaVBp4zBtkCmCADLV0BlRA3c4mGqNKgs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
22613
last-modified
Wed, 26 Jun 2024 06:53:47 GMT
server
UploadServer
etag
"55f6a1f6a5b5ebea73006b9b16b47674"
vary
Accept-Encoding
x-goog-generation
1719384826929954
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=we9zLg==, md5=Vfah9qW16+pzAGubFrR2dA==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
22613
accept-ranges
bytes
quic-version
0x00000001
s2s
s2s.aniview.com/api/adserver/ 		0
0
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=13762&site_id=435928&zone_id=2583018&size_id=201&p_aso.video.protocols=2,5,3,6&p_aso.video.maxduration=30&p_aso.video.playbackmethod=3&p_aso.video.api=2&gdpr=0&gdpr_consent=&rp_schain=1.0,1!venatus.com,6357fcceb1abda701427d928,1,,,&width=440&height=247
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.221.33.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-221-33-54.compute-1.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.file.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
id5-sync.com/api/config/ Frame 9F4F 		195 B
472 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
ef70ac1bba6550ed4f4beeab8a20c96b4d4c23eca334d2cfe07f0331695dbad5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame 9F4F 		108 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
42216924c4617484773478a725bcce3ef169766044d3e0f5b0923aa110e9b59d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 30 Jun 2024 22:34:28 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 30 Jul 2024 22:34:28 GMT
topics_frame.html
pa.openx.net/ Frame 5818 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: www.file.io
URL: https://www.file.io/kNQn/download/vsSiRq5nSWrx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.file.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
190
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 22:31:37 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
ACJd0No-WEmEGT_324y5Ig02gCxjTwMzF6sqs-O0XgLnS797o-7MP3A5Qo8c0keTHPbP45LKOH0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.file.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.file.io
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 30 Jun 2024 22:34:43 GMT
translator
hbopenbid.pubmatic.com/ Frame 9F4F 		0
55 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 9F4F 		0
55 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 9F4F 		11 B
229 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Sun, 30 Jun 2024 22:34:43 GMT
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.file.io
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 9F4F 		67 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=12920321&componentId=prebid&componentSubId=mustang&timestamp=1719786885459&_fw_bidfloor=3.25&_fw_bidfloorcur=USD&pbjs_version=8.48.0&pKey=2798894&_fw_us_privacy=1---&gpp=&gpp_sid=-1&_fw_prebid_content=%7B%22title%22%3A%22Understanding%20the%20Modern%20Gamer%22%2C%22url%22%3A%22https%3A%2F%2Fcontent1.avplayer.com%2F5f2063121d82c82557194737%2Fvideos%2F63f7530d2bdf8c59ab0dcf13%2F63f7533bbdc449913e0a4913%2Fvideo.mp4%3FAV_TAGID%3D6374f8665f2f007d23421195%26pid%3D5f2063121d82c82557194737%26cid%3D6374ee512c8ca8606841c0a8%26AV_TEMPID%3D62f50abe103ae32adf5785c8%26AV_PUBLISHERID%3D5f2063121d82c82557194737%26av_qd1%3D611a1881cd22c87dcd063d22%26videoId%3D63f7530d2bdf8c59ab0dcf13%22%2C%22keywords%22%3A%22%22%2C%22id%22%3A%22iris_ad883d3974d4ee84%22%2C%22len%22%3A157%7D&schain=1.0%2C1!venatus.com%2C6357fcceb1abda701427d928%2C1%2C%2C%2C&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*Y6ZqMIlvhtr8ALhiMc16gsL7b_tuEKFSFYrAJYvKGMKsk-kFFC6TAW3Ooh7gwf5X%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A2%2C%22pba%22%3A%228E1qbzciJyqckaMeU7mTww%3D%3D%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224b61e104-667d-4651-90cf-d90331841c7e%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0ea6888l7ih7iicik87kjkcil8acebji8lcabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2220b6de95-c04d-4194-a499-1b289193c6fd%22%2C%22atype%22%3A1%7D%5D%7D%5D&withOMSDK=true&_fw_content_category=IAB680&_fw_content_genre=VideoGaming&_fw_context=iris%3Aap%2Caa%2Cic_zx%2Cic_9731058%2Cic_3068555%2Cic_6680418%2Cic_7160777%2Cic_0518316%2Cic_0084516%2Cic_7937890%2Cic_9146060%2Cic_2416407%2Cic_3572470%2Cic_6703731%2Cic_7753435%2Cic_1612662%2Cic_5043113%2Cic_8555203%2Cic_3707563%2Cic_3897801%2Cic_0731630%2Cic_0009954%2Cic_8221182%2Cic_1809360%2Cic_9954675%2Cic_3393155%2Cic_9677800%2Cic_9303559%2Cic_2540565%2Cic_8240327%2Cic_9456328%2Cic_0858141%2Cic_2001389%2Cic_6309335%2Cic_5203923%2Cic_5313998%2Cic_7525728%2Cic_6018049%2Cic_7270112&loc=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&playerSize=440x247&video_context=instream&video_placement=3&video_plcmt=2
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.211 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 22:34:46 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1719786886850029-150
hb-multi
hb.yellowblue.io/ Frame 9F4F 		0
0
pbjs
ads.dxkulture.com/ Frame 9F4F 		458 B
813 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.dxkulture.com/pbjs?pid=1359&placementId=99030
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.55.126.71 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
ea8671f96a8e0b142183093a6076245462506cf3ba53b3e098e54676c9b5eaf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 22:34:45 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.file.io
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
285
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 9F4F 		184 B
511 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
aa9f7ee9c797cea90f50a4ee50dac63c9615d4576c6698f94207836cd785fc93

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/3.4.0
Observe-Browsing-Topics
?1
vary
origin
Content-Type
application/json
access-control-allow-origin
https://www.file.io
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
translator
hbopenbid.pubmatic.com/ Frame 9F4F 		0
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ Frame 9F4F 		33 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a28b3602e32fb6fff572c9e9a8bfad0291e5868afbe7235052350e738ae2b5a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.file.io
date
Sun, 30 Jun 2024 22:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ctrack
track1.avplayer.com/ 		0
148 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.avplayer.com/ctrack?pt=2&d66=8.5.6&d74=&stagid=6374f8665f2f007d23421195&stplid=62f50abe103ae32adf5785c8&pid=5f2063121d82c82557194737&cid=6374ee512c8ca8606841c0a8&r=www.file.io&cd1=&cd2=&cd3=&sn=&app=&test=&cb=1719786882095
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Jun 2024 22:34:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
258.json
id5-sync.com/g/v2/ Frame 9F4F 		580 B
991 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
f17cdc5fff86f722fdea7e0aa5b476a1a28b8799967cf9a4c6c4dffc97903f9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.file.io/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Jun 2024 22:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.file.io
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
proc.ad.cpe.dotomi.com
URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406250101&jk=2482570818586793&bg=!6Oul66TNAAaO6Fnqrug7ADQBe5WfOGS9aAMgAxf4SS7uUwx0hzw5Ts2KCwnDrQUjvh9z2L0OiU9WRggSbbhZNQtcgGezAgAAAExSAAAABGgBB34ANVECJzn8Nhs1F4ls5V-FdGKfhssM2Me86u6BxmAKylFzz8PDytvmEEkIyU7O5fTQKVTGjOYnCgC-uYdBzzwtBZ6WOEf1slDD9gan9hX0NRGrMjsEmmLMDREQwp7sZ8akHAg-tJFbpUGSYecszELKE2mjX4I-4kEKV6MqDeJUWaLaVn-HZ_hQb8ogB5vZSHPcC9a7RKxq8iSHx6q9YqUbMPCYnJLB7JfWoEMLuV1bwmvUNWKtB-uTGD7O0dQGFIInXl6iemyNKoZ-uN05dETkvt4cVpvMo1JtCqyG01zRhdSi9k_FaSRsox24TW4QCvyO6lGv0BTgPpkCj-eRwkQ5bDfp1helT0zYN9FRo-QwTJlSGz-7NXgTJvAb8b2SzVlsT4PPowK94AeRTKgcE0li92KhxZSROg2PuXMr38U9XpJu5znpH37Bec_wMA878hcD3HShxgT1-NwMg6kxX6FhQSRam5r5bvCWhM4AJU16gHUGLfcm9r9UlCv-uuE_ALsNtNEOe3RO-Vj-reTzd8UDSsJZj3Yns7ihBGXHAKeM601otFNGdMpCEBqr6NxanM4wXT2QIYelfnUfOV9QnzD-KhuZQGOV_BTbdCxgpNB4kwfHLeziaIP-iCeNa0885-BbJ0evzHLXR9fTc4-nvoFmPh2i4gM-as_TcWuCqpg-bA2bE2EFdoRu79ljyIMeOdNXTk3QmFd_2j0KcAZu9ZTVnAqR89NeRoKtC88-Cb8XJjFbjXQC715vHweDjLcBvl-cVdgKn7riYXNFF5N1zus6wTa2MR788z4tiKr8XSoBVs8sTiXcWoJnSWxoiZZoCftcZvdzToBO1MXz6pZB8yhSdjvLc4hFLQgVpFKf4012H-d9nTVfpEIPQ3lzqwQNC8SSnp-W6neIWZ4daScANGbNN-elkibf-L11o_PsvJNjD7G9dTbE2dn0nvQTjKVs6FjC2i0tjEq7OW0LpPs2KptyhavqrmIDzFRx-IDvUNtP_ePaikMtQSpbEe82RHCMTJs_x5b6GmRmv0MBMoDXg1Ay_B8ujxkV28frjpXReU04FypXsUB5PuvYtg8Dlh9Nsn_TJ4hAsz1ZZbLFXV2-c44sWSMgwH6UcIxum38NdPIskLHsvRFhp-T7w4sP1zwHcy-fK6snNK-fysSMWd90uhjiC5GwfBo6eZ9tvjQH1ibjg2b9OCCzEHoC_mQ
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=2173
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Domain
gw-iad-bid.ymmobi.com
URL
https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=1---&bidswitch_ssp_id=themediagrid&bsw_custom_parameter=b8a4102d-9c60-4f84-b8b7-370dd00c0149&callback=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D257
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=vMkTlLzJ1So37R5
Domain
s2s.aniview.com
URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=a6d630153cfb88434b607cbc898343e8&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1719786884886-172030067108-000153-000-004553&AV_TAGID=6374f8665f2f007d23421195&AV_PUBLISHERID=5f2063121d82c82557194737&AV_LOADID=96775bfa-eca0-47d5-af5c-0eb43c6e6cba&AV_PLACEMENTID=6373750d98fb531abee85ae5&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&AV_CHANNELID=6374ee512c8ca8606841c0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track4.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.file.io&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=6374f8665f2f007d23421195&AV_TEMPLATE=62f50abe103ae32adf5785c8&AV_GPID=/5f2063121d82c82557194737/6374f8665f2f007d23421195/www.file.io&d36=6.2.218&responsive=1&sver=4&avtoken=884826&omv=1.0.1&AV_D65=GoogleSignals&AV_D66=8.5.6&clsid=933eb3f7-f764-4f30-927b-50603e609e09&rando=92&scnt=1&AV_WIDTH=440&AV_HEIGHT=247&AV_CCPA=1---&AV_DNT=0&cb=9786885019&wfc=1&tgt=0&&AV_VI=100&AV_VID=0&d4=1&d5=0&AV_PLCMT=2&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&AV_IRISID=iris_ad883d3974d4ee84&AV_IRISIDCTX=ap,aa,ic_zx,ic_9731058,ic_3068555,ic_6680418,ic_7160777,ic_0518316,ic_0084516,ic_7937890,ic_9146060,ic_2416407,ic_3572470,ic_6703731,ic_7753435,ic_1612662,ic_5043113,ic_8555203,ic_3707563,ic_3897801,ic_0731630,ic_0009954,ic_8221182,ic_1809360,ic_9954675,ic_3393155,ic_9677800,ic_9303559,ic_2540565,ic_8240327,ic_9456328,ic_0858141,ic_2001389,ic_6309335,ic_5203923,ic_5313998,ic_7525728,ic_6018049,ic_7270112&ms2s=1
Domain
hb.yellowblue.io
URL
https://hb.yellowblue.io/hb-multi

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 undefined| event object| fence object| sharedStorage function| gtag object| dataLayer string| pagePath string| ___webpackCompilationHash object| ___chunkMapping object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| webpackChunkad_manager number| __VM_PRELOADER_COUNT object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal number| gatsby_scroll_offset number| gatsby_scroll_duration object| __VM_FSGEO_RESPONSE string| __VM_HBC object| __VM_BAIT_RESPONSE string| GoogleAnalyticsObject function| ga object| __vm_add object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| __VM object| ADAGIO string| nobidVersion object| nobid object| mnet object| gaplugins object| gaData object| uponit object| apstag object| xl8_config object| _qevents function| nmc function| sendToNielsen object| _aps boolean| apstagLOADED object| apscustom function| ha object| cnvr_launcher_options object| ggeac object| google_js_reporting_queue object| xl8img object| edktInitializor object| PublisherCommonId object| conversant object| hadron boolean| __halo_loaded__ object| __id5_finalization_registry object| ID5 function| quantserve function| __qc object| ezt object| _qoptions undefined| google_measure_js_timing object| google_reactive_ads_global_state object| au object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MTE4YTIxNDI2ZDQwYzhhZWxvYWRlcl9qcw== string| MTE4YTIxNDI2ZDQwYzhhZWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_topics_state object| sas object| apntag object| _ADAGIO number| google_unique_id object| aniviewRenderer object| aniplayerPos object| avContentPlayerScheduler object| GoogleGcLKhOms boolean| 4f62fe92-c706-4fd3-91b1-3bf25493a7da number| google_srt object| _google_rum_ns_ undefined| google_rum_values object| VM_API number| _tlTagsPending object| google_image_requests object| auvars function| docReady object| autag object| audDataLayer function| audGtag object| webpackChunk_aniview_player object| avContentPlayer undefined| callbacks object| storageAni object| freewheelssp_cache

313 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgAIQzJGk2oYyCgoIgQIQzpCk2oYyCgoIhwIQp5Ck2oYyCgkISRDOkKTahjIKCQgLEM6QpNqGMgoKCIsCEMyRpNqGMgoKCIwCEKeQpNqGMgoKCM4BEMyRpNqGMgoKCI4BEMyRpNqGMgoJCA4Q-56k2oYyCgoIkAIQ-56k2oYyCgoIkQIQzpCk2oYyCgoIkgIQzpCk2oYyCgoIkwIQ-56k2oYyCgoIlAIQzpCk2oYyCgoIlQIQ-56k2oYyCgoIlgIQ-56k2oYyCgoI1gEQ-56k2oYyCgkIGxCnkKTahjIKCgidAhDMkaTahjIKCgjeARDOkKTahjIKCQhfEKeQpNqGMgoJCB8QzpCk2oYyCgoIoQEQp5Ck2oYyCgoI4gEQzpCk2oYyCgoI4wEQzJGk2oYyCgoI5gEQp5Ck2oYyCgoI5wEQzJGk2oYyCgoIrAIQp5Ck2oYyCgoIrQIQp5Ck2oYyCgoIswIQ-56k2oYyCgoItAIQzpCk2oYyCgoItQIQzJGk2oYyCgoItwIQp5Ck2oYyCgkIORDMkaTahjIKCQg6EKeQpNqGMgoKCLsCEPuepNqGMgoKCPsBEPuepNqGMgoKCP8BEMyRpNqGMgoJCD8Q-56k2oYy
.file.io/ Name: _ga
Value: GA1.2.641649692.1719786864
.file.io/ Name: _gid
Value: GA1.2.1261001861.1719786865
.file.io/ Name: _gat_gtag_UA_65658019_1
Value: 1
.exelator.com/ Name: EE
Value: "7c4e7b7609effd026b2016d727a03134"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE82STVPMnczMAyNS0txcDILMnIwNAsxdzIPNHA2NDYZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIbEl%252BUWb6otDgxUUpaQyLSopPBZ8wXQoAiAkp8Q%253D%253D"
.adnxs.com/ Name: XANDR_PANID
Value: Oxp_9Tqg6QIg7FToGbqDIMCRSmB9C8c9lKuqJ9xtWEcK_w2nR_CvF7mpLC7ObFaW3xOPOdopcBm2AdIianrqDDGVy6WMfZ8W0webff6f-K8.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5167546006793024041
.go.sonobi.com/ Name: __uis
Value: 4071189e-3a8f-4452-a438-7ba74a6daf36
.go.sonobi.com/ Name: _usd_file.io
Value: a1692e88-e601-4078-89bd-22377a4bc0dd
apex.go.sonobi.com/ Name:
Value: receive-cookie-deprecation: 1
.go.sonobi.com/ Name: __uih
Value: 1
.a-mo.net/ Name: amuid2
Value: f8d1c13d-5e4f-42a3-891f-fa10686523b7
.prebid.a-mo.net/ Name: sd_amuid2
Value: f8d1c13d-5e4f-42a3-891f-fa10686523b7
.twitter.com/ Name: personalization_id
Value: "v1_Q4WBVxGDqyEbXMr6KkqWkQ=="
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 2179983696286726672060
.sharethrough.com/ Name: stx_user_id
Value: 8c3d8281-7fc5-49e6-ae38-a1484aad4b2d
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 321135=6046474
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1312892624%3B%24ql%3DHigh%3B%24qpc%3D10020%3B%24qt%3D152_1829_29211t%3B%24dma%3D501%3B%24qo%3D6
.amazon-adsystem.com/ Name: ad-id
Value: A84KWD_uy0yBtWnHTxNh0hc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.omnitagjs.com/ Name: ayl_visitor
Value: f35355f39cbcb84fa0cb70bede383673
.smartadserver.com/ Name: pid
Value: 280878273214909059
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1312892624%3B%24ql%3DHigh%3B%24qpc%3D10020%3B%24qt%3D152_1829_29211t%3B%24dma%3D501%3B%24qo%3D6&c=1&l&lo&lt=638553836654351004&o=1
.prebid.a-mo.net/ Name: __amc
Value: 2_1719786865_1719786865
.adnxs.com/ Name: icu
Value: ChkInZeIARAKGAIgAigCMPG6h7QGOAJAAkgCEPG6h7QGGAE.
.bidswitch.net/ Name: tuuid
Value: b8a4102d-9c60-4f84-b8b7-370dd00c0149
.bidswitch.net/ Name: c
Value: 1719786865
.bidswitch.net/ Name: tuuid_lu
Value: 1719786865
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6BD50DD9-CA19-4183-ADFE-249F4E5428CF
.3lift.com/ Name: tluidp
Value: 2179983696286726672060
.doubleclick.net/ Name: IDE
Value: AHWqTUnUyvNlx0NH8Ufeyzs0llZlL_5iw5jaMinwn68A89KyqYKsDQz1Y_vnPPeB0XE
.quantserve.com/ Name: mc
Value: 6681dd72-653ec-bbadb-58de1
.file.io/ Name: __qca
Value: P0-353304688-1719786865182
.file.io/ Name: FCNEC
Value: %5B%5B%22AKsRol967ICwtrR84YpSvT7Gkv1tdDYBa0Y3S-iQVcNtsyx3nmt3Y4tPIu0NDVyD4n9mB_w_BMW-70rLBMqag4Tv1Hvm6xtkLk8RmNoxu2DtQRDaO7t_ISC5SJAFlmKUEwsKXPMVXaf2WffG8VqNSFWw5DLMcUzR7A%3D%3D%22%5D%5D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.file.io/ Name: __gads
Value: ID=f62012b4270bfffd:T=1719786866:RT=1719786866:S=ALNI_Mbx-7emJt9mXpOpLQleWZd5wKhCZA
.file.io/ Name: __gpi
Value: UID=00000e5cd372d0c9:T=1719786866:RT=1719786866:S=ALNI_MaxKuBvNXsev0NiQ1Z8U6_lDKcNPQ
.file.io/ Name: __eoi
Value: ID=8e256fc8b816143e:T=1719786866:RT=1719786866:S=AA-AfjZNqQqB26VstVLdJXKNDt3N
.file.io/ Name: _ga_KDJB5247JB
Value: GS1.1.1719786864.1.0.1719786866.58.0.0
.simpli.fi/ Name: suid
Value: D0A12AED02BB4A5EA669F6C6CC910960
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.linkedin.com/ Name: li_sugr
Value: 7c68f6ef-fb67-49cf-91b7-96ec47876e60
.linkedin.com/ Name: bcookie
Value: "v=2&c2dd8e8b-d2e9-45cd-881b-ed0edb461869"
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2865:u=1:x=1:i=1719786867:t=1719873267:v=2:sig=AQHpekm2q9Je01gWVF-a5v7GA100nQv2"
.turn.com/ Name: uid
Value: 4420355986258896720
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-543d6ab2-c285-56c1-789c-4c1faa9433f6.hanSaV7EqzxThlvxxYJ%2B6U7MVmdjLlMTibj3AuMM0GQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-543d6ab2-c285-56c1-789c-4c1faa9433f6.hanSaV7EqzxThlvxxYJ%2B6U7MVmdjLlMTibj3AuMM0GQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVD1qssKFVsF4nEwfqpQz9orHC3I.1a0Z3nvctQUmwhewlEAaYhBitK5wWRSBk1ZNPIV40Yc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVD1qssKFVsF4nEwfqpQz9orHC3I.1a0Z3nvctQUmwhewlEAaYhBitK5wWRSBk1ZNPIV40Yc
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACEp5Uovsg9MTEMp24dgmL_3j2PL7yteH5sQCuTUUIKEGcYBCDzuoe0BjABOgTwTC9rQgTsGb8k.6r9GulFXw4r4iVy5rVVXiRl1yd4T4RrJp3EVDWQxaiA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIACEp5Uovsg9MTEMp24dgmL_3j2PL7yteH5sQCuTUUIKEGcYBCDzuoe0BjABOgTwTC9rQgTsGb8k.6r9GulFXw4r4iVy5rVVXiRl1yd4T4RrJp3EVDWQxaiA
.lijit.com/ Name: ljt_reader
Value: I6kKARZHnh-KrvfWTt2ZrUAe
.lijit.com/ Name: _ljtrtb_27
Value: 4b61e104-667d-4651-90cf-d90331841c7e
.w55c.net/ Name: wfivefivec
Value: vMkTlLzJ1So37R5
.w55c.net/ Name: matchtriplelift
Value: 5
measurement-api.criteo.com/ Name: ar_debug
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:D0A12AED02BB4A5EA669F6C6CC910960&KRTB&23486-uid:D0A12AED02BB4A5EA669F6C6CC910960&KRTB&23489-uid:D0A12AED02BB4A5EA669F6C6CC910960&KRTB&23539-uid:D0A12AED02BB4A5EA669F6C6CC910960
.imrworldwide.com/ Name: IMRID
Value: e967da30-3730-11ef-b766-0f7d088ee1c9
www.file.io/ Name: _lr_retry_request
Value: true
www.file.io/ Name: _lr_env_src_ats
Value: false
.file.io/ Name: cto_bundle
Value: p6RC2F90N25xMTZHRmtsc1FkeUViUkd3ZnU4NDVxWnhpVUc4bFhqZzI5aFk4S3VOWjBnNXJ6ZzhSTXdndlVURXRZSnoxd1JiSVNJJTJCeXN3V1RPNm9SaTROcVdwRjgzMWF2MXFPcDcxJTJCeFlHTUhVS0UlM0Q
.file.io/ Name: cto_bidid
Value: idgzr19leXpTV1g1YzRWY1VEZ3pnQkp0SENMYWVzek0wT05WZEJMNHZCeml1VnFkcUVDUkhPcWFuWE1sMmlDUUtveW5HRWtmTEozUVlQMVIxWmdvckl1SHZ0dyUzRCUzRA
.criteo.com/ Name: uid
Value: 5659a91b-4893-4052-8e4b-9033aca7df97
.w55c.net/ Name: matchpubmatic
Value: 5
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4420355986258896720&KRTB&23150-4420355986258896720&KRTB&23527-4420355986258896720
.adform.net/ Name: uid
Value: 5700753656034794484
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:vMkTlLzJ1So37R5&KRTB&23421-uid:vMkTlLzJ1So37R5
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAEryYgCVJ-jAILEHR1AQEBAQEBAQCRakgRPQEBAJFqSBE9&KRTB&22715-AQAEryYgCVJ-jAILEHR1AQEBAQEBAQCRakgRPQEBAJFqSBE9&KRTB&23519-AQAEryYgCVJ-jAILEHR1AQEBAQEBAQCRakgRPQEBAJFqSBE9
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5700753656034794484&KRTB&23263-5700753656034794484&KRTB&23481-5700753656034794484
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240630%22%7D
.deepintent.com/ Name: CDIUSER
Value: di_337fb1808a8b48da980ba
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2809753623816021552
.tribalfusion.com/ Name: ANON_ID
Value: aMntuJR3YWj7UXuRucrpflZakLTZdZaEDWuubwxpV4cF3FWXK34ja0cFXW2FeI91wLXDfvnym79cyRWMJZddsCKRn3An
.33across.com/ Name: check
Value: true
.the-ozone-project.com/ Name: ozone_uid
Value: 2icPPf6IIsQZRXSsyoMUERDCtUn
.the-ozone-project.com/ Name: __cf_bm
Value: MiBZFu1DXF_z9EeVZffL1wA8clMC4eltgh4VMmsbz.M-1719786869-1.0.1.1-znRMp0C1Q4OspzH8.Gwxb2UisjVMKVCwSu0f.zo5w7ZuiNw4lI6qSOp8TdymEF53Sd95sm85aEwvooBy_XE9wQ
.go.sonobi.com/ Name: __uin_td
Value: 4b61e104-667d-4651-90cf-d90331841c7e
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMJjrF8aJ15i09eztK3ozcQ&KRTB&23025-CAESEMJjrF8aJ15i09eztK3ozcQ&KRTB&23386-CAESEMJjrF8aJ15i09eztK3ozcQ
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 34585e8118df767342c2e8aeb87db108
.id5-sync.com/ Name: id5
Value: 1d1dee70-ac63-7f66-bcbe-0dca681a026f#1719786866446#4
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-oQGiFPNTrRe6Aa8W8lS3R_VW_ke6AqJB8gajMtUM&KRTB&22979-oQGiFPNTrRe6Aa8W8lS3R_VW_ke6AqJB8gajMtUM&KRTB&23462-oQGiFPNTrRe6Aa8W8lS3R_VW_ke6AqJB8gajMtUM
.a-mx.com/ Name: amdt_t
Value: p::1719786870765
.a-mx.com/ Name: amuid2
Value: f8d1c13d-5e4f-42a3-891f-fa10686523b7
.rtb.mx/ Name: amdt_t
Value: p::1719786870801
.rtb.mx/ Name: amdt_t
Value: p::1719786870801
.rtb.mx/ Name: amuid2
Value: f8d1c13d-5e4f-42a3-891f-fa10686523b7
.rtb.mx/ Name: amuid2
Value: f8d1c13d-5e4f-42a3-891f-fa10686523b7
.adsrvr.org/ Name: TDID
Value: 4b61e104-667d-4651-90cf-d90331841c7e
.mxptint.net/ Name: mxpim
Value: R33645_117F2EBFE_487E2BD4.1.00000000000000006681DD76
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-4b61e104-667d-4651-90cf-d90331841c7e&KRTB&22918-4b61e104-667d-4651-90cf-d90331841c7e&KRTB&22926-4b61e104-667d-4651-90cf-d90331841c7e&KRTB&23031-4b61e104-667d-4651-90cf-d90331841c7e
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_117F2EBFE_487E2BD4&KRTB&23092-R33645_117F2EBFE_487E2BD4
.cpx.to/ Name: dsp_pub_common
Value: fb85143a-d891-4f7b-ac6f-d4f679baf904#1719786871034
.cpx.to/ Name: dsp_TTD
Value: 4b61e104-667d-4651-90cf-d90331841c7e#1719786871034
.cpx.to/ Name: dsp_app_nexus
Value: 5167546006793024041#1719786871034
.bidr.io/ Name: bito
Value: AAS_eE7NA7sAABPrfasd9Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_TS
Value: 1719786870200
.tapad.com/ Name: TapAd_DID
Value: 19f61bb4-b019-43aa-8c98-1ee7f72bf108
.rubiconproject.com/ Name: khaos
Value: LY24P6VR-24-5ML
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.onetag-sys.com/ Name: OTP
Value: IsJSSFXEWeh4skWdjW0H6NVsQRHTDb2957Tlapt0ywU
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnpwPCYJ7_AXUFJ1L7dnQ45Qy2JLsOPzpvCPS5K_qx5Rqr5IksIWr2P9-fK5QC4TM1
.pubmatic.com/ Name: DPSync3
Value: 1720915200%3A258_226_228_201_262_263_256_219_261_260_235_259_236_245%7C1720310400%3A252_253_265%7C1719792000%3A248_255%7C1720742400%3A257
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1719808472208
.lijit.com/ Name: _ljtrtb_92
Value: 5167546006793024041
.file.io/ Name: _au_1d
Value: AU1D-0100-001719786873-6XXAS4HK-CWM6
.id5-sync.com/ Name: 3pi
Value: 2#1719786868201#933228880#5167546006793024041|434#1719786869962#-875293514|264#1719786867840#1680542114#4b61e104-667d-4651-90cf-d90331841c7e|203#1719786868809#-1493676483#5659a91b-4893-4052-8e4b-9033aca7df97|155#1719786871143#-1138452786#AAS_eE7NA7sAABPrfasd9Q|1245#1719786868012#457414728|429#1719786872407#668044318#6BD50DD9-CA19-4183-ADFE-249F4E5428CF|1246#1719786872549#457414728
.audrte.com/ Name: arcki2
Value: i90kGTW2GrmRZ2b129jvITHKg!20220908!1719786872797!ip#138.199.11.114
.audrte.com/ Name: arcki2_pubmatic
Value: 6BD50DD9-CA19-4183-ADFE-249F4E5428CF!20220908!1719786872797
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7730732722025158886P
.owneriq.net/ Name: pmc
Value: 1
.audrte.com/ Name: arcki2_ddp2
Value: i90kGTW2GrmRZ2b129jvITHKg!20220908!1719786872923
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-OFcNBrEPCoa3vtZ8d92BZg&KRTB&23557-OFcNBrEPCoa3vtZ8d92BZg&KRTB&23586-OFcNBrEPCoa3vtZ8d92BZg
.audrte.com/ Name: arcki2_adform
Value: 5700753656034794484!20220908!1719786873077
.dotomi.com/ Name: DotomiTest
Value: 13b05aaed4c613df
.agkn.com/ Name: ab
Value: 0001%3AM2AvV%2BNd4QexHJGCZYNQoAg5hXXbT391
.onaudience.com/ Name: cookie
Value: 9e5f47cd4a3edc7c
.onaudience.com/ Name: done_redirects252
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.cpx.to/ Name: dsp_rubicon
Value: LY24P6VR-24-5ML#1719786874044
.openx.net/ Name: i
Value: 169b9cc3-0ea3-4293-9f9f-5775f60a3380|1719786874
.pubmatic.com/ Name: SPugT
Value: 1719786874
.cpx.to/ Name: dsp_dbm
Value: CAESEH3eEmdqjUVI6dVjx2w_saE#1719786874191
.cpx.to/ Name: dsp_OPENX
Value: 850a8f89-9b8c-416b-a7df-673193ba1fff#1719786874204
.semasio.net/ Name: SEUNCY
Value: 9F5027D6050A35BE
.go.sonobi.com/ Name: __uin_st
Value: VD1qssKFVsF4nEwfqpQz9orHC3I
.go.sonobi.com/ Name: __uin_bw
Value: b8a4102d-9c60-4f84-b8b7-370dd00c0149
.cpx.to/ Name: dsp_pubmatic
Value: 6BD50DD9-CA19-4183-ADFE-249F4E5428CF#1719786874756
.mfadsrvr.com/ Name: c
Value: 1719786874
.mfadsrvr.com/ Name: tuuid_lu
Value: 1719786874
.mfadsrvr.com/ Name: tuuid
Value: f332360f-45bf-472a-9629-af4278586870
.go.sonobi.com/ Name: __uin_bs
Value: 5e2a6c80-ffcc-4bfc-8c9f-5207ee6e6ad4-6681dd77-5553
io.narrative.io/ Name: io.narrative.guid.v2
Value: ed3e84b1-3730-11ef-b63c-068a96b7d075
.pubmatic.com/ Name: SyncRTB3
Value: 1722297600%3A224%7C1720310400%3A223_38_2_15%7C1724889600%3A69%7C1720569600%3A63%7C1720915200%3A249_234_264_21_254_7_46_5_166_220_240_266_104_71_13_96_48_3_231_22_250_56_178_176_8_99_81_233_267_54_165_55%7C1721001600%3A35
.adsby.bidtheatre.com/ Name: __kuid
Value: 97d2b25f-ec12-4ef5-98bb-819a0776c521.489000875
.colossusssp.com/ Name: gtm_usr
Value: 7f914aaa-9f97-4ffe-bff0-bf0ba1290bb3
.colossusssp.com/ Name: lmg_r
Value: 66
.csync.loopme.me/ Name: viewer_token
Value: a063ef38-43c8-4772-8391-80957462f84c
.onaudience.com/ Name: done_redirects161
Value: 1
.pippio.com/ Name: did
Value: NgP7YDj9Mj8pjha-
.pippio.com/ Name: didts
Value: 1719786877
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CP26h7QGEgYIgr0rEAA=
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: 17e43331-81c7-457c-606f-466d1f99034b
.zeotap.com/ Name: zsc
Value: %D0%096X%E2%ACu%FF5%3Cx%A5%1B%DB%0Cx%07a%EC1%B3%C5%40%10%22%9D%BD%3BC%B9%F3%08T%15%17%CB%FF%3F%22%D3%BD%11%7C%FD%0B%F8%92%97%95%29%CC%E4%D0%91j2%5Ca%CB%5Ex%ABy%F3%D4%99j%EE%D8%DA%AC%ED%97%B9%5C%CE%0E%9F%2B%DF%9A%91%0A
.adx.opera.com/ Name: UID
Value: OPU2090d4b1a3244128853b6bb55935368e
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_ef43ca90-3730-11ef-86a8-12fa6b58ae11
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU2090d4b1a3244128853b6bb55935368e&KRTB&23485-OPU2090d4b1a3244128853b6bb55935368e&KRTB&23524-OPU2090d4b1a3244128853b6bb55935368e&KRTB&23575-OPU2090d4b1a3244128853b6bb55935368e
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-VD1qssKFVsF4nEwfqpQz9orHC3I&KRTB&23334-VD1qssKFVsF4nEwfqpQz9orHC3I&KRTB&23417-VD1qssKFVsF4nEwfqpQz9orHC3I&KRTB&23426-VD1qssKFVsF4nEwfqpQz9orHC3I
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.contextweb.com/ Name: V
Value: FGKIg1O6aBJ7
.contextweb.com/ Name: VP
Value: part_FGKIg1O6aBJ7
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 9a73c262eeeeef1f
.admanmedia.com/ Name: admtr
Value: ba9772ee-24b3-4ca9-8c12-d56f1c894a19
.kargo.com/ Name: ktcid
Value: e2572b22-dce5-0354-5ec2-beb3ebde250e
.thrtle.com/ Name: mc
Value: eyJpZCI6ImQyNDUzOWMwLWFjMWYtNDQ2MC1iM2FiLWJiYzQ4Y2M0OTNmZiIsImwiOjE3MTk3ODY4Nzg5MjAsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-be2d45db-b482-47c1-b545-03634a0a33b9&KRTB&23340-be2d45db-b482-47c1-b545-03634a0a33b9&KRTB&23498-be2d45db-b482-47c1-b545-03634a0a33b9
.mathtag.com/ Name: uuid
Value: 2a736681-dd7f-4b00-856c-ee45c20fbdbf
beacon.lynx.cognitivlabs.com/ Name: UID
Value: f9022a27-0474-4745-8eb6-52d8d78a4e06
beacon.lynx.cognitivlabs.com/ Name: ss
Value: BOVXhztkviiFF2C%2B%2FbBRS2QL%2FFH9w5xKIIZweBCDedT0W%2B2UHat2nO6d%2BjYVqL4EUi8xgIBhQum4kv%2B0bJ4JDg%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:13136681-dd7f-4d00-8e67-6368ddc30e7d
.adgrx.com/ Name: ADGRX_UID
Value: efb8e7c6-3730-11ef-aba5-735cdc0a30d1
.creativecdn.com/ Name: g
Value: Z9mHz3qtQfbA9bOP83fF_1719786879117
.creativecdn.com/ Name: ts
Value: 1719786879
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-efb8e7c6-3730-11ef-aba5-735cdc0a30d1&KRTB&23275-efb8e7c6-3730-11ef-aba5-735cdc0a30d1
.demdex.net/ Name: demdex
Value: 07700600516511191013899406711186263800
.dpm.demdex.net/ Name: dpm
Value: 07700600516511191013899406711186263800
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4390-2!4390-3!4390
.media.net/ Name: visitor-id
Value: 3627884790040254000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-EiMbnFnsNhqE2p8PJzUuOwPrgXPXlRZdG14je_HApDY&KRTB&23047-EiMbnFnsNhqE2p8PJzUuOwPrgXPXlRZdG14je_HApDY&KRTB&23234-EiMbnFnsNhqE2p8PJzUuOwPrgXPXlRZdG14je_HApDY&KRTB&23361-EiMbnFnsNhqE2p8PJzUuOwPrgXPXlRZdG14je_HApDY
.casalemedia.com/ Name: CMID
Value: ZoHdf9HM6qQAAGdLAKIetgAA
.casalemedia.com/ Name: CMPS
Value: 3802
.casalemedia.com/ Name: CMPRO
Value: 3802
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-b8a4102d-9c60-4f84-b8b7-370dd00c0149
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNTcwMDc1MzY1NjAzNDc5NDQ4NCIsImV4cGlyZXMiOiIyMDI0LTA3LTE0VDIyOjM0OjMxLjUxNjIxMTQ1M1oifSwiZ3JpZCI6eyJ1aWQiOiJiOGE0MTAyZC05YzYwLTRmODQtYjhiNy0zNzBkZDAwYzAxNDkiLCJleHBpcmVzIjoiMjAyNC0wNy0xNFQyMjozNDozOS41OTQ5ODY5NjRaIn0sIml4Ijp7InVpZCI6IlpvSGRmOUhNNnFRQUFHZExBS0lldGdBQVx1MDAyNjM4MDIiLCJleHBpcmVzIjoiMjAyNC0wNy0xNFQyMjozNDozOS40NjYyMTA0MloifSwibWVkaWFuZXQiOnsidWlkIjoiMzYyNzg4NDc5MDA0MDI1NDAwMFYxMCIsImV4cGlyZXMiOiIyMDI0LTA3LTE0VDIyOjM0OjM5LjM1OTczMzIzMloifSwib25ldGFnIjp7InVpZCI6IklzSlNTRlhFV2VoNHNrV2RqVzBINk5Wc1FSSFREYjI5NTdUbGFwdDB5d1UiLCJleHBpcmVzIjoiMjAyNC0wNy0xNFQyMjozNDozMS43MzU4NTU3MTFaIn0sIm9wZW54Ijp7InVpZCI6ImZjZTkyYzU1LTFlYmItNGU4ZC1hZWM1LTVmODgxMzc2YzJmMCIsImV4cGlyZXMiOiIyMDI0LTA3LTE0VDIyOjM0OjM5LjUzODMxMzY0MVoifSwicHVibWF0aWMiOnsidWlkIjoiNkJENTBERDktQ0ExOS00MTgzLUFERkUtMjQ5RjRFNTQyOENGIiwiZXhwaXJlcyI6IjIwMjQtMDctMTRUMjI6MzQ6MzQuMTg4MzEyNDQ2WiJ9LCJydWJpY29uIjp7InVpZCI6IkxZMjRQNlZSLTI0LTVNTCIsImV4cGlyZXMiOiIyMDI0LTA3LTE0VDIyOjM0OjMxLjYwMDA3ODg2MVoifSwic21hcnQiOnsidWlkIjoiMjgwODc4MjczMjE0OTA5MDU5IiwiZXhwaXJlcyI6IjIwMjQtMDctMTRUMjI6MzQ6MzEuMDA3OTU4MDA4WiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjIxNzk5ODM2OTYyODY3MjY2NzIwNjAiLCJleHBpcmVzIjoiMjAyNC0wNy0xNFQyMjozNDozMS4wODk3MDI3MDdaIn0sInR0ZCI6eyJ1aWQiOiI0YjYxZTEwNC02NjdkLTQ2NTEtOTBjZi1kOTAzMzE4NDFjN2UiLCJleHBpcmVzIjoiMjAyNC0wNy0xNFQyMjozNDozMC44NjI4MTM5MThaIn19LCJiZGF5IjoiMjAyNC0wNi0zMFQyMjozNDozMC44NjI4MTA4N1oifQ==
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 47252080
.go.sonobi.com/ Name: __uin_cx
Value: 1
.go.sonobi.com/ Name: __uir_cx
Value: 47252080
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 47252080
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 47252080
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 47252080
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 47252080
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 47252080
.yellowblue.io/ Name: wrvUserID
Value: wLIVxUG-k
.zemanta.com/ Name: zuid
Value: ZkVoUgJviR2ZD_jY31fq
.go.sonobi.com/ Name: __uir_fw
Value: 202946138315227760
.go.sonobi.com/ Name: __uin_fw
Value: 469493533b6157087916e999b9461d
.sitescout.com/ Name: ssi
Value: 808ec934-c20b-454d-a666-b326ee88dbd2#1719786881002
.go.sonobi.com/ Name: __uir_st
Value: 202946108250456688
.go.sonobi.com/ Name: __uir_td
Value: 202946091070587504
.rlcdn.com/ Name: pxrc
Value: CPG6h7QGEgUI6AcQABIFCOhHEAwSBgi46wEQEBIGCJasKxAA
.go.sonobi.com/ Name: __uir_bs
Value: 202946112545423984
.go.sonobi.com/ Name: __uir_eb
Value: 202946138315227760
.go.sonobi.com/ Name: __uin_eb
Value: CAESENjHPl2L_pTj8peQ57DRXRs||1
.connatix.com/ Name: cnx_userId
Value: 020fc4de5d324208b44f90b6c48651da
.go.sonobi.com/ Name: __uir_if
Value: 202946138315227760
.go.sonobi.com/ Name: __uin_if
Value: 2a736681-dd7f-4b00-856c-ee45c20fbdbf
.go.sonobi.com/ Name: __uir_pp
Value: 202946138315227760
.go.sonobi.com/ Name: __uin_pp
Value: FGKIg1O6aBJ7
.go.sonobi.com/ Name: __uir_bw
Value: 202946108250456688
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553&KRTB&23418-808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553
.go.sonobi.com/ Name: __uir_rh
Value: 202946138315227760
.go.sonobi.com/ Name: __uin_rh
Value: EiMbnFnsNhqE2p8PJzUuOwPrgXPXlRZdG14je_HApDY
.33across.com/ Name: 33x_ps
Value: u%3D212676590151869%3As1%3D1719786881305%3Ats%3D1719786881305
.yahoo.com/ Name: A3
Value: d=AQABBHndgWYCEIAWCxFIDctu6S4C9afYCTAFEgEBAQEug2aLZtxH0iMA_eMAAA&S=AQAAAsg2RBkKWSzcMhiOeKFJWpE
.yieldmo.com/ Name: yieldmo_id
Value: VhL2IJJBD2JD8SxCXFcs%7C1719705600000%7C0
.intentiq.com/ Name: IQver
Value: 1.9
.creative-serving.com/ Name: tuuid
Value: f9429122-293b-4e17-b948-5528da63ae18
.creative-serving.com/ Name: c
Value: 1719786882
.creative-serving.com/ Name: tuuid_lu
Value: 1719786882
.bidr.io/ Name: checkForPermission
Value: ok
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1s8h|4is.0.CAESELxT9POFQ4UXtc7mDIl18EU|7br.0.1|7LJ.0.4071189e-3a8f-4452-a438-7ba74a6daf36|7dN.0.AAS_eE7NA7sAABPrfasd9Q|8i8.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1s8h|4is.0.CAESELxT9POFQ4UXtc7mDIl18EU|7br.0.1|7LJ.0.4071189e-3a8f-4452-a438-7ba74a6daf36|7dN.0.AAS_eE7NA7sAABPrfasd9Q|8i8.0.1
.technoratimedia.com/ Name: tads_uidp_73
Value: AAS_eE7NA7sAABPrfasd9Q
.technoratimedia.com/ Name: tads_uid
Value: 041012BA8E2A4B41B9A8AC297C379F81
.technoratimedia.com/ Name: tads_uid_cd
Value: 20240630223443+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_82
Value: ZoHdf9HM6qQAAGdLAKIetgAA&3802
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAS_eE7NA7sAABPrfasd9Q
.pubmatic.com/ Name: PugT
Value: 1719786881
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzK2sDC3NDE0MDI2EuIz1M1zDCs3z8kPDExydAYA2R8SniQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzK2sDC3NDE0MDI2EuIz1M1zDCs3z8kPDExydAYA2R8SniQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtobmhpbmFmYWFiYGAGAFDK5LEQAAAA
.go.sonobi.com/ Name: __uir_zt
Value: 202946151200129651
.go.sonobi.com/ Name: __uin_zt
Value: 968907238879410232
.pbs.yahoo.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjIxNzk5ODM2OTYyODY3MjY2NzIwNjAiLCJleHBpcmVzIjoiMjAyNC0wNy0xNFQyMjozNDo0NC4wNDk0NzYwNDZaIn19fQ==
.lijit.com/ Name: ljtrtb
Value: eJwNysENgDAMA8Bd8iaS07oOYRxaWAKxO9z7Hmtph%2FFUXAG6lMupEV6Yt69C77EzZl62WbX%2FjlAOClBWRyMY9n5V7BAH
.lijit.com/ Name: _ljtrtb_80
Value: LY24P6VR-24-5ML
.storygize.net/ Name: U
Value: 920af4e6-2617-4564-9f2a-67c6c24ddbfd
.admanmedia.com/ Name: ac_r
Value: CS253|CS139|undefined
.pubmatic.com/ Name: pi
Value: 159706:3
.mfadsrvr.com/ Name: ssh
Value: !adyoulike=1719786884!onetag=1719786881!triplelift=1719786874
.aidemsrv.com/ Name: __cf_bm
Value: asttNM57CuSZYP5zZNHtM7qUgymCETjSzgwbzuDdE7Y-1719786884-1.0.1.1-BWzWGWq5T7WeCco5NTGBTHdpq5NjgM85fcx.waFm2tl4_5DDEEuuY30anpVHXCeuDR4QUfP6A63P3ud_PzXK0A
.rlcdn.com/ Name: rlas3
Value: Yypddba5+eLCQbwLmqvDINvCgVPKBz69hQbiepoU7Ns=
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 10
.quantserve.com/ Name: d
Value: EG8BGQGbLPijD9r7EMyp0QA
.aniview.com/ Name: aniC
Value: 1719786884886-172030067108-000153-000-004553
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2jam:19dr~2jam"
.file.io/ Name: _pubcid
Value: 20b6de95-c04d-4194-a499-1b289193c6fd
.file.io/ Name: _pubcid_cst
Value: yyzLLLEsNg%3D%3D
.rqtrk.eu/ Name: browser_id
Value: 1:ef73d13c-3b08-487e-af2d-ebb4755d7a8a
.dxkulture.com/ Name: mtuid
Value: cf6a8899-1c3a-4230-af1c-1ab7d1eb40bf
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-bfe403aa-8061-3b9f-ba8f-8136ae0a9cc2
.media.net/ Name: data-ris
Value: {{APID}}~~25
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcxOTc4Njg4MTAyMiwiMzkiOjE3MTk3ODY4NzE2OTMsIjciOjE3MTk3ODY4NzE2OTMsIjc0IjoxNzE5Nzg2ODg1NjU4fQ
.krushmedia.com/ Name: krm_usr
Value: 47cb07ec-ef0a-5e29-b3a1-d757104e61bf
.krushmedia.com/ Name: krm_r
Value: 55
.smaato.net/ Name: SCM
Value: c7a1f58d1f
.smaato.net/ Name: SCMsas
Value: c7a1f58d1f
.aniview.com/ Name: 1_C_9
Value: da751615b4715f17816d2e59386e1aed
sync.aniview.com/ Name: 1_C_9
Value: da751615b4715f17816d2e59386e1aed
.aniview.com/ Name: 1_C_18
Value: I6kKARZHnh-KrvfWTt2ZrUAe
sync.aniview.com/ Name: 1_C_18
Value: I6kKARZHnh-KrvfWTt2ZrUAe
.aniview.com/ Name: 1_C_78
Value: y-mKum5U9E2uJbZ8aArjBVG4Z4qRi16WgR~A
sync.aniview.com/ Name: 1_C_78
Value: y-mKum5U9E2uJbZ8aArjBVG4Z4qRi16WgR~A
.aniview.com/ Name: 1_C_55
Value: 5167546006793024041
sync.aniview.com/ Name: 1_C_55
Value: 5167546006793024041
.aniview.com/ Name: 1_C_62
Value: 47cb07ec-ef0a-5e29-b3a1-d757104e61bf
sync.aniview.com/ Name: 1_C_62
Value: 47cb07ec-ef0a-5e29-b3a1-d757104e61bf
.aniview.com/ Name: 1_C_215
Value: 808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553
sync.aniview.com/ Name: 1_C_215
Value: 808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553
.aniview.com/ Name: 1_C_23
Value: 99b53b30-af15-4978-902a-2a80167b294f
sync.aniview.com/ Name: 1_C_23
Value: 99b53b30-af15-4978-902a-2a80167b294f
.aniview.com/ Name: 1_C_72
Value: 808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553
sync.aniview.com/ Name: 1_C_72
Value: 808ec934-c20b-454d-a666-b326ee88dbd2-6681dd81-5553
.aniview.com/ Name: 1_C_5
Value: LY24P6VR-24-5ML
sync.aniview.com/ Name: 1_C_5
Value: LY24P6VR-24-5ML
.aniview.com/ Name: 1_C_24
Value: b8a4102d-9c60-4f84-b8b7-370dd00c0149
sync.aniview.com/ Name: 1_C_24
Value: b8a4102d-9c60-4f84-b8b7-370dd00c0149
.aniview.com/ Name: 1_C_49
Value: 280878273214909059
sync.aniview.com/ Name: 1_C_49
Value: 280878273214909059
.aniview.com/ Name: 1_C_20
Value: IsJSSFXEWeh4skWdjW0H6NVsQRHTDb2957Tlapt0ywU
sync.aniview.com/ Name: 1_C_20
Value: IsJSSFXEWeh4skWdjW0H6NVsQRHTDb2957Tlapt0ywU
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005%22%7D
.go.sonobi.com/ Name: HAPLB8G
Value: s8522|ZoHdi
.aniview.com/ Name: 1_C_52
Value: ua-bfe403aa-8061-3b9f-ba8f-8136ae0a9cc2
sync.aniview.com/ Name: 1_C_52
Value: ua-bfe403aa-8061-3b9f-ba8f-8136ae0a9cc2
.ads.stickyadstv.com/ Name: UID
Value: da751615b4715f17816d2e59386e1aed
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-159
Value: 1
.fwmrm.net/ Name: _uid
Value: ume36ef_7388117423431298763
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: ume36ef_7388117423431298763
.ads.stickyadstv.com/ Name: MRM_UID
Value: ume36ef_7388117423431298763
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCPronfTa14w9EAUSFgoHcnViaWNvbhILCO6y1tzb14w9EAUYASABKAIyCwiU3fS88teMPRAFOAFaCXN0aWNreWFkc2AC
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 4b61e104-667d-4651-90cf-d90331841c7e
.pxl.iqm.com/ Name: equativ
Value: MTcyMDk5NjQ4NzQzOQ==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 824eda6e-20ba-4f97-9299-e8e08ff26ac6
.smartadserver.com/ Name: csync
Value: 76:CAESEL7H8Q4fmWdLQ-LVVOi3PDA|80:A2uUFVE5mxYYa5kXUD6BRlc8yEYYaJRAUGxxpyu1|127:AAS_eE7NA7sAABPrfasd9Q|133:c7a1f58d1f|150:0|154:824eda6e-20ba-4f97-9299-e8e08ff26ac6|160:1
.rubiconproject.com/ Name: audit
Value: 1|5Ualfp3AwNYY028iH3vr9VYO+lrn58Zb/FUBzVURM2xpB2SQr2K/yOWiqzOQepZws6u7yoVwGZ5CqQ3+tQhlLHMDvubSxZCGXj6Gz0cmwXGF4Gdf5An4a3CIA43RpoQF2VjNQwH8cwiI2xlsVWwrlhEvvJ41y0qrNnIE11Y2cvBIi/0PgMapEQ==
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005%22%7D
.aniview.com/ Name: 1_C_200
Value: RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005
sync.aniview.com/ Name: 1_C_200
Value: RX-4b264d96-a1b3-41f2-b99f-a9418faa4a59-005

4 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&PageUrl=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx&PageReferrer=https%3A%2F%2Fwww.file.io%2FkNQn%2Fdownload%2FvsSiRq5nSWrx
Message:
Failed to load resource: the server responded with a status of 412 ()
security warning URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

35e1e44facb1dc778bd866c7884935d9.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.turn.com
ads.dxkulture.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.criteo.com
analytics.google.com
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
bh.contextweb.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
cadmus.script.ac
cdn.edkt.io
cdn.exelator.com
cdn.hadronid.net
cdn.id5-sync.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
content1.avplayer.com
creativecdn.com
cs.krushmedia.com
csi.gstatic.com
dis.eu.criteo.com
eb2.3lift.com
elb.the-ozone-project.com
eus.rubiconproject.com
feed.avplayer.com
file.io
fundingchoicesmessages.google.com
go1.aniview.com
gum.criteo.com
gw-iad-bid.ymmobi.com
hb-api.omnitagjs.com
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.com
hb.vntsm.io
hb.yellowblue.io
hbopenbid.pubmatic.com
i.clean.gg
ib.3lift.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mydmp.exelator.com
nmcsync.imrworldwide.com
onetag-sys.com
onsite-tag-logs.apps.nielsen.com
optimized-by.rubiconproject.com
p.ad.gt
p.cpx.to
p.rfihub.com
pa.openx.net
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
play.aniview.com
player.aniview.com
player.avplayer.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s2s.aniview.com
script.4dex.io
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.disqus.com
stats.g.doubleclick.net
sync.1rx.io
sync.a-mo.net
sync.aniview.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
targeting.unrulymedia.com
tg1.aniview.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
track1.avplayer.com
track4.aniview.com
u.openx.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.file.io
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
ads.stickyadstv.com
api.rlcdn.com
gw-iad-bid.ymmobi.com
hb.yellowblue.io
pagead2.googlesyndication.com
proc.ad.cpe.dotomi.com
s2s.aniview.com
ssbsync.smartadserver.com
104.18.23.145
104.22.4.69
104.22.47.142
104.22.5.69
104.22.52.173
104.22.53.86
104.244.42.3
104.26.3.70
104.36.113.107
104.36.113.112
108.128.131.144
108.138.106.59
108.138.115.149
13.225.63.3
13.226.34.70
135.148.2.48
141.95.98.65
142.251.174.157
147.28.146.89
147.75.195.77
151.101.193.194
162.19.138.118
172.217.197.132
172.240.155.108
172.240.45.75
172.240.45.81
172.253.63.97
172.64.144.78
172.67.75.241
173.194.175.156
173.194.175.157
173.194.205.155
173.194.66.154
173.194.68.105
173.194.68.132
178.250.1.9
18.238.49.61
18.238.55.87
18.238.58.231
18.238.80.10
184.25.47.188
185.184.8.90
185.93.1.251
192.132.33.67
192.184.67.70
198.148.27.131
199.38.167.131
207.65.37.179
209.85.232.113
209.85.232.156
216.200.232.249
216.239.38.178
23.105.12.116
23.198.214.145
23.207.2.36
23.212.251.211
23.220.136.194
23.220.136.208
23.220.138.160
23.50.125.215
3.209.177.222
3.216.220.116
3.218.122.15
3.33.220.150
34.111.113.62
34.120.111.33
34.199.40.84
34.200.65.202
34.225.177.85
34.235.214.237
34.235.229.79
34.36.214.49
34.36.216.150
34.95.69.49
34.98.64.218
35.169.74.221
35.211.178.172
35.244.154.8
35.244.159.8
35.244.193.51
35.71.139.29
35.80.197.229
44.221.33.54
44.239.184.8
45.55.107.24
45.55.126.71
50.16.197.56
51.222.39.184
51.222.39.186
52.223.22.214
52.34.45.222
52.46.130.91
52.46.155.104
52.71.41.146
54.147.209.196
54.228.55.244
54.229.120.84
54.74.208.53
63.251.28.211
63.251.28.230
68.67.160.24
68.67.161.182
69.166.1.34
69.166.1.64
69.173.146.5
69.173.151.96
69.194.240.11
69.194.240.13
69.194.242.12
74.119.117.17
74.119.117.25
74.125.142.120
74.125.192.101
8.2.110.134
96.46.186.15
96.46.186.182
003ebef3df0e3f053e8c9535b204beb9ed81b8d47dbad9d0551490c5ba754149
052982ec072f843935934487be0e2fc80143c086f0cc62e8e0a88a6f6518beec
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d728dfa79038756273ea08258b696995fac825fa530a32ffac8a9aa902082a7
0dbfbd1761c76951810ffe8d82bd36cc4d71a60f38303c197fb6825cd3b182e8
0e6793d503dab31054f9bd9fae79408db374713aa1b8524b678feb477e292b1e
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
11a1435ee52c903ca4bb1b08d8210d7e0ca6f16926affe141a69c77c60c2b1a7
1496cea08e7ac44104efe649a470e218e418b6a591d4d8442029bd72cd51e764
15092c79f371f7c16724c48298236db2e845980777554f304640224b08f68d8f
16dc6c08d1383ce96476fb0b651b79fbe89529d601bead76f00321c7d021104e
17712c90e8473e3a5c2f70a4399e79ba0687d7be77d3aa642870f27a1c13da94
17a9b1943f50a130af854afbd05878dc7f26f835a127531ee7c785522731818b
18ee0cebf25ae51aefa21befd2459e9cf3e5447fd0b42236a8cb340821b79a23
19ad3112b9e1c4418e64b5ab28b565ee92f4e437376e4c6f14c76b5206f1e8d8
1a33db5f8a4f01546026230077598c9d2b4892a33089f5927f1402c506d2d8e2
1b15244213ddd5961531ecee7af97945eefb265dd4c5d6229e94ed03d6e09a13
2011648ca1a9842507fab6cb7e04703a2ddb176d0828afb61f108176f2b43831
2175ad8124e9bcb46467b188eb1e2c04c911b791251e8354ff7d6dc344f4a2ba
22e38b509fcd6cf58f2f90b18fbf1bf2d1cd5b15f01d1709cf308e130efdbad6
26501a1ea54927eb684a57374525d72bb7112e5036a8f73dfb9890a34fb08871
27ab5efb25da771eaeca1c206910a18f3dcd010f78d6eb8274b9d87f87c5f80b
284f79d739255f4afadd904e2e0d73db0fd83ba3d817f6142ba57d5253b71082
2b30624a438ee8511adaffc6e5440787f752262285e372a4df150d6280a5197c
2c7f27b038b4586c8a83a8371f83f2b94964056988ac5994a7345785460924bb
2ef3a4286faff633973c053b65a757db906d09239afbacfce62c5cca33df00d7
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3148b503996601811f2abcc09d7309d321d02d144c93243b4b914c00b36d87d7
3424a83f8f364423a1fa6e21a05aacc2a31993cc63e2880fe2a8fc0381fa4177
35d2e15c09a0fcacb63f8fbce898dc170fe6fefac6902e76763d639e2ddd4886
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
3ce3a46873787073321f6a9d295a7f812911dec677e61a2bd371fbf5568ccbe9
3d24d1573c1b136838cd4bafda3617fdd7eaf262737f1b491a0067d12de8f68d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fd505862e23d3e89042b2972baaad83bd1a70629a226c0ecd310df3b21ddeb8
41cee572622e55c51a0229bd489312e2b9bcc0ac84d8001f4527d2cfc9700fb7
42216924c4617484773478a725bcce3ef169766044d3e0f5b0923aa110e9b59d
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
439076ab5f5d001d675bd42ff003bc465232c53571cd25e1a1358a71b890e3f2
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4637d1b705d205538a0da9fa75d7b0d161ccaef6b8f490c8e8f39a19ef5024a8
488ef78d5994c69552e00e801a786e5c9fb0a5e9746c3cd3437471269a6fd857
48fbe032c62aaa1d0daca03b0ee2e9088f330d8513595107a3c19177af9e23a1
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
54a3c22471eb349be5aeff8928609c0fc5b80cc0f73a6ba3823e8808d54af1dd
54f24f2f2872bf3847fd19cb57c2ab27579891add4480d5452cb41c1f3b3531e
55e2bc0de80dec3d96b000d97adcb7a1cce1e7260555f4141f5677a91c730dbe
57e30f191bec3bcb919f18dc014c7124dd24e9f0755f2abdde9ac3ccb8d161de
59c78797d7084c27934e635551fee1cb648ea355ca724194ad84d48dca29b13c
5cd126c39326027cbabeddc9195956bdd656af48ed3417cd5263b472b606bde3
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
614b1e20764995f612e457e69606b7cbf0ff31172b4a6b85b089ae636727acd1
618f84de04f8a165a6d22328816b618433d49c5f50706d033436ea0cc0e1a9a0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f429ff602005792e3f37ab914f227f85dc844252e520140c0362d383575f04
62242328d378c674e8a96cf868969dbcb45f278c5750be3981d7bdb2b5a00c68
62e078598c7c6f18e612a42a47e3daa3d56ee6825cf9ffcd1111f144b9b1a00a
6509c2246867a22fb749ca7f309184efc76bdca164df1c1dbe178857016c5e9d
697aa3497442816bfe0b7d21e589a64380c82100c171ba862bc784f29d678575
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9076524926d9f3a5a1d2e991f7d761c437b78d88ed573ec3d8c0ca90731068
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
73dcbada170d574260e860070597159c83851a7b526b0fba9dd497f1267a8254
7437ba35f0e3dae66bc90e8393f5ed55c5d04ec0cd0b743b26fa1d32a92ad857
79bbed73164193c229f135eb2be44af35044bdb845cec6ad0372901d9800c9e4
7d95141288765628f6b70a23af724709cfcae903e9907d65552dc38fd5ff2dc5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85f08b5f51e36ca7e961a033c6bb61d7f0e44aa0984646383ecac648e98fdcc8
862831ec6ae883ff7d7ca6d9a0ab56daf485c4a01612b964feae4a0d85b9e9a0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9136bade543711f30968a2e86342f889413086a172b7339ba2365b3579ce9294
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
93a57aba9610c7dbf929c7978f9529890c32c01982d90ae75c6445c9a3e0fa58
9aff67207c751e2410d82062275cbbce494d88e6a054b36eeb65fea942b92244
9ce5f47fb6595364ea9e3e39c26a32068095811aa5f761c095390abcbde493ed
9e110b3135505409a72f674d2572ac6e13437fa3ae503bcb23cabd3c2e852a49
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c5fd9a868bc9bd662e0dbd696fbe93a21d99790dc593e772440a1a2fc00901
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a28b3602e32fb6fff572c9e9a8bfad0291e5868afbe7235052350e738ae2b5a8
a73c06aaf73db35a3172554f3f80dc0c7b8059dd9bfb2449744b16f7769d3901
a84968788428f98d340f10ada89ecab924a68eea26aaafc0c424edc981a7697e
a9d0a668bbfb705e317d51bfaabf290c28cca253877bc8ca0885af764860c945
aa9f7ee9c797cea90f50a4ee50dac63c9615d4576c6698f94207836cd785fc93
abce51476c992eaaacd53b9b0f4ef97b8d9ceaacad89e706a3bde801ed30e6e4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
adbeada8c01262462b628a6868bfe065dfcf881fb1906ed2ba9479e4e58a09f5
ae9cce9feff9a918079fbf000ca8e0117b251fb3a9ec9a5c35a1ec9f084a42aa
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
aff29bea3eb01d73c6f9b5b41867f0d3a9cec6204e88822a99dd6fdbbcc34e4a
b29027f5e7c5b3374f5530f61e19c89e5915142c4f13223e5f48ddfb1ef76cba
b324ac1e13644992d861fd2643c14699dca7eba929b7151f04417612f190da70
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd0f62b52da741cb7272979508022fa0f075aaaa58a28db83501bf27fbf9d002
c14e1d2d6a28bc45adc3582de9fa60440e534f3aed78eb56dc88109fa3fac033
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c45bab8ef64de3fb489a29cce849b32856df092bbebe55b21551705ddf333485
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99558fc6ef205ec358d6ac68ec549d6972949f3cdca2be0aed2a2b3c165c17f
cc77dc77f2acb1d2781f3d6a45131816596a2f47f90eb52bbbda7ff6dc22697a
cc98cc677b4c61d9355e20e3dcc9e4951077ad6fef064274e59692c7ddc9dede
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
ce256114c6eb1ceb2ec40927bff1f4eacfa720bd22cbb4e18349691db851a208
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cee1bd5e01ed194ed9211d280aebe15999582d614189cafab2239e5001093613
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1517c2eb751a39f79cb9b6746ab739b672ae2100fd588097a6e27817db7fac2
d2b39ffcc4994277d64afbdc2fdf1f9320dd33207dba07a324f21a1bb67d4a27
d37e09a9d86650a49b5dc628252f6d2f8cdde7aaf663a360a26ab64dc8d3e5cf
d3a907d4b0f9a39e4a48b6599399231a99ad394959ee4e7ce781ad7ae3701950
d3b002436aee6955d8a1bf81271b370dc0d7d374d1983a962c46853b27128649
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d5dad8fd1c5b9b9e72a5b6a8800c4a020732319fe258df1528262691bb5e2cc7
d9ae0cc0755ea3b042acde2932d6885c1dcbcc785cae4ec96958540302727b66
db1b35effe55b2ab174de8fecc0e788d3549c66577d6ab80b36dd4910ee3afe5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326
e04fac291ed7390663cdbe1edec4d3565b60f84191a9827009bcb75b823dc635
e19a30d7d8b2a0a2d1b061e0d63cf287ed9df54c77d521548783a0d21f37eb46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52a25dff4cb420d988e54a6f675994f6771bdd61906ed4bfb06418761f3649f
e6e713c07c84b3ba39e13f6e1aa79463a0c893550a0839d83b2a652466988dda
ea8671f96a8e0b142183093a6076245462506cf3ba53b3e098e54676c9b5eaf3
eb00c7150308a05bcbc4588a314a479b671b4b51f4ffa3b93132f8682d21142a
ebea91d3ed3205c263c117ec09c5623646b69f056a1cbc4c40055b7ad764fc3a
ecfda2a1a2411ea1f4ad1904a83069d02229ef72ce33c2ba195e2d432ef12757
ed5f496f0622d4077d28e7faa4143f8e96556684d16623f3e9c01a0d3d499544
ef70ac1bba6550ed4f4beeab8a20c96b4d4c23eca334d2cfe07f0331695dbad5
f109fb86a2063da780a15199ec713f0446549160684bc05c3ef6829652dd428d
f17cdc5fff86f722fdea7e0aa5b476a1a28b8799967cf9a4c6c4dffc97903f9b
f2a18b531ff1414497daa7b9aa46711ea3e23fc744d50e0297f9da1f16be2c6c
f2c6f76872060ce9794a05714c3f1f9655763d9ccb59a7af5dc10ade7b79291f
f4073940d3a4bf5b44f2065ad230c41c6f6343bcf04015ab21b5a4ebb64b5938
f54a35a0864bbb5c6162283c63965101f951386e1414f5ce4e080a7399c4b51d
f63960e229b698e2cae4fde25c325448f9cb8764d89bd01eae1935c36ef2a8cf
f80bd049512b884446db797cc3c8193aa1eb91a1f1aaf59829a5c0a8a12eb1a1
f885d151802fe1bfb1e8934f509ccec2ceed30c8fd61dc02322637ef0895b928
fabbf870587c20b6062a17691e53f7f443268bb45484b8b387ab6c19b8a9db2b
fb8e4d3ea8a06ffd5547cf08fc0614b9b8c0646133a64adf6bb37ba588d63b3d
fc403cbd4ade5637b8d40b560048594868cf987b378c1e71337fd25f8481d8de
fef73f5a70ccb8745fb00810408eac80b31eeb4fa66aeb97d2606c54188d0ed4